Skip to content

Add comprehensive type hints to all Python functions #9

Add comprehensive type hints to all Python functions

Add comprehensive type hints to all Python functions #9

Workflow file for this run

name: CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
lint-python:
name: Lint Python Code
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install flake8 bandit
- name: Lint with flake8
run: |
# Stop on syntax errors or undefined names
flake8 monitor_and_sync.py --count --select=E9,F63,F7,F82 --show-source --statistics
# Exit-zero treats all errors as warnings
flake8 monitor_and_sync.py --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Security scan with bandit
run: |
# Fail on HIGH or CRITICAL severity issues only
bandit -r monitor_and_sync.py -f txt -ll
lint-shell:
name: Lint Shell Scripts
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install shellcheck
run: sudo apt-get update && sudo apt-get install -y shellcheck
- name: Lint bash scripts
run: |
# Fail build on shellcheck errors (warnings allowed)
shellcheck monitor_and_sync.sh
shellcheck install_service.sh
shellcheck setup_wizard.sh
shellcheck lib/error_handler.sh
shellcheck pi_scripts/refresh_usb_gadget.sh
shellcheck pi_scripts/refresh_usb_gadget_configfs.sh
shellcheck pi_scripts/refresh_usb_gadget_module.sh
echo "✓ All shell scripts passed shellcheck"
test-installation:
name: Test Installation
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Test dependency installation
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt --require-hashes
- name: Verify Python script syntax
run: |
python -m py_compile monitor_and_sync.py
- name: Check for required files
run: |
test -f monitor_and_sync.py
test -f monitor_and_sync.sh
test -f gcode-monitor.service
test -f config.example
test -f requirements.txt
test -f README.md
test -f LICENSE
test -f CODE_OF_CONDUCT.md
test -f CONTRIBUTING.md
test -f SECURITY.md
echo "✓ All required files present"
check-security:
name: Security Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check for secrets
run: |
# Check for common secret patterns
! grep -r "password.*=" --include="*.py" --include="*.sh" --include="*.md" . || true
! grep -r "api_key.*=" --include="*.py" --include="*.sh" . || true
echo "✓ No hardcoded secrets found"
- name: Verify gitignore
run: |
test -f .gitignore
grep -q "config.local" .gitignore
grep -q "*.key" .gitignore
grep -q "*.pem" .gitignore
echo "✓ Sensitive files properly gitignored"
test-suite:
name: Run Test Suite
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt --require-hashes
pip install pytest pytest-cov
- name: Run unit tests
run: |
pytest tests/unit -v --tb=short
- name: Run security tests
run: |
pytest tests/security -v --tb=short
- name: Run integration tests
run: |
pytest tests/integration -v --tb=short
- name: Run full test suite with coverage
run: |
pytest tests/ -v --cov=. --cov-report=term-missing --cov-report=html
echo "✓ All tests passed"
- name: Upload coverage report
if: always()
uses: actions/upload-artifact@v3
with:
name: coverage-report
path: htmlcov/