Complete Phases 3-7: Quality Transformation to Production Standards (… #7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main, develop] | |
| workflow_dispatch: | |
| env: | |
| PYTHON_VERSION: "3.10" | |
| COVERAGE_THRESHOLD: 85 | |
| jobs: | |
| lint-and-type-check: | |
| name: Lint and Type Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: 'pip' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install ruff mypy types-requests | |
| - name: Run ruff linter | |
| run: | | |
| ruff check src/ --output-format=github | |
| continue-on-error: true | |
| - name: Run mypy type checker | |
| run: | | |
| mypy src/ --no-error-summary | |
| continue-on-error: true | |
| security-scan: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: 'pip' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install bandit[toml] safety | |
| - name: Run bandit security scanner | |
| run: | | |
| bandit -r src/ -f json -o bandit-report.json || true | |
| bandit -r src/ | |
| continue-on-error: true | |
| - name: Run safety vulnerability scanner | |
| run: | | |
| safety check --json || true | |
| safety check | |
| continue-on-error: true | |
| unit-tests: | |
| name: Unit Tests (Python ${{ matrix.python-version }}) | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| python-version: ["3.10", "3.11", "3.12"] | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| cache: 'pip' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e ".[test,dev]" | |
| - name: Run unit tests | |
| run: | | |
| pytest tests/unit/ -v --tb=short --junitxml=junit/test-results-${{ matrix.os }}-${{ matrix.python-version }}.xml | |
| - name: Upload test results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: test-results-${{ matrix.os }}-${{ matrix.python-version }} | |
| path: junit/test-results-*.xml | |
| integration-tests: | |
| name: Integration Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: 'pip' | |
| - name: Install system dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgl1-mesa-dev libgl1-mesa-glx libglfw3 libglew-dev | |
| - name: Install Python dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e ".[test,dev]" | |
| - name: Run integration tests | |
| run: | | |
| pytest tests/integration/ -v --tb=short --junitxml=junit/integration-results.xml | |
| continue-on-error: true | |
| - name: Upload integration test results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: integration-test-results | |
| path: junit/integration-results.xml | |
| coverage: | |
| name: Code Coverage | |
| runs-on: ubuntu-latest | |
| needs: [unit-tests] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: 'pip' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e ".[test,dev]" | |
| - name: Run tests with coverage | |
| run: | | |
| pytest tests/unit/ \ | |
| --cov=src/mujoco_mcp \ | |
| --cov-report=xml \ | |
| --cov-report=html \ | |
| --cov-report=term-missing \ | |
| --cov-branch | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| file: ./coverage.xml | |
| flags: unittests | |
| name: codecov-umbrella | |
| fail_ci_if_error: false | |
| - name: Upload coverage HTML | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-html | |
| path: htmlcov/ | |
| - name: Check coverage threshold | |
| run: | | |
| COVERAGE=$(python -c "import json; print(json.load(open('coverage.json'))['totals']['percent_covered'])") | |
| echo "Coverage: $COVERAGE%" | |
| if (( $(echo "$COVERAGE < $COVERAGE_THRESHOLD" | bc -l) )); then | |
| echo "::error::Coverage $COVERAGE% is below threshold $COVERAGE_THRESHOLD%" | |
| exit 1 | |
| fi | |
| build: | |
| name: Build Distribution | |
| runs-on: ubuntu-latest | |
| needs: [lint-and-type-check, unit-tests] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: 'pip' | |
| - name: Install build dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build twine | |
| - name: Build distribution | |
| run: | | |
| python -m build | |
| - name: Check distribution | |
| run: | | |
| twine check dist/* | |
| - name: Upload distribution | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| test-install: | |
| name: Test Installation | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Download distribution | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| - name: Install from wheel | |
| run: | | |
| pip install dist/*.whl | |
| - name: Test import | |
| run: | | |
| python -c "import mujoco_mcp; print(mujoco_mcp.__version__)" | |
| - name: Test CLI | |
| run: | | |
| mujoco-mcp --version || true | |
| publish-test-results: | |
| name: Publish Test Results | |
| runs-on: ubuntu-latest | |
| needs: [unit-tests, integration-tests] | |
| if: always() | |
| steps: | |
| - name: Download Artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: test-results-* | |
| path: test-results/ | |
| - name: Publish Test Results | |
| uses: EnricoMi/publish-unit-test-result-action@v2 | |
| if: always() | |
| with: | |
| files: test-results/**/*.xml | |
| check_name: Test Results |