Summary
Introduce a centralized noxfile.py to manage dev and CI automation tasks in a Python-native, composable format. This will reduce redundancy across CI workflows and provide a uniform interface for local development and testing.
Design Goals
Implementation Tasks
Acceptance Criteria
- All existing CI logic runs through
nox
- Local development mirrors CI with one-command tasks
- Each workflow runs at or below current runtime thresholds
- Redundant tool declarations in workflows are removed
- All tool configs are centralized in
pyproject.toml
Dependencies
Milestone
Milestone: v0.4.0 – Unified Developer Tooling
Nox will form the automation backbone of the development lifecycle, enabling reproducible local workflows and simplifying CI/CD orchestration.
Summary
Introduce a centralized
noxfile.pyto manage dev and CI automation tasks in a Python-native, composable format. This will reduce redundancy across CI workflows and provide a uniform interface for local development and testing.Design Goals
Define reusable sessions for:
lint:black,isort,flake8typecheck:mypysecurity:bandit,safety,pip-auditsecrets: invoke TruffleHog (or shell out as needed)tests:pytestsbom: optional CycloneDX or Trivy wrapperReplace workflow boilerplate by executing:
nox -s lintnox -s testsnox -s securityImplementation Tasks
noxfile.pyin project rootlint,typecheck,security,tests,sbom,formatmake lintorpytestwithnoxnoxcommands in place of rawpip installand repeatedrun: ...blocksAcceptance Criteria
noxpyproject.tomlDependencies
setup.cfgintopyproject.toml(#XYZ)Milestone
Milestone: v0.4.0 – Unified Developer Tooling
Nox will form the automation backbone of the development lifecycle, enabling reproducible local workflows and simplifying CI/CD orchestration.