ci: Refactor CI with resusable, custom GitHub Action

[mansenfranzen]

Type

enhancement

---

Description

• Introduced a reusable GitHub Action (invoke-tox) to streamline the setup of test environments across multiple workflows.
• The new action supports specifying Python version, deciding whether to install Graphviz, running specific Tox environments, and enabling Codacy code coverage with a token.
• Refactored the tests.yml workflow file to utilize the new GitHub Action, significantly simplifying the workflow syntax and making it more maintainable.
• Enhanced CI workflows by enabling Graphviz installation and Codacy code coverage directly through action inputs, removing the need for these steps in each job.

---

Changes walkthrough

Relevant files

Enhancement

action.yml Add New GitHub Action for Test Environment Setup                  .github/actions/invoke-tox/action.yml Introduced a new GitHub Action for setting up a test environment. Allows configuration of Python version, Graphviz installation, and Tox environment. Supports optional Codacy token input for code coverage. Simplifies workflow files by encapsulating common setup steps. +55/-0    tests.yml Refactor CI Workflows to Use Custom GitHub Action                .github/workflows/tests.yml Refactored workflow to use the new GitHub Action for test setup. Simplified test job configurations by removing redundant steps. Added Graphviz installation and Codacy token support directly in the action inputs. Made the workflow more readable and maintainable. +41/-43

---

✨ PR-Agent usage: Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[github-actions[bot]]

PR Description updated to latest commit (https://github.com/mansenfranzen/autodoc_pydantic/commit/bf9321a5ce9e212a749159d60a6e9471e49d405c)

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 94.26%. Comparing base (532b54f) to head (bf9321a).

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #252 +/- ## ======================================= Coverage 94.26% 94.26% ======================================= Files 12 12 Lines 1116 1116 ======================================= Hits 1052 1052 Misses 64 64 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[github-actions[bot]]

PR Review

⏱️ Estimated effort to review [1-5]	2, because the PR involves creating a new GitHub Action and refactoring existing workflows to use this action. The changes are straightforward and well-defined, focusing on CI/CD pipeline enhancements.
🧪 Relevant tests	No
🔍 Possible issues	Missing Validation: The `action.yml` does not validate input values, which might lead to runtime errors if incorrect values are provided. For example, ensuring `python-version` adheres to a recognizable format could prevent potential issues.
	Hardcoded Package Installation: The command to install Graphviz is hardcoded and specific to Debian-based distributions. This might limit the action's portability across different CI environments.
🔒 Security concerns	No

Code feedback:

---

relevant file	.github/actions/invoke-tox/action.yml
suggestion	Consider adding input validation for `python-version` to ensure it matches expected version patterns. This can prevent errors during the setup phase. [important]
relevant line	description: 'Define the Python version to use'

---

relevant file	.github/actions/invoke-tox/action.yml
suggestion	Introduce a more flexible approach for installing Graphviz that can adapt to different operating systems, enhancing the action's portability. [important]
relevant line	run: sudo apt-get install graphviz graphviz-dev

---

relevant file	.github/actions/invoke-tox/action.yml
suggestion	Add error handling for the steps within the action, especially for network-dependent operations like package installations, to improve robustness. [medium]
relevant line	run: sudo apt-get install graphviz graphviz-dev

---

relevant file	.github/actions/invoke-tox/action.yml
suggestion	Consider caching dependencies like `tox` to speed up workflow execution times. This can be particularly beneficial for workflows that run frequently. [medium]
relevant line	run: pip install tox

---

---

✨ Review tool usage guide:

---

**Overview:** The `review` tool scans the PR code changes, and generates a PR review which includes several types of feedbacks, such as possible PR issues, security threats and relevant test in the PR. More feedbacks can be [added](https://pr-agent-docs.codium.ai/tools/review/#general-configurations) by configuring the tool. The tool can be triggered [automatically](https://pr-agent-docs.codium.ai/usage-guide/automations_and_usage/#github-app-automatic-tools-when-a-new-pr-is-opened) every time a new PR is opened, or can be invoked manually by commenting on any PR. - When commenting, to edit [configurations](https://github.com/Codium-ai/pr-agent/blob/main/pr_agent/settings/configuration.toml#L23) related to the review tool (`pr_reviewer` section), use the following template: ``` /review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=... ``` - With a [configuration file](https://pr-agent-docs.codium.ai/usage-guide/configuration_options/), use the following template: ``` [pr_reviewer] some_config1=... some_config2=... ``` See the review [usage page](https://pr-agent-docs.codium.ai/tools/review/) for a comprehensive guide on using this tool.

[github-actions[bot]]

PR Code Suggestions

Category	Suggestions
Enhancement	Add caching for Python packages to improve workflow efficiency. ___ **Consider adding a caching mechanism for the installed Python packages to speed up the workflow runs. This can be achieved by using the actions/cache action to cache dependencies installed by pip, based on the requirements.txt file or any other dependency management file used.** [.github/actions/invoke-tox/action.yml [40-42]](https://github.com/mansenfranzen/autodoc_pydantic/pull/252/files#diff-3a570745e75a782c573f0a8a297afe62031cdcedd8101fb9e94547fb8bb9ef04R40-R42) ```diff +- name: Cache Python packages + uses: actions/cache@v3 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} + restore-keys: | + ${{ runner.os }}-pip- - name: Install Tox run: pip install tox shell: bash ```
	Validate python-version input to ensure it meets expected format or values. ___ **To enhance the security and maintainability of the workflow, consider validating the python-version input against a set of supported versions. This can prevent unexpected errors if an unsupported version is specified and guide users towards the correct usage of your action.** [.github/actions/invoke-tox/action.yml [5-8]](https://github.com/mansenfranzen/autodoc_pydantic/pull/252/files#diff-3a570745e75a782c573f0a8a297afe62031cdcedd8101fb9e94547fb8bb9ef04R5-R8) ```diff python-version: description: 'Define the Python version to use' required: false default: '3.x' + # Example validation using regex for Python semantic versioning + validation: '^3\.\d+\.\d+$|^3\.\d+$|^3\.x$' ```
	Validate tox-environment input against tox.ini to prevent undefined environment errors. ___ **For better error handling and user feedback, consider adding a step to check if the tox-environment input matches any of the environments defined in the tox.ini file. This can be done by running a script before invoking Tox, which could prevent the workflow from proceeding with an undefined environment.** [.github/actions/invoke-tox/action.yml [44-46]](https://github.com/mansenfranzen/autodoc_pydantic/pull/252/files#diff-3a570745e75a782c573f0a8a297afe62031cdcedd8101fb9e94547fb8bb9ef04R44-R46) ```diff +- name: Validate Tox Environment + run: | + if ! grep -qE '^\[testenv:${{ inputs.tox-environment }}\]' tox.ini; then + echo "Error: The specified tox-environment '${{ inputs.tox-environment }}' does not exist in tox.ini." + exit 1 + fi + shell: bash - name: Invoke Tox run: tox -e ${{ inputs.tox-environment }} shell: bash ```
Best practice	Ensure package indexes are updated before installing Graphviz. ___ **For the Install Graphviz step, it's recommended to update the package index before installing new packages with apt-get update to ensure you're getting the latest versions and to avoid potential installation issues due to outdated package indexes.** [.github/actions/invoke-tox/action.yml [35-38]](https://github.com/mansenfranzen/autodoc_pydantic/pull/252/files#diff-3a570745e75a782c573f0a8a297afe62031cdcedd8101fb9e94547fb8bb9ef04R35-R38) ```diff - name: Install Graphviz if: ${{ inputs.install-graphviz == 'true' }} - run: sudo apt-get install graphviz graphviz-dev + run: | + sudo apt-get update + sudo apt-get install graphviz graphviz-dev shell: bash ```
	Pin actions to specific versions for consistent workflow runs. ___ **It's a good practice to specify exact versions for actions used in workflows to avoid unexpected changes. For the actions/setup-python@v5, consider pinning it to a specific version or commit to ensure consistent behavior across runs.** [.github/actions/invoke-tox/action.yml [30-33]](https://github.com/mansenfranzen/autodoc_pydantic/pull/252/files#diff-3a570745e75a782c573f0a8a297afe62031cdcedd8101fb9e94547fb8bb9ef04R30-R33) ```diff - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v5.3.1 # Example version, ensure to use the latest stable version with: python-version: ${{ inputs.python-version }} ```

---

✨ Improve tool usage guide:

---

**Overview:** The `improve` tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered [automatically](https://pr-agent-docs.codium.ai/usage-guide/automations_and_usage/#github-app-automatic-tools-when-a-new-pr-is-opened) every time a new PR is opened, or can be invoked manually by commenting on a PR. - When commenting, to edit [configurations](https://github.com/Codium-ai/pr-agent/blob/main/pr_agent/settings/configuration.toml#L78) related to the improve tool (`pr_code_suggestions` section), use the following template: ``` /improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=... ``` - With a [configuration file](https://pr-agent-docs.codium.ai/usage-guide/configuration_options/), use the following template: ``` [pr_code_suggestions] some_config1=... some_config2=... ``` See the improve [usage page](https://pr-agent-docs.codium.ai/tools/improve/) for a comprehensive guide on using this tool.