name: Test Suite
on:
push:
branches: [ main, develop, "refactor/*" ]
pull_request:
branches: [ main ]
permissions:
contents: read
pull-requests: write
issues: write
env:
PYTHON_VERSION: "3.12"
jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
python-version: ["3.10", "3.11", "3.12"]
# TODO: Fix Windows tests - currently failing due to test isolation issues
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install uv
uses: astral-sh/setup-uv@v3
with:
enable-cache: true
cache-dependency-glob: "uv.lock"
- name: Install dependencies
run: |
uv pip install -e ".[test,dev]" --system
# Ensure pytest plugins are installed
uv pip install pytest-asyncio pytest-cov pytest-xdist pytest-mock pytest-randomly --system
- name: Lint with ruff
run: |
ruff check src tests --select E,F,I
ruff format src tests --check
- name: Type check with mypy
run: |
mypy src --ignore-missing-imports --no-strict-optional || true
- name: Run tests with coverage
id: test
run: |
python -m pytest tests/ --deselect=tests/test_property_based.py --deselect=tests/test_performance_benchmarks.py --cov=src/lifecycle_mcp --cov-report=xml --cov-report=html --cov-report=term --cov-fail-under=50
env:
PYTHONIOENCODING: utf-8
PYTHONUTF8: 1
- name: Upload coverage reports
uses: codecov/codecov-action@v4
with:
file: ./coverage.xml
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
if: always()
- name: Generate coverage report comment (Linux only)
if: github.event_name == 'pull_request' && steps.test.outcome == 'success' && runner.os == 'Linux'
uses: py-cov-action/python-coverage-comment-action@v3
with:
GITHUB_TOKEN: ${{ github.token }}
MINIMUM_GREEN: 50
MINIMUM_ORANGE: 40
continue-on-error: true
- name: Generate coverage summary for macOS/Windows
id: coverage
if: github.event_name == 'pull_request' && always() && runner.os != 'Linux'
uses: irongut/CodeCoverageSummary@v1.3.0
with:
filename: coverage.xml
badge: true
fail_below_min: false
format: markdown
hide_branch_rate: false
hide_complexity: true
indicators: true
output: both
thresholds: '40 50'
continue-on-error: true
- name: Add coverage PR comment (macOS/Windows)
if: github.event_name == 'pull_request' && always() && runner.os != 'Linux'
uses: marocchino/sticky-pull-request-comment@v2
with:
recreate: true
message: |
## Coverage Report (${{ runner.os }})
Coverage analysis completed on ${{ runner.os }} runner.
${{ steps.coverage.outcome == 'success' && 'Coverage report generated successfully.' || 'Coverage data not available - tests may not have run completely.' }}
Please check the full coverage report in the build artifacts.
- name: Store test results
if: always()
uses: actions/upload-artifact@v4
with:
name: test-results-${{ matrix.os }}-${{ matrix.python-version }}
path: |
htmlcov/
coverage.xml
.coverage
mutation-test:
runs-on: ubuntu-latest
needs: test
if: github.event_name == 'pull_request'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install dependencies
run: |
pip install mutmut
pip install -e ".[test]"
- name: Run mutation tests
run: |
mutmut run --paths-to-mutate=src/lifecycle_mcp --runner="python -m pytest -x -q" || true
mutmut results
- name: Store mutation test results
uses: actions/upload-artifact@v4
with:
name: mutation-test-results
path: .mutmut-cache
security-scan:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install security tools
run: |
pip install bandit[toml] safety
- name: Run Bandit security scan
run: |
bandit -r src/ --severity-level medium --exclude /tests || true
- name: Run safety check
run: |
safety check || true
