Skip to content

docs: ADR 0012 — session-model migration (all 10 decisions + 5 obligations) #1108

docs: ADR 0012 — session-model migration (all 10 decisions + 5 obligations)

docs: ADR 0012 — session-model migration (all 10 decisions + 5 obligations) #1108

Workflow file for this run

name: Pre-Commit Quality Checks
on:
push:
branches: [ main, pre-commit, develop ]
pull_request:
branches: [ main, develop ]
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Cache pre-commit environments
uses: actions/cache@v3
with:
path: ~/.cache/pre-commit
key: pre-commit-${{ runner.os }}-${{ hashFiles('.pre-commit-config.yaml') }}
restore-keys: |
pre-commit-${{ runner.os }}-
- name: Install pre-commit
run: pip install pre-commit
- name: Run pre-commit hooks
run: pre-commit run --all-files --show-diff-on-failure
- name: Upload pre-commit cache
if: failure()
uses: actions/cache/save@v3
with:
path: ~/.cache/pre-commit
key: pre-commit-${{ runner.os }}-${{ hashFiles('.pre-commit-config.yaml') }}
quality-checks:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Cache pip dependencies
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: pip-${{ runner.os }}-${{ hashFiles('requirements-dev.txt') }}
restore-keys: |
pip-${{ runner.os }}-
- name: Install dependencies
run: |
pip install --upgrade pip
pip install -r requirements.txt
pip install -r requirements-dev.txt
- name: Type check with MyPy
run: mypy src/ --config-file=pyproject.toml
- name: Check docstrings with pydocstyle
run: pydocstyle src/ --config=pyproject.toml
- name: Check code formatting with Black
run: black --check src/
- name: Check import sorting with isort
run: isort --check-only --profile black src/
- name: Lint with flake8
run: flake8 src/ --max-line-length=88 --extend-ignore=E203
- name: Security scan with bandit
run: bandit -r src/ -c pyproject.toml
- name: Security scan with detect-secrets
run: detect-secrets scan --baseline .secrets.baseline
- name: Generate quality report
if: always()
run: |
echo "## Code Quality Report" >> $GITHUB_STEP_SUMMARY
echo "| Check | Status |" >> $GITHUB_STEP_SUMMARY
echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY
# MyPy check
if mypy src/ --config-file=pyproject.toml > /dev/null 2>&1; then
echo "| MyPy Type Check | ✅ Passed |" >> $GITHUB_STEP_SUMMARY
else
echo "| MyPy Type Check | ❌ Failed |" >> $GITHUB_STEP_SUMMARY
fi
# pydocstyle check
if pydocstyle src/ --config=pyproject.toml > /dev/null 2>&1; then
echo "| Docstring Check | ✅ Passed |" >> $GITHUB_STEP_SUMMARY
else
echo "| Docstring Check | ❌ Failed |" >> $GITHUB_STEP_SUMMARY
fi
# Black check
if black --check src/ > /dev/null 2>&1; then
echo "| Black Formatting | ✅ Passed |" >> $GITHUB_STEP_SUMMARY
else
echo "| Black Formatting | ❌ Failed |" >> $GITHUB_STEP_SUMMARY
fi
# isort check
if isort --check-only --profile black src/ > /dev/null 2>&1; then
echo "| isort Import Order | ✅ Passed |" >> $GITHUB_STEP_SUMMARY
else
echo "| isort Import Order | ❌ Failed |" >> $GITHUB_STEP_SUMMARY
fi
# flake8 check
if flake8 src/ --max-line-length=88 --extend-ignore=E203 > /dev/null 2>&1; then
echo "| flake8 Linting | ✅ Passed |" >> $GITHUB_STEP_SUMMARY
else
echo "| flake8 Linting | ❌ Failed |" >> $GITHUB_STEP_SUMMARY
fi
# bandit check
if bandit -r src/ -c pyproject.toml > /dev/null 2>&1; then
echo "| Bandit Security | ✅ Passed |" >> $GITHUB_STEP_SUMMARY
else
echo "| Bandit Security | ❌ Failed |" >> $GITHUB_STEP_SUMMARY
fi
# detect-secrets check
if detect-secrets scan --baseline .secrets.baseline > /dev/null 2>&1; then
echo "| Secrets Detection | ✅ Passed |" >> $GITHUB_STEP_SUMMARY
else
echo "| Secrets Detection | ❌ Failed |" >> $GITHUB_STEP_SUMMARY
fi