Automation: Direction

[github-actions]

Last generated: 2026-01-22T18:43:32.886Z
Provider: openai
Model: gpt-5.2

Summary

Modernize and stabilize CI for eli5 by (1) removing legacy Travis-only paths, (2) consolidating the current “auto-*” workflow sprawl into a small, reliable test/release pipeline, and (3) pinning/controlling dependency matrices (especially scikit-learn/xgboost) to reduce flaky failures and maintenance toil.

Direction (what and why)

What: Establish a single source of truth for test execution (tox), run it in one primary GitHub Actions workflow (plus a scheduled weekly run), and keep dependency compatibility explicit via a small, intentional matrix (min/locked/latest). Deprecate/disable repository-level automation workflows that don’t directly improve signal for this library (many auto-* workflows appear templated/synced and add noise/cost).

Why: This repo is a Python library with meaningful dependency surface (sklearn/xgboost/catboost/lightgbm/keras, optional integrations). Reliability comes from:

• consistent env creation (tox),
• explicit constraints,
• fewer workflows with clear ownership,
• predictable test coverage and packaging checks.

Plan (next 1–3 steps)

1) Add a single, canonical CI workflow that runs tox (and make it the required check)

Create: .github/workflows/ci.yml

• Triggers: pull_request, push to master, and workflow_dispatch.
• Use actions/setup-python with a small matrix:
  • Python: 3.9, 3.11, 3.12 (adjust if project policy differs)
  • Env flavors via tox: py39, py311, py312
  • Add one constrained job (minimum/locked) using constraints-test.txt
• Steps:
  • pip install -U pip setuptools wheel
  • pip install -U tox tox-gh-actions
  • tox (or tox -e py311 per job)
  • Upload coverage only once (e.g., py311 job) if desired.
    Update: tox.ini
• Ensure environments exist for each Python version in the matrix.
• Add a lint env only if the repo already has config (don’t introduce new tooling yet unless required).
  Outcome: One clear check per PR, easy to reproduce locally with tox -e ....

2) Reduce workflow noise: quarantine or disable nonessential auto-* workflows

Move to manual-only or disable by default the templated automation workflows that don’t directly validate code:

• For each workflow in .github/workflows/auto-*.yml, either:
  • add on: workflow_dispatch only, or
  • add a repository variable gate (e.g., if: vars.ENABLE_AUTOMATION == 'true')
    Keep only:
• ci.yml (new)
• auto-sec-scan.yml (if it’s actively maintained and low-noise)
• workflows-sync.yml (only if required by org governance; otherwise gate it too)
  Outcome: PR checks are understandable; Actions minutes and bot churn drop significantly.

3) Tighten dependency control & packaging verification

Update files:

• requirements-test.txt / constraints-test.txt: ensure they reflect a coherent “minimum supported” set.
• Add a packaging tox env:
  • python -m pip install build twine
  • python -m build
  • python -m twine check dist/*
    Optionally add: .github/workflows/release.yml later (tag-based) once CI is stable.
    Outcome: Fewer “works on my machine” dependency failures; releases won’t fail at publish time.

Risks/unknowns

• Python/sklearn support policy unclear: The matrix above may need aligning with setup.py/setup.cfg classifiers and actual supported sklearn versions.
• Optional integrations: catboost/lightgbm/keras may be heavy; running them in default CI could be slow/flaky. Recommendation: keep core tests default; add an extras/nightly job later.
• Current org-synced workflows: If governance requires them, gating (vars) is safer than deletion.
• Test suite expectations: If tests/ currently assumes specific versions, the min/locked job may initially fail and require small compatibility fixes.

Suggested tests

CI-level

• tox (default) on Python 3.9/3.11/3.12
• tox -e py311-min (or similar) using constraints-test.txt to validate minimum dependency set
• tox -e packaging to validate build artifacts

Local developer commands (document in README.rst or docs/contribute.rst)

• python -m pip install -U tox
• tox -e py311
• tox -e packaging

Verification checklist (short)

• New ci.yml runs on PRs and is green on a trivial change
• At least one constrained/min-deps job passes (or failures are understood and tracked)
• Nonessential auto-* workflows no longer run on every PR/push
• python -m build succeeds and twine check passes in CI