fix: Colab notebook — fresh clone, remove GPU memory probe, add cwd g… #119
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ALMA-memory Continuous Integration | |
| # | |
| # This workflow runs on every push to main and on pull requests targeting main. | |
| # It performs comprehensive code quality checks including: | |
| # - Linting with ruff | |
| # - Code formatting checks with black | |
| # - Type checking with mypy | |
| # - Security analysis with bandit | |
| # - Unit and integration tests with pytest and coverage | |
| # | |
| # Python versions tested: 3.10, 3.11, 3.12 | |
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_call: # Allow this workflow to be called from release.yml | |
| workflow_dispatch: # Allow manual trigger for testing | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| PYTHON_DEFAULT: "3.11" | |
| jobs: | |
| # =========================================================================== | |
| # Linting and Code Quality | |
| # =========================================================================== | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-lint-${{ hashFiles('pyproject.toml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip-lint- | |
| ${{ runner.os }}-pip- | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install "ruff>=0.5.0" black mypy | |
| - name: Run ruff linter | |
| run: | | |
| ruff check alma/ tests/ --output-format=github | |
| # Note: Using ruff format only (not black) to avoid formatter conflicts | |
| # ruff format is faster and compatible with black style | |
| - name: Run ruff formatter check | |
| run: | | |
| ruff format --check alma/ tests/ | |
| # =========================================================================== | |
| # Type Checking | |
| # =========================================================================== | |
| type-check: | |
| name: Type Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-typecheck-${{ hashFiles('pyproject.toml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip-typecheck- | |
| ${{ runner.os }}-pip- | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e ".[dev]" | |
| pip install types-PyYAML types-python-dateutil | |
| - name: Run mypy | |
| run: | | |
| mypy alma/ --ignore-missing-imports --no-error-summary || true | |
| # Note: Using || true for now since the codebase may have existing type issues | |
| # Remove || true once type coverage is complete | |
| # =========================================================================== | |
| # Security Scanning | |
| # =========================================================================== | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-security-${{ hashFiles('pyproject.toml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip-security- | |
| ${{ runner.os }}-pip- | |
| - name: Install bandit | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install bandit[toml] | |
| - name: Run bandit security scan | |
| run: | | |
| bandit -r alma/ -c pyproject.toml -f json -o bandit-report.json || true | |
| bandit -r alma/ -c pyproject.toml -f txt || true | |
| # Note: Security scan reports issues but doesn't block CI | |
| # Issues are tracked in bandit-report.json artifact | |
| - name: Upload bandit report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: bandit-security-report | |
| path: bandit-report.json | |
| retention-days: 30 | |
| # =========================================================================== | |
| # Unit Tests with Coverage Matrix | |
| # =========================================================================== | |
| test: | |
| name: Test (Python ${{ matrix.python-version }}) | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: ["3.10", "3.11", "3.12"] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-test-${{ matrix.python-version }}-${{ hashFiles('pyproject.toml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip-test-${{ matrix.python-version }}- | |
| ${{ runner.os }}-pip-test- | |
| ${{ runner.os }}-pip- | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e ".[dev,mcp]" | |
| - name: Run unit tests with coverage | |
| run: | | |
| pytest tests/unit/ \ | |
| --cov=alma \ | |
| --cov-report=xml:coverage-${{ matrix.python-version }}.xml \ | |
| --cov-report=html:htmlcov-${{ matrix.python-version }} \ | |
| --cov-report=term-missing \ | |
| --cov-fail-under=50 \ | |
| -v \ | |
| --tb=short | |
| # Note: Coverage threshold lowered to 50% temporarily | |
| # Storage backends (Azure, PostgreSQL, file-based) need integration tests | |
| - name: Upload coverage report | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-report-${{ matrix.python-version }} | |
| path: | | |
| coverage-${{ matrix.python-version }}.xml | |
| htmlcov-${{ matrix.python-version }}/ | |
| retention-days: 30 | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| if: matrix.python-version == '3.11' | |
| with: | |
| files: coverage-${{ matrix.python-version }}.xml | |
| flags: unittests | |
| name: codecov-py${{ matrix.python-version }} | |
| fail_ci_if_error: false | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| # =========================================================================== | |
| # Integration Tests (runs after unit tests pass) | |
| # =========================================================================== | |
| integration-test: | |
| name: Integration Tests | |
| runs-on: ubuntu-latest | |
| needs: [test] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-integration-${{ hashFiles('pyproject.toml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip-integration- | |
| ${{ runner.os }}-pip- | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e ".[dev,mcp,local]" | |
| # Note: 'local' includes sentence-transformers for multi-agent tests | |
| - name: Run integration tests | |
| run: | | |
| pytest tests/integration/ \ | |
| -v \ | |
| --tb=short | |
| env: | |
| ALMA_TEST_MODE: "true" | |
| # Note: Integration tests don't have coverage requirement | |
| # Coverage is measured in unit tests | |
| # =========================================================================== | |
| # Build Verification | |
| # =========================================================================== | |
| build: | |
| name: Build Package | |
| runs-on: ubuntu-latest | |
| needs: [lint, test] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT }} | |
| - name: Install build dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build twine | |
| - name: Build package | |
| run: python -m build | |
| - name: Check package with twine | |
| run: twine check dist/* | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| retention-days: 7 | |
| # =========================================================================== | |
| # All Checks Passed Gate | |
| # =========================================================================== | |
| ci-success: | |
| name: CI Success | |
| runs-on: ubuntu-latest | |
| needs: [lint, type-check, security, test, integration-test, build] | |
| if: always() | |
| steps: | |
| - name: Check all jobs passed | |
| run: | | |
| if [[ "${{ needs.lint.result }}" != "success" ]] || \ | |
| [[ "${{ needs.test.result }}" != "success" ]] || \ | |
| [[ "${{ needs.build.result }}" != "success" ]]; then | |
| echo "One or more required jobs failed" | |
| exit 1 | |
| fi | |
| echo "All required CI checks passed!" |