Skip to content

ci: align all .github workflows and configs with msgtrace-sdk #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
vilsonrodrigues merged 10 commits into from
Dec 2, 2025
Merged

ci: align all .github workflows and configs with msgtrace-sdk #28

vilsonrodrigues merged 10 commits into from
Dec 2, 2025

Conversation

@vilsonrodrigues
Copy link
Contributor

@vilsonrodrigues vilsonrodrigues commented Dec 2, 2025

Summary

Aligns all CI/CD workflows and configurations with msgtrace-sdk standards to ensure consistency across MSG projects.

Added Workflows

1. CodeQL ()

  • ✅ Automatic security vulnerability scanning
  • ✅ Runs on schedule and PRs
  • ✅ Analyzes Python code for security issues

2. Auto-Labeler ( + config)

  • ✅ Automatically labels PRs based on file paths
  • ✅ Labels: documentation, tests, ci, dependencies, etc.
  • ✅ Improves PR organization and filtering

3. Pre-commit Auto-update ()

  • ✅ Automatically updates pre-commit hooks monthly
  • ✅ Creates PRs with hook updates
  • ✅ Keeps linting tools up-to-date

Updated Workflow

Publish Workflow ()

Before:

  • ❌ Manual trigger (workflow_dispatch)
  • ❌ Manual tag creation required
  • ❌ No version validation

After:

  • ✅ Automatic trigger after "Validate Release" success
  • ✅ Auto-creates and pushes tag (by github-actions bot)
  • ✅ Validates version bump
  • ✅ Creates GitHub Release automatically

Benefits

  1. Security - CodeQL scanning for vulnerabilities
  2. Organization - Auto-labeling improves PR management
  3. Maintenance - Auto-updates for pre-commit hooks
  4. Automation - Fully automated releases (no manual steps)
  5. Consistency - Same standards as msgtrace-sdk

Files Added/Modified

.github/
├── labeler.yml (new) - Label configuration
└── workflows/
    ├── codeql.yml (new)
    ├── labeler.yml (new)
    ├── pre-commit-autoupdate.yml (new)
    └── publish.yml (updated)

Testing

All workflows have been tested in msgtrace-sdk. After merge:

  • CodeQL will run on next PR
  • Labeler will auto-label PRs
  • Pre-commit auto-update will run monthly
  • Next release will be fully automated

Related

This completes the CI/CD alignment with MSG project standards.

vilsonrodrigues and others added 10 commits November 27, 2025 02:18
@vilsonrodrigues
docs: Add CLAUDE.md with project guidelines
1c90a2b 
- Complete project structure overview
- Common commands and workflows
- Release process (always use ./scripts/release.sh)
- Architecture details and optimizations
- Linting, testing, and CI/CD guides
- Troubleshooting tips

This file provides context for Claude Code to work more effectively
with the project without repeating instructions.
@vilsonrodrigues
Merge branch 'main' of https://github.com/vilsonrodrigues/msgspec-ext
777f67c
@vilsonrodrigues @claude
Add CHANGELOG.md for release tracking
d266e22 
🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@vilsonrodrigues
Merge branch 'main' of github.com:msgflux/msgspec-ext
438c10c
@vilsonrodrigues
Merge branch 'main' of github.com:msgflux/msgspec-ext
3081824
@vilsonrodrigues
chore: add uv.lock for reproducible builds
8e564dd 
- Add exception in .gitignore for uv.lock
- Commit uv.lock to ensure reproducible dependency resolution
- Required for CI/CD workflows using 'uv sync --locked'
@vilsonrodrigues
Merge branch 'main' of github.com:msgflux/msgspec-ext
95f6163
@vilsonrodrigues
Merge branch 'main' of github.com:msgflux/msgspec-ext
08d6e5d
@vilsonrodrigues
ci: align publish workflow with msgtrace-sdk (add autotag)
879f732 
- Change trigger from workflow_dispatch to workflow_run (after Validate Release)
- Add automatic tag creation and push (no manual intervention needed)
- Split into build-and-tag, publish, and create-release jobs
- Validate version bump before release
- Auto-create GitHub Release with installation instructions

This aligns the CI/CD workflow with msgtrace-sdk standards.
Future releases will be fully automated after PR merge.
@vilsonrodrigues
ci: align all .github workflows and configs with msgtrace-sdk
180d8c5 
Add missing workflows and configurations:
- codeql.yml: CodeQL security analysis
- labeler.yml (workflow): Auto-label PRs based on file paths
- labeler.yml (config): Label configuration rules
- pre-commit-autoupdate.yml: Auto-update pre-commit hooks

Update publish.yml:
- Change from manual trigger to automatic (workflow_run)
- Add automatic tag creation and push
- Split into build-and-tag, publish, create-release jobs
- Add version bump validation

This ensures msgspec-ext has the same CI/CD standards as msgtrace-sdk.
@github-advanced-security
Copy link

github-advanced-security bot commented Dec 2, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@vilsonrodrigues vilsonrodrigues merged commit 023fffd into msgflux:main Dec 2, 2025
9 of 10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vilsonrodrigues