Fix 7 additional issues from third comprehensive PR review #53
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Code Quality | |
| on: | |
| push: | |
| branches: [ main, develop, feature/* ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| pre-commit: | |
| name: Pre-commit hooks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pre-commit | |
| - name: Run pre-commit | |
| run: pre-commit run --all-files | |
| lint-and-format: | |
| name: Linting and Formatting | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ['3.10', '3.11', '3.12'] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e . || echo "Package install failed, installing dev deps directly" | |
| pip install black ruff isort | |
| - name: Check code formatting with Black | |
| run: black --check --diff . | |
| - name: Lint with Ruff | |
| run: ruff check . | |
| - name: Check import sorting with isort | |
| run: isort --check-only --diff . | |
| type-check: | |
| name: Type Checking | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e . || echo "Package install failed, installing deps directly" | |
| pip install mypy types-requests | |
| - name: Type check with MyPy | |
| run: mypy src/ | |
| security: | |
| name: Security Analysis | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install bandit[toml] safety | |
| - name: Run Bandit security linter | |
| run: bandit -r src/ -f json -o bandit-report.json || true | |
| - name: Upload Bandit report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: bandit-report | |
| path: bandit-report.json | |
| - name: Check dependencies for security vulnerabilities | |
| run: safety check --json --output safety-report.json || true | |
| - name: Upload Safety report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: safety-report | |
| path: safety-report.json | |
| complexity: | |
| name: Code Complexity Analysis | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install radon xenon | |
| - name: Run complexity analysis | |
| run: | | |
| echo "## Cyclomatic Complexity" >> complexity-report.md | |
| radon cc src/ -s >> complexity-report.md | |
| echo "" >> complexity-report.md | |
| echo "## Maintainability Index" >> complexity-report.md | |
| radon mi src/ -s >> complexity-report.md | |
| echo "" >> complexity-report.md | |
| echo "## Raw Metrics" >> complexity-report.md | |
| radon raw src/ -s >> complexity-report.md | |
| - name: Check complexity thresholds | |
| run: xenon --max-absolute B --max-modules B --max-average A src/ | |
| - name: Upload complexity report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: complexity-report | |
| path: complexity-report.md | |
| test-coverage: | |
| name: Test Coverage | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e . || echo "Package install failed, installing deps directly" | |
| pip install pytest pytest-cov pytest-asyncio pytest-mock coverage | |
| - name: Run tests with coverage | |
| run: | | |
| pytest --cov=src/mujoco_mcp --cov-report=xml --cov-report=html --cov-report=term-missing | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./coverage.xml | |
| flags: unittests | |
| name: codecov-umbrella | |
| - name: Upload coverage report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: coverage-report | |
| path: htmlcov/ | |
| quality-gate: | |
| name: Quality Gate | |
| runs-on: ubuntu-latest | |
| needs: [pre-commit, lint-and-format, type-check, security, complexity, test-coverage] | |
| if: always() | |
| steps: | |
| - name: Check all jobs status | |
| run: | | |
| if [[ "${{ needs.pre-commit.result }}" == "failure" || \ | |
| "${{ needs.lint-and-format.result }}" == "failure" || \ | |
| "${{ needs.type-check.result }}" == "failure" || \ | |
| "${{ needs.security.result }}" == "failure" || \ | |
| "${{ needs.complexity.result }}" == "failure" || \ | |
| "${{ needs.test-coverage.result }}" == "failure" ]]; then | |
| echo "❌ Quality gate failed - some checks did not pass" | |
| exit 1 | |
| else | |
| echo "✅ Quality gate passed - all checks successful" | |
| fi |