chore: add CI (ruff + compose + yaml + patterns validation)#7
Conversation
Repo had no CI — tests/ exists with 348 lines but had never been
exercised in PR review. Add a focused gate so future PRs don't
silently ship broken Python or malformed pattern JSON.
Jobs:
- python-lint: ruff check + ruff format --check on the repo
- compose-validate: docker compose -f docker-compose.yml config
- yaml-lint: yaml.safe_load on every .yml/.yaml in the tree
- patterns-validate: json.load on every patterns/*.json
(pattern parsing failures crash server startup,
so catching them at PR time is high value)
All jobs PR-only with timeout-minutes set, mirroring the cost-defense
rules used in the gwangcheon-shop pipeline.
Also includes the ruff auto-fixes that the new lint job would catch
on first run, so the workflow goes green from PR #1:
- Drop unused `main.PATTERNS` import in tests/test_pattern_matching.py
- Apply ruff format to main.py (one block was off)
No behavior change in the analyzer itself. Pytest is intentionally
deferred — running tests requires loading sentence-transformers and
ChromaDB which is heavy for CI; will land in a follow-up PR with
proper caching.
There was a problem hiding this comment.
Pull request overview
Adds a minimal GitHub Actions CI gate to ensure basic repository integrity (lint/format, compose config, YAML syntax, patterns JSON syntax) so changes in tests/ and runtime-critical pattern files are validated during PRs.
Changes:
- Add
.github/workflows/ci.ymlwith ruff lint/format, docker compose config validation, YAML parse validation, andpatterns/*.jsonparse validation. - Apply ruff-driven cleanup: remove an unused import in
tests/test_pattern_matching.py. - Apply ruff formatting adjustments in
main.py(commas/line wrapping/blank lines), with no functional change.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
.github/workflows/ci.yml |
Introduces CI jobs for Python lint/format and basic config/data file validation. |
tests/test_pattern_matching.py |
Removes an unused import to satisfy ruff. |
main.py |
Formatting-only changes to satisfy ruff format. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| - uses: actions/setup-python@v5 | ||
| with: | ||
| python-version: '3.11' | ||
|
|
||
| - name: 모든 YAML 파일 syntax 검증 | ||
| run: | | ||
| python3 -c " | ||
| import yaml, glob, sys | ||
| ok = True | ||
| for f in glob.glob('**/*.yml', recursive=True) + glob.glob('**/*.yaml', recursive=True): | ||
| try: | ||
| yaml.safe_load(open(f)) | ||
| print(f'OK {f}') | ||
| except yaml.YAMLError as e: | ||
| ok = False | ||
| print(f'FAIL {f}: {e}') | ||
| sys.exit(0 if ok else 1) | ||
| " |
There was a problem hiding this comment.
yaml-lint step runs import yaml but the workflow never installs PyYAML (it’s not in the stdlib and isn’t listed in requirements). This job will fail with ModuleNotFoundError: No module named 'yaml' on a fresh runner. Install pyyaml (or vendor another YAML parser) before running the validation script.
| ok = True | ||
| for f in glob.glob('**/*.yml', recursive=True) + glob.glob('**/*.yaml', recursive=True): | ||
| try: | ||
| yaml.safe_load(open(f)) |
There was a problem hiding this comment.
The YAML validation script uses yaml.safe_load(open(f)), which leaves file handles unclosed and only parses the first YAML document in a file. Use a with open(..., encoding='utf-8') block and ensure all documents are consumed (e.g., iterate safe_load_all) so the check reliably validates the entire file contents.
| yaml.safe_load(open(f)) | |
| with open(f, encoding='utf-8') as fp: | |
| for _ in yaml.safe_load_all(fp): | |
| pass |
setup-python only provides the interpreter; PyYAML is a separate pip package. Without it, the yaml-lint job hits ModuleNotFoundError on import. Add a pip install pyyaml step before running the validator.
Summary
레포에 자체 CI 워크플로우가 없어 tests/ 348줄이 PR에서 한 번도 검증된 적 없는 상태입니다. 최소 게이트를 추가합니다.
변경 사항
신규 워크플로우 (
.github/workflows/ci.yml)python-lintruff check .+ruff format --check .compose-validatedocker compose config --quiet(schema drift 감지)yaml-lint*.yml/*.yaml을yaml.safe_load검증patterns-validatepatterns/*.json을json.load로 검증 (패턴 깨지면 서버 기동 실패하므로 PR 단계에서 catch)pull_request: branches: [master]+workflow_dispatchtimeout-minutes가드자동 수정 포함
신규 lint job이 첫 PR부터 통과하도록 ruff 자동 수정을 같은 PR에 포함:
tests/test_pattern_matching.py: 사용되지 않은main.PATTERNSimport 제거main.py: ruff format 1개 블록 적용기능 변화 없음.
의도적으로 빠진 것
배경
본 PR은
ai-devops-orchestratorPR #2(동일한 최소 CI 추가)와 자매 PR입니다. gwangcheon-shop의 "CI 비용 방어 4원칙"을 그대로 적용 — PR 트리거 한정 / timeout 강제 / failure 아티팩트 / 단일 도구.테스트
All checks passed!,6 files already formatteddocker compose config --quiet사전 검증yaml.safe_load사전 검증 (워크플로우 자체 + 기존 docker-compose.yml)json.load사전 검증 (patterns/*.json모두 OK)