feat: add --global / -g flag for scoped package installation #718
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| env: | |
| PYTHON_VERSION: '3.12' | |
| on: | |
| pull_request: | |
| branches: [ main ] | |
| paths-ignore: | |
| - 'docs/**' | |
| - '.gitignore' | |
| - 'LICENSE' | |
| permissions: | |
| contents: read | |
| jobs: | |
| # Linux-only for PR feedback. Full platform matrix (incl. macOS + Windows) runs post-merge in build-release.yml. | |
| # Combines unit tests + binary build into a single job to eliminate runner re-provisioning overhead. | |
| build-and-test: | |
| name: Build & Test (Linux) | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v6 | |
| with: | |
| enable-cache: true | |
| - name: Install dependencies | |
| run: uv sync --extra dev --extra build | |
| - name: Check YAML encoding safety | |
| run: | | |
| # Ensure YAML file I/O goes through yaml_io helpers. | |
| # Catches yaml.dump/safe_dump writing to a file handle outside yaml_io.py. | |
| VIOLATIONS=$(grep -rn --include='*.py' -P \ | |
| 'yaml\.(safe_)?dump\(.+,\s*[a-zA-Z_]\w*\b' src/apm_cli/ \ | |
| | grep -v 'utils/yaml_io.py' \ | |
| | grep -v '# yaml-io-exempt' \ | |
| || true) | |
| if [ -n "$VIOLATIONS" ]; then | |
| echo "::error::Direct yaml.dump() to file handle detected. Use yaml_io.dump_yaml() instead:" | |
| echo "$VIOLATIONS" | |
| exit 1 | |
| fi | |
| - name: Run tests | |
| run: uv run pytest tests/unit tests/test_console.py -n auto --dist worksteal | |
| - name: Lint - no raw str(relative_to) patterns | |
| run: | | |
| # Fail if any code uses str(x.relative_to(y)) instead of portable_relpath() | |
| if grep -rn --include="*.py" -P 'str\([^)]*\.relative_to\(' src/apm_cli/ | grep -v portable_relpath | grep -v '\.pyc'; then | |
| echo "::error::Found raw str(path.relative_to()) calls. Use portable_relpath() from apm_cli.utils.paths instead." | |
| exit 1 | |
| fi | |
| - name: Install UPX | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y upx-ucl | |
| - name: Build binary | |
| run: | | |
| chmod +x scripts/build-binary.sh | |
| uv run ./scripts/build-binary.sh | |
| - name: Upload binary as workflow artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: apm-linux-x86_64 | |
| # Scripts are included to preserve the artifact root at ./ (not ./dist/). | |
| # Without a sibling directory, upload-artifact strips the dist/ prefix, | |
| # breaking download paths in ci-integration.yml which expects dist/$BINARY_NAME/apm. | |
| path: | | |
| ./dist/apm-linux-x86_64 | |
| ./dist/apm-linux-x86_64.sha256 | |
| ./scripts/test-release-validation.sh | |
| ./scripts/github-token-helper.sh | |
| include-hidden-files: true | |
| retention-days: 30 | |
| if-no-files-found: error |