Code security fixes #8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main, develop] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| FORCE_COLOR: 1 | |
| jobs: | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install ruff black isort mypy | |
| - name: Run ruff | |
| run: ruff check python/ | |
| - name: Run black (check) | |
| run: black --check python/ | |
| - name: Run isort (check) | |
| run: isort --check-only python/ | |
| test-python: | |
| name: Test Python ${{ matrix.python-version }} on ${{ matrix.os }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest, macos-latest] | |
| python-version: ["3.9", "3.10", "3.11", "3.12"] | |
| exclude: | |
| # Reduce CI time by not testing all combinations | |
| - os: macos-latest | |
| python-version: "3.9" | |
| - os: windows-latest | |
| python-version: "3.9" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pytest pytest-cov numpy | |
| - name: Install package (editable) | |
| run: | | |
| pip install -e . --no-build-isolation || pip install numpy | |
| - name: Run tests | |
| run: | | |
| cd tests | |
| python -m pytest test_phase3_*.py test_phase4_*.py -v --tb=short | |
| continue-on-error: true | |
| - name: Run Python module tests | |
| run: | | |
| python -c "import sys; sys.path.insert(0, 'python'); from pyflame.data import Dataset; print('Data module OK')" | |
| python -c "import sys; sys.path.insert(0, 'python'); from pyflame.training import Trainer; print('Training module OK')" | |
| python -c "import sys; sys.path.insert(0, 'python'); from pyflame.metrics import Accuracy; print('Metrics module OK')" | |
| python -c "import sys; sys.path.insert(0, 'python'); from pyflame.tools import Profiler; print('Tools module OK')" | |
| python -c "import sys; sys.path.insert(0, 'python'); from pyflame.serving import InferenceEngine; print('Serving module OK')" | |
| python -c "import sys; sys.path.insert(0, 'python'); from pyflame.benchmarks import BenchmarkRunner; print('Benchmarks module OK')" | |
| python -c "import sys; sys.path.insert(0, 'python'); from pyflame.extend import Plugin; print('Extend module OK')" | |
| build: | |
| name: Build on ${{ matrix.os }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest, macos-latest] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install build dependencies (Linux) | |
| if: runner.os == 'Linux' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y cmake ninja-build | |
| - name: Install build dependencies (macOS) | |
| if: runner.os == 'macOS' | |
| run: | | |
| brew install cmake ninja | |
| - name: Install build dependencies (Windows) | |
| if: runner.os == 'Windows' | |
| run: | | |
| choco install cmake ninja -y | |
| - name: Install Python dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build wheel scikit-build-core pybind11 numpy | |
| - name: Build package | |
| run: | | |
| python -m build --wheel | |
| continue-on-error: true | |
| - name: Upload wheel | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheel-${{ matrix.os }} | |
| path: dist/*.whl | |
| if: always() | |
| docs: | |
| name: Build Documentation | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install sphinx furo myst-parser sphinx-copybutton sphinx-autodoc-typehints | |
| - name: Build docs | |
| run: | | |
| # Create minimal sphinx config if not exists | |
| if [ ! -f docs/conf.py ]; then | |
| mkdir -p docs/_build | |
| echo "Documentation build skipped - no conf.py" | |
| else | |
| cd docs && make html | |
| fi | |
| continue-on-error: true | |
| coverage: | |
| name: Coverage | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pytest pytest-cov numpy | |
| - name: Run tests with coverage | |
| run: | | |
| cd tests | |
| python -m pytest test_phase3_*.py test_phase4_*.py --cov=../python/pyflame --cov-report=xml -v | |
| continue-on-error: true | |
| - name: Upload coverage | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| files: tests/coverage.xml | |
| fail_ci_if_error: false |