ci: add CI/CD (GitHub Actions), dependabot, and Claude workflows#7
Open
sarrafgsarraf wants to merge 1 commit into
Open
ci: add CI/CD (GitHub Actions), dependabot, and Claude workflows#7sarrafgsarraf wants to merge 1 commit into
sarrafgsarraf wants to merge 1 commit into
Conversation
Sets up CI/CD for the repo (previously none), modeled on the ZeroPath monorepo (cunningham) conventions: SHA-pinned actions, pinned tool versions, monthly grouped dependabot with a dedicated security group. - ci.yml: ruff lint + format check, pyright, pytest on Python 3.12 & 3.13, and build + verify (twine check + wheel import smoke, artifact upload). On version tags it also asserts the tag matches the package version. A `ci-ok` aggregate job gives one required status for branch protection. Build/verify only — nothing is published anywhere. - claude-code-review.yml + claude.yml: mirror cunningham's Claude bots (auto PR review + @claude mentions). Inert (step skipped, job green) until the ANTHROPIC_API_KEY secret is configured. - dependabot.yml: pip (uv) + github-actions, monthly, grouped, cooldowns. - pyproject.toml: [tool.ruff] line-length=120 (matches existing code) and [tool.pyright]; no dependency changes, so uv.lock stays valid. Verified locally: ruff check/format, pyright (0 errors), pytest 3.12 & 3.13 (32 passed each), uv build + twine check + wheel import all pass. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This repo had no CI/CD. This adds a full pipeline modeled on the ZeroPath monorepo (
cunningham) conventions — SHA-pinned actions, pinned tool versions, grouped monthly dependabot.CI (
.github/workflows/ci.yml) — runs on PRs, pushes tomain, and version tagsruff check+ruff format --check(ruff 0.15.1)pyrightagainst the uv-resolved environment (0 errors onmain)pytestmatrix on Python 3.12 and 3.13uv build→twine check→ wheel import smoke test → artifact upload. On av*tag it also asserts the tag matches the package version.Per decision, this is build/verify only — nothing is published to PyPI or anywhere else.
Dependabot (
.github/dependabot.yml)pip(uv/pyproject) +github-actions, monthly, grouped, with cooldowns and a dedicated security-updates group.Claude workflows (
.github/workflows/claude-code-review.yml,claude.yml)Mirror
cunningham's Claude bots (auto PR review +@claudementions). They are inert (review step skipped, job stays green) until anANTHROPIC_API_KEYrepository secret is added.Config
pyproject.tomlgains[tool.ruff](line-length = 120, matching the existing code so no reformatting) and[tool.pyright]. No dependency changes, souv.lockis untouched.Test plan
Validated locally with the exact commands CI runs:
ruff check/ruff format --check— cleanpyright— 0 errorspyteston 3.12 and 3.13 — 32 passed eachuv build+twine check+ wheel import — pass🤖 Generated with Claude Code