ci: Add DevOps quality assurance with pre-commit hooks and GitHub Actions

- Add pre-commit hooks: Ruff lint/format, Bandit security scan, YAML/TOML validation - Add GitHub Actions CI workflow: lint, security, test, and build jobs - Configure Ruff and Bandit in pyproject.toml - Add pytest test suite for build_epub.py (25 tests) - Fix code issues: exception chaining, httpx timeout, formatting - Add requirements.txt and requirements-dev.txt
2026-06-05 22:36:34 +02:00 · 2025-12-10 23:49:52 +01:00
parent 8b38c22f64
commit 540508f392
15 changed files with 1855 additions and 413 deletions
@@ -0,0 +1,106 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+# Cancel in-progress runs for the same branch
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  lint:
+    name: Lint & Format
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Set up Python
+        run: uv python install 3.11
+
+      - name: Install Ruff
+        run: uv pip install --system ruff
+
+      - name: Ruff Format Check
+        run: ruff format --check scripts/
+
+      - name: Ruff Lint Check
+        run: ruff check scripts/
+
+  security:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Set up Python
+        run: uv python install 3.11
+
+      - name: Install Bandit
+        run: uv pip install --system "bandit[toml]"
+
+      - name: Run Bandit Security Scan
+        run: bandit -c pyproject.toml -r scripts/ --exclude scripts/tests/
+
+  test:
+    name: Tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Set up Python
+        run: uv python install 3.11
+
+      - name: Install dependencies
+        run: |
+          uv pip install --system -r requirements.txt
+          uv pip install --system pytest pytest-asyncio
+
+      - name: Run Tests
+        run: pytest scripts/tests/ -v --tb=short
+
+  build:
+    name: Build EPUB
+    runs-on: ubuntu-latest
+    needs: [lint, security, test]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Build EPUB
+        run: uv run scripts/build_epub.py
+
+      - name: Verify EPUB Created
+        run: |
+          if [ -f claude-howto-guide.epub ]; then
+            echo "EPUB built successfully"
+            ls -lh claude-howto-guide.epub
+          else
+            echo "EPUB file not found!"
+            exit 1
+          fi
+
+      - name: Upload EPUB Artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: claude-howto-guide-epub
+          path: claude-howto-guide.epub
+          retention-days: 7