chore: Minor cleanup and dependency updates #18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| # Python Security Scanning | |
| python-security: | |
| name: Python Security Audit | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: python | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Set up Python | |
| uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 | |
| with: | |
| python-version: "3.11" | |
| - name: Install pip-audit | |
| run: pip install pip-audit | |
| - name: Run pip-audit on requirements | |
| run: pip-audit -r requirements.txt --strict | |
| - name: Install and audit full dependencies | |
| run: | | |
| pip install -e ".[all,dev]" | |
| pip-audit --strict | |
| # Python Memory MCP Server | |
| python-test: | |
| name: Python Tests | |
| runs-on: ubuntu-latest | |
| needs: [python-security] | |
| defaults: | |
| run: | |
| working-directory: python | |
| strategy: | |
| matrix: | |
| python-version: ["3.10", "3.11", "3.12"] | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ matrix.python-version }}-${{ hashFiles('python/pyproject.toml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip-${{ matrix.python-version }}- | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e ".[dev]" | |
| - name: Run linting (ruff) | |
| run: ruff check memory_mcp | |
| - name: Run formatting check (black) | |
| run: black --check memory_mcp | |
| - name: Run type checking (mypy) | |
| run: mypy memory_mcp --ignore-missing-imports | |
| continue-on-error: true # Don't fail on type errors initially | |
| - name: Run tests with coverage | |
| run: pytest --cov=memory_mcp --cov-report=xml --cov-report=term-missing | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 | |
| if: matrix.python-version == '3.11' | |
| with: | |
| files: ./python/coverage.xml | |
| flags: python | |
| fail_ci_if_error: false | |
| # TypeScript Extensions (OpenClaw memory bridge) | |
| typescript-test: | |
| name: TypeScript Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
| with: | |
| node-version: "20" | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@fe02b34f77f8bc703f13e12747e5dbb9b9f76f7e # v2.4.0 | |
| with: | |
| version: 8 | |
| - name: Get pnpm store directory | |
| shell: bash | |
| run: echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV | |
| - name: Cache pnpm dependencies | |
| uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
| with: | |
| path: ${{ env.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm- | |
| - name: Install OpenClaw dependencies | |
| working-directory: openclaw | |
| run: pnpm install --frozen-lockfile | |
| continue-on-error: true # May not have lockfile yet | |
| - name: Run TypeScript type check | |
| working-directory: openclaw | |
| run: pnpm tsc --noEmit | |
| continue-on-error: true | |
| - name: Run tests | |
| working-directory: openclaw | |
| run: pnpm test | |
| continue-on-error: true | |
| # VS Code Extension (CAIIDE++ Onboarding) | |
| vscode-extension: | |
| name: VS Code Extension | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
| with: | |
| node-version: "20" | |
| - name: Install dependencies | |
| working-directory: CAIIDE++/extensions/caiide-onboarding | |
| run: npm install | |
| - name: Compile TypeScript | |
| working-directory: CAIIDE++/extensions/caiide-onboarding | |
| run: npm run compile | |
| - name: Run linting | |
| working-directory: CAIIDE++/extensions/caiide-onboarding | |
| run: npm run lint | |
| continue-on-error: true | |
| # Shell Scripts Validation | |
| shell-check: | |
| name: Shell Scripts | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Install shellcheck | |
| run: sudo apt-get install -y shellcheck | |
| - name: Run shellcheck on scripts | |
| run: | | |
| find scripts -name "*.sh" -type f | xargs shellcheck --severity=warning || true | |
| shellcheck install.sh --severity=warning || true | |
| - name: Test resource detection | |
| run: | | |
| chmod +x scripts/detect-resources.sh | |
| ./scripts/detect-resources.sh --profile | |
| - name: Test secret generation (dry run) | |
| run: | | |
| chmod +x scripts/generate-env.sh | |
| TEST_DIR=$(mktemp -d) | |
| CLAUDE_CODE_PP_DIR="$TEST_DIR" ./scripts/generate-env.sh | |
| test -f "$TEST_DIR/.env" | |
| rm -rf "$TEST_DIR" | |
| # Docker Compose Validation | |
| docker-validate: | |
| name: Docker Compose | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Validate docker-compose.yaml | |
| run: | | |
| # Set required environment variables | |
| export NEO4J_PASSWORD=test | |
| export REDIS_PASSWORD=test | |
| export ANTHROPIC_API_KEY="" | |
| export OPENAI_API_KEY="" | |
| docker compose -f docker/docker-compose.yaml config > /dev/null | |
| # Integration Tests (requires services) | |
| integration-test: | |
| name: Integration Tests | |
| runs-on: ubuntu-latest | |
| needs: [python-test, shell-check] | |
| services: | |
| redis: | |
| image: redis:7-alpine | |
| ports: | |
| - 6379:6379 | |
| options: >- | |
| --health-cmd "redis-cli ping" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Set up Python | |
| uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| working-directory: python | |
| run: | | |
| pip install -e ".[redis,dev]" | |
| - name: Run integration tests | |
| working-directory: python | |
| run: pytest tests/ -m integration --redis-url redis://localhost:6379 | |
| continue-on-error: true # May not have integration tests yet | |
| env: | |
| REDIS_URL: redis://localhost:6379 | |
| - name: Run install script tests | |
| run: ./scripts/test-install.sh |