rust-python-pe-packer/.github/workflows/ci.yml at main · codeamt/rust-python-pe-packer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
name: Continuous Integration

on:
  push:
    branches: [ main, master ]
  pull_request:
    branches: [ main, master ]

jobs:
  build-and-test:
    runs-on: ubuntu-latest
    name: "🧪 Build & Run Safety Suite"
    steps:
      - uses: actions/checkout@v4

      - name: "🦀 Set up Rust"
        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
          override: true
          components: clippy, rustfmt

      - name: "📦 Set up uv"
        uses: astral-sh/setup-uv@v2

      - name: "🧱 Install dependencies (dev + training extras)"
        run: |
          uv sync --extra dev --extra training

      - name: "⚙️ Build Rust extension (develop mode in uv env)"
        run: |
          uv run maturin develop --release

      - name: "🧹 Lint and format check"
        continue-on-error: true
        run: |
          cargo fmt -- --check
          cargo clippy -- -D warnings
          uv run black --check python/
          uv run ruff check python/
          uv run mypy python/

      - name: "🧪 Run Safety Test Suite"
        env:
          PYTHONPATH: ./python
        run: |
          echo "Running pytest safety checks..."
          uv run pytest -v python/tests/test_safety.py

      - name: "🧹 Cleanup build artifacts"
        if: always()
        run: |
          # Rust artifacts
          cargo clean || true
          rm -rf target/ target/wheels/ || true

          # Python native extensions (if any were built)
          find python/pe_packer -maxdepth 1 -name "_native*.so" -delete || true

          # Caches
          rm -rf .mypy_cache .pytest_cache || true
          # Dataset outputs (adjust path if used in tests)
          rm -rf training_data/ || true

      - name: "✅ Summary"
        if: success()
        run: echo "✅ All safety and CI checks passed."

      - name: "❌ Failure notice"
        if: failure()
        run: echo "❌ Safety suite failed. Blocking release."

  test:
    runs-on: ubuntu-latest
    name: "🧪 Python Tests (uv)"
    steps:
      - uses: actions/checkout@v4
      - uses: astral-sh/setup-uv@v2
      - name: Install dependencies
        run: uv sync --extra dev --extra training
      - name: Run tests
        run: uv run pytest -q python