Skip to content

[Automation] Introduce noxfile.py to consolidate dev tooling and CI tasks #97

Description

@williaby

Summary

Introduce a centralized noxfile.py to manage dev and CI automation tasks in a Python-native, composable format. This will reduce redundancy across CI workflows and provide a uniform interface for local development and testing.


Design Goals

  • Define reusable sessions for:

    • lint: black, isort, flake8
    • typecheck: mypy
    • security: bandit, safety, pip-audit
    • secrets: invoke TruffleHog (or shell out as needed)
    • tests: pytest
    • sbom: optional CycloneDX or Trivy wrapper
  • Replace workflow boilerplate by executing:

    • nox -s lint
    • nox -s tests
    • nox -s security

Implementation Tasks

  • Create noxfile.py in project root
  • Define sessions: lint, typecheck, security, tests, sbom, format
  • Install session dependencies using Poetry or pip-tools
  • Update local docs: replace make lint or pytest with nox
  • Refactor CI jobs to use nox commands in place of raw pip install and repeated run: ... blocks

Acceptance Criteria

  • All existing CI logic runs through nox
  • Local development mirrors CI with one-command tasks
  • Each workflow runs at or below current runtime thresholds
  • Redundant tool declarations in workflows are removed
  • All tool configs are centralized in pyproject.toml

Dependencies


Milestone

Milestone: v0.4.0 – Unified Developer Tooling

Nox will form the automation backbone of the development lifecycle, enabling reproducible local workflows and simplifying CI/CD orchestration.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions