Skip to content

chore(deps)(deps): bump the github-actions group with 7 updates #19

chore(deps)(deps): bump the github-actions group with 7 updates

chore(deps)(deps): bump the github-actions group with 7 updates #19

Workflow file for this run

name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
pull-requests: write
checks: write
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
jobs:
lint:
name: Lint template source
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v6
- name: Check Clean Architecture boundaries
run: |
if rg "from.*\.(application|infrastructure|presentation|config|ai)" \
template/backend/src/ \
--glob "**/core/**" \
--type-add "pytpl:*.py.jinja" \
--type py --type pytpl; then
echo "::error::Core layer contains outward imports"
exit 1
fi
echo "Clean Architecture boundaries OK"
- name: Check no Final[] on constants
run: |
if rg "^[A-Z_][A-Z0-9_]*\s*:\s*Final" \
template/backend/src \
--type-add "pytpl:*.py.jinja" \
--type py --type pytpl; then
echo "::error::Found Final[] annotations on module-level constants"
exit 1
fi
echo "Convention check OK"
validate-template:
name: Validate template rendering
runs-on: ubuntu-latest
timeout-minutes: 10
needs: [lint]
steps:
- uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v8.1.0
with:
enable-cache: false
- name: Configure git author
run: |
git config --global user.name "CI Bot"
git config --global user.email "ci@test.local"
- name: Run validation script
run: python scripts/validate-template.py
render:
name: Render smoke test
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Install uv
uses: astral-sh/setup-uv@v8.1.0
with:
enable-cache: false
- name: Configure git author for post-copy tasks
run: |
git config --global user.name "CI Bot"
git config --global user.email "ci@test.local"
- name: Render template
run: |
uvx copier copy --trust --defaults --vcs-ref HEAD \
-d project_name="CI Test Project" \
-d project_slug="ci_test_project" \
-d project_description="CI smoke test" \
-d author_name="CI Bot" \
-d author_email="ci@test.local" \
-d github_username="ci-bot" \
. /tmp/ci-test-render
- name: Verify rendered output
run: |
for f in backend/pyproject.toml frontend/package.json .github/workflows/ci.yml; do
if [ ! -f "/tmp/ci-test-render/$f" ]; then
echo "::error::Missing expected file: $f"
exit 1
fi
done
echo "Render smoke test OK"
rendered-tests:
name: Rendered project checks (backend + frontend + integration)
runs-on: ubuntu-latest
timeout-minutes: 30
needs: [render]
services:
postgres:
image: postgres:17-alpine
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: ci_test_project_test
ports:
- 5432:5432
options: >-
--health-cmd "pg_isready -U postgres"
--health-interval 10s
--health-timeout 5s
--health-retries 5
redis:
image: redis:7-alpine
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Install uv
uses: astral-sh/setup-uv@v8.1.0
with:
enable-cache: false
- name: Install Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- name: Configure git author for post-copy tasks
run: |
git config --global user.name "CI Bot"
git config --global user.email "ci@test.local"
- name: Render template
run: |
uvx copier copy --trust --defaults --vcs-ref HEAD \
-d project_name="CI Test Project" \
-d project_slug="ci_test_project" \
-d project_description="CI rendered test suite" \
-d author_name="CI Bot" \
-d author_email="ci@test.local" \
-d github_username="ci-bot" \
. /tmp/ci-test-render
- name: Backend lint/type/security
working-directory: /tmp/ci-test-render/backend
run: |
uv sync --all-extras
uv run tox -e lint,typecheck,security
- name: Backend unit + property tests
working-directory: /tmp/ci-test-render/backend
run: uv run tox -e py313
- name: Backend integration tests
working-directory: /tmp/ci-test-render/backend
env:
CI_TEST_PROJECT_ENVIRONMENT: test
CI_TEST_PROJECT_DATABASE_URL: postgresql+psycopg://postgres:postgres@localhost:5432/ci_test_project_test
CI_TEST_PROJECT_REDIS_URL: redis://localhost:6379/0
run: uv run tox -e integration
- name: Frontend lint/type/tests
working-directory: /tmp/ci-test-render/frontend
run: |
bun install
bun run lint
bun run typecheck
bun run test
pre-commit:
name: Pre-commit hooks
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.12"
- name: Install uv
uses: astral-sh/setup-uv@v8.1.0
with:
enable-cache: false
- name: Run pre-commit
run: uvx pre-commit run --all-files
env:
SKIP: no-commit-to-branch,template-verify-all,template-render-smoke,template-rendered-tests
links:
name: Check links
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v6
- name: Check markdown links
uses: lycheeverse/lychee-action@v2
with:
args: >-
--no-progress
--config .lychee.toml
"**/*.md"
fail: true
shellcheck:
name: ShellCheck
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v6
- name: Lint shell scripts
run: shellcheck --severity=warning .github/hooks/scripts/*.sh scripts/*.sh