feat: add template infrastructure (2026-04-07 audit) #2
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Template CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| run: pip install ruff | |
| - name: Run ruff check | |
| run: ruff check scripts/ | |
| - name: Run ruff format check | |
| run: ruff format --check scripts/ | |
| types: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| run: pip install mypy | |
| - name: Run mypy | |
| run: mypy scripts/ | |
| tests: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest, macos-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| run: pip install -e ".[dev]" | |
| - name: Run tests | |
| run: pytest | |
| shellcheck: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Run shellcheck | |
| run: shellcheck scripts/setup.sh | |
| actionlint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install actionlint | |
| run: | | |
| bash <(curl -sS https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) | |
| echo "$PWD" >> "$GITHUB_PATH" | |
| - name: Run actionlint | |
| run: actionlint | |
| markdownlint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Run markdownlint | |
| run: npx markdownlint-cli2 "**/*.md" | |
| ci-passed: | |
| if: always() | |
| needs: [lint, types, tests, shellcheck, actionlint, markdownlint] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Verify all checks passed | |
| shell: bash | |
| run: | | |
| echo "Lint: ${{ needs.lint.result }}" | |
| echo "Types: ${{ needs.types.result }}" | |
| echo "Tests: ${{ needs.tests.result }}" | |
| echo "Shellcheck: ${{ needs.shellcheck.result }}" | |
| echo "Actionlint: ${{ needs.actionlint.result }}" | |
| echo "Markdownlint: ${{ needs.markdownlint.result }}" | |
| if [[ "${{ needs.lint.result }}" != "success" ]] || \ | |
| [[ "${{ needs.types.result }}" != "success" ]] || \ | |
| [[ "${{ needs.tests.result }}" != "success" ]] || \ | |
| [[ "${{ needs.shellcheck.result }}" != "success" ]] || \ | |
| [[ "${{ needs.actionlint.result }}" != "success" ]] || \ | |
| [[ "${{ needs.markdownlint.result }}" != "success" ]]; then | |
| echo "::error::One or more quality checks failed" | |
| exit 1 | |
| fi | |
| echo "All quality checks passed" |