feat(ci): add GitHub Actions for linting, testing, and release

.github/utils/update_version.py

@@ -0,0 +1,40 @@
+import sys
+
+from tomlkit import parse, dumps
+from tomlkit.container import Container
+
+from typing import cast
+
+
+def update_version(version: str) -> None:
+    pyproject_path = "pyproject.toml"
+
+    try:
+        # Read the pyproject.toml file
+        with open(pyproject_path, "r") as file:
+            pyproject_content = file.read()
+
+        # Parse the TOML content
+        pyproject_data = parse(pyproject_content)
+
+        # Update the version in the "project" table
+        project_table = cast(Container, pyproject_data["project"])
+        project_table["version"] = version
+
+        # Write the updated content back to the file
+        with open(pyproject_path, "w") as file:
+            file.write(dumps(pyproject_data))
+
+        print(f"Version updated to {version} in pyproject.toml")
+
+    except FileNotFoundError:
+        print(f"Error: {pyproject_path} not found")
+    except Exception as e:
+        print(f"An error occurred: {e}")
+
+
+if __name__ == "__main__":
+    if len(sys.argv) != 2:
+        print("Usage: python update_version.py <version>")
+    else:
+        update_version(sys.argv[1])

.github/workflows/build_release.yml

@@ -0,0 +1,39 @@
+name: Build and upload artifacts for release
+on:
+  push:
+    tags:
+      - "*"
+
+jobs:
+  build-release:
+    if: github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.13
+      - name: Install uv
+        run: pip install --upgrade pip && pip install uv
+      - name: Install dependencies
+        run: uv sync --frozen
+      - name: Build package
+        run: uv build
+      - name: Find the GitHub release and upload the artifacts to it
+        uses: actions/github-script@v7
+        env:
+          owner: "${{github.repository_owner}}"
+          repo: "${{github.repository}}"
+          tag: "${{github.ref_name}}"
+        with:
+          script: |
+            const fs = require('fs');
+            const { owner, repo, tag } = process.env;
+            const artifacts = fs.readdirSync("dist").filter(f => f.endsWith(".whl") || f.endsWith(".tar.gz"));
+            const release_id = github.rest.repos.getReleaseByTag({ owner, repo, tag }).id;
+            artifacts.forEach(name => {
+              const data = fs.readFileSync(`dist/${name}`);
+              github.rest.repos.uploadReleaseAsset({ owner, repo, release_id, name, data });
+            });

.github/workflows/code_quality.yml

@@ -0,0 +1,142 @@
+name: Tests and Code Quality
+on:
+  push:
+    branches:
+      - main
+      - alpha
+  pull_request:
+    branches:
+      - main
+      - alpha
+
+jobs:
+  commitlint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Set up NodeJS
+        uses: actions/setup-node@v4
+        with:
+          node-version: "lts/*"
+      - name: Install commitlint
+        run: npm i -g @commitlint/cli @commitlint/config-conventional
+      - name: Commitlint
+        run: commitlint --from "origin/${{ github.base_ref }}" --to "origin/${{ github.head_ref }}"
+
+  semantic_release_dryrun:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up NodeJS
+        uses: actions/setup-node@v4
+        with:
+          node-version: "lts/*"
+      - name: Install semantic-release dependencies
+        run: npm install --global semantic-release @semantic-release/exec @semantic-release/git
+      - name: Check out the target branch and merge onto it
+        run: |
+          git fetch origin ${{ github.base_ref }}:${{ github.base_ref }}
+          git fetch origin ${{ github.head_ref }}:${{ github.head_ref }}
+          git checkout ${{ github.base_ref }}
+          git merge --ff-only ${{ github.head_ref }}
+      - name: Run Semantic Release as a dry run
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          unset GITHUB_ACTIONS GITHUB_REF GITHUB_EVENT_NAME
+          semantic-release --dry-run --no-ci
+      - name: Comment release notes on the PR
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const fs = require('fs');
+            const versionNumber = fs.readFileSync("release_version.txt").toString().trim();
+            const releaseNotes = fs.readFileSync("release_notes.txt").toString().trim();
+
+            const commentBody = `Merging this PR will release \`${versionNumber}\` with the following release notes:\n\n${releaseNotes}`
+
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: commentBody
+            });
+
+  Ruff:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: [3.9, 3.13]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install uv
+        run: pip install --upgrade pip && pip install uv
+      - name: Install dependencies
+        run: uv sync --frozen
+      - name: Ruff - ${{ matrix.python-version }}
+        run: uv run ruff check
+  Ruff-Format:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: [3.9, 3.13]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install uv
+        run: pip install --upgrade pip && pip install uv
+      - name: Install dependencies
+        run: uv sync --frozen
+      - name: Ruff-Format - ${{ matrix.python-version }}
+        run: uv run ruff format --check
+
+  MyPy:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: [3.9, 3.13]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install uv
+        run: pip install --upgrade pip && pip install uv
+      - name: Install dependencies
+        run: uv sync --frozen
+      - name: MyPy - ${{ matrix.python-version }}
+        run: uv run mypy .
+
+  Pytest:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: [3.9, 3.13]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install uv
+        run: pip install --upgrade pip && pip install uv
+      - name: Install dependencies
+        run: uv sync --frozen
+      - name: Pytest + Coverage - ${{ matrix.python-version }}
+        run: uv run pytest

.github/workflows/semantic_release.yml

@@ -0,0 +1,23 @@
+name: Run Semantic Release
+on:
+  push:
+    branches:
+      - main
+      - alpha
+
+jobs:
+  semantic_release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up NodeJS
+        uses: actions/setup-node@v4
+        with:
+          node-version: "lts/*"
+      - name: Install semantic-release dependencies
+        run: npm install --global semantic-release @semantic-release/exec @semantic-release/git
+      - name: Run Semantic Release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: semantic-release

.releaserc

@@ -0,0 +1,33 @@
+{
+  "branches": [
+    "main",
+    {
+      "name": "alpha",
+      "prerelease": true
+    }
+  ],
+  "tagFormat": "${version}",
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    [
+      "@semantic-release/exec",
+      {
+        "prepareCmd": "python .github/utils/update_version.py ${nextRelease.version} && uv lock",
+        "verifyReleaseCmd": "echo \"${nextRelease.version}\" > release_version.txt",
+        "generateNotesCmd": "echo \"${nextRelease.notes}\" > release_notes.txt"
+      }
+    ],
+    [
+      "@semantic-release/git",
+      {
+        "assets": [
+          "pyproject.toml",
+          "uv.lock"
+        ],
+        "message": "chore(release): update version to ${nextRelease.version} [skip ci]"
+      }
+    ],
+    "@semantic-release/github"
+  ]
+}

commitlint.config.js

@@ -0,0 +1 @@
+export default { extends: ['@commitlint/config-conventional'] };

mypy.ini

@@ -15,9 +15,10 @@ show_error_context = True
 strict_equality = True
 check_untyped_defs = True
 
-exclude = (/tests/)
+exclude = (^(tests|app_templates)/.*)
 
-# module options
-
-[mypy-soar_sdk.*]
+# ignore the unresolvable platform libs for now
+[mypy-phantom.*]
+ignore_missing_imports = True
+[mypy-phantom_common.*]
 ignore_missing_imports = True

pyproject.toml

@@ -3,7 +3,7 @@ name = "soar_sdk"
 version = "0.1.0"
 description = "A framework for developing and testing the Splunk SOAR Apps"
 readme = "README.md"
-requires-python = ">=3.9, <3.13"
+requires-python = ">=3.9, <3.14"
 authors = [
     { name = "Jacob Davis", email = "jacobd@splunk.com" },
     { name = "Janusz Kamieński", email = "jkamienski@splunk.com" },
@@ -42,11 +42,15 @@ dev = [
     "pytest-mock>=3.14.0,<4",
     "pytest-watch>=4.2.0,<5",
     "ruff>=0.7.4,<1",
+    "tomlkit>=0.13.2",
     "types-beautifulsoup4>=4.12.0.5,<5",
     "types-requests>=2.31.0.1,<3",
     "types-urllib3>=1.26.25.13,<2",
 ]
 
+[[tool.uv.index]]
+url = "https://pypi.python.org/simple"
+
 [tool.pytest.ini_options]
 addopts = "--ignore=app_templates --cov"  # TODO: Remove demo_app ignore, once it's no longer used
 

src/soar_sdk/__init__.py

@@ -0,0 +1,3 @@
+from importlib.metadata import version
+
+__version__ = version("soar-sdk")