name: CI on: push: branches: [main, "feature/**"] pull_request: branches: [main] schedule: - cron: "0 3 * * *" # Nightly at 03:00 UTC — runs docker-e2e workflow_dispatch: jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - uses: actions/setup-python@v6 with: python-version: "3.13" - name: Install uv uses: astral-sh/setup-uv@v7 - name: Install dependencies run: uv pip install --system ".[dev,server]" - name: Run tests (parallel) run: pytest tests/ -v --tb=short -n auto env: TESTING: "1" cli-wheel-clean-install: # Catches the "wheel METADATA conflicts with transitive deps under fresh # resolver" class — exactly what the workspace-only `[tool.uv] # override-dependencies` does NOT protect against. Builds the wheel the # way `release.yml` ships it to analysts (`uv build --wheel`), then # installs it into a fresh `python:3.13-slim` container with `uv tool # install` (the path the `/setup` page advertises) and asserts the # `agnes` binary actually launches. Without this, a regression like # 0.53.3's `kbcstorage>=0.9.0 → urllib3<2.0.0` cap silently caps the # wheel METADATA, every existing test passes (workspace overrides the # cap), and the break only surfaces on the next analyst's first install. runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - uses: actions/setup-python@v6 with: python-version: "3.13" - name: Install uv uses: astral-sh/setup-uv@v7 - name: Build wheel run: uv build --wheel --out-dir dist - name: Write CLI install assertion script run: | cat > /tmp/smoke.py <<'PY' import sys, urllib3 try: import kbcstorage # noqa: F401 sys.exit("REGRESSION: kbcstorage leaked into the CLI wheel — should be in [server] extra only") except ImportError: pass maj, minor = (int(x) for x in urllib3.__version__.split(".")[:2]) assert (maj, minor) >= (2, 7), f"urllib3 too old: {urllib3.__version__}" print(f"OK: kbcstorage absent, urllib3 {urllib3.__version__}") PY - name: Smoke install in fresh python:3.13-slim run: | docker run --rm \ -v "$PWD/dist:/wheels:ro" \ -v /tmp/smoke.py:/smoke.py:ro \ python:3.13-slim bash -c ' set -euo pipefail apt-get update -qq && apt-get install -y -qq --no-install-recommends curl ca-certificates >/dev/null curl -LsSf https://astral.sh/uv/install.sh | sh > /dev/null 2>&1 export PATH="$HOME/.local/bin:$PATH" WHEEL=$(ls /wheels/agnes_the_ai_analyst-*-py3-none-any.whl | head -1) uv tool install --force "$WHEEL" agnes --version agnes --help > /dev/null agnes catalog --help > /dev/null # Run the assertion in the same venv uv tool created "$HOME/.local/share/uv/tools/agnes-the-ai-analyst/bin/python" /smoke.py ' docker-build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - name: Build Docker image run: docker build -t data-analyst:test . docker-e2e: runs-on: ubuntu-latest if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' needs: docker-build steps: - uses: actions/checkout@v6 - uses: actions/setup-python@v6 with: python-version: "3.13" - name: Install uv uses: astral-sh/setup-uv@v7 - name: Install dependencies run: uv pip install --system ".[dev,server]" - name: Start services run: | touch .env docker compose up -d --wait --wait-timeout 60 - name: Run Docker E2E tests run: pytest tests/ -v --tb=short -m docker --timeout=120 env: TESTING: "1" - name: Stop services if: always() run: docker compose down