ciscomonkey
diff --git a/‎.github/WORKFLOWS.md‎
Lines changed: 65 additions & 0 deletions b/‎.github/WORKFLOWS.md‎
Lines changed: 65 additions & 0 deletions
diff --git a/‎.github/workflows/create-release.yml‎
Lines changed: 81 additions & 0 deletions b/‎.github/workflows/create-release.yml‎
Lines changed: 81 additions & 0 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 63 additions & 0 deletions b/‎.github/workflows/release.yml‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎.github/workflows/tests.yml‎
Lines changed: 42 additions & 0 deletions b/‎.github/workflows/tests.yml‎
Lines changed: 42 additions & 0 deletions
@@ -0,0 +1,65 @@
+# GitHub Workflows
+
+This directory contains the GitHub Actions workflows for the fastapi-secure-errors project.
+
+## Workflows
+
+### 1. Tests (`tests.yml`)
+- **Trigger**: Push to main/develop branches, Pull requests
+- **Purpose**: Run tests and generate coverage reports
+- **Actions**: 
+  - Install dependencies with uv
+  - Run pytest with coverage
+  - Upload coverage to Codecov
+
+### 2. Release (`release.yml`)
+- **Trigger**: When a GitHub release is published
+- **Purpose**: Build and package the project for distribution
+- **Actions**:
+  - Run tests to ensure quality
+  - Build the package using `uv build`
+  - Upload package artifacts (wheel and source distribution)
+
+### 3. Create Release (`create-release.yml`)
+- **Trigger**: Manual workflow dispatch
+- **Purpose**: Create a new release with version bumping
+- **Inputs**:
+  - `version`: The version number for the release (e.g., "1.0.0")
+  - `release_type`: Either "release" or "prerelease"
+- **Actions**:
+  - Update version in pyproject.toml
+  - Run tests
+  - Build package
+  - Commit version bump
+  - Create GitHub release
+
+## Usage
+
+### Creating a Release
+
+1. **Using the Create Release Workflow** (Recommended):
+   - Go to the Actions tab in GitHub
+   - Select "Create Release" workflow
+   - Click "Run workflow"
+   - Enter the version number and release type
+   - Click "Run workflow"
+
+2. **Manual Release**:
+   - Create a new tag: `git tag v1.0.0`
+   - Push the tag: `git push origin v1.0.0`
+   - Create a release in GitHub UI using that tag
+
+### Artifacts
+
+The release workflow generates the following artifacts:
+- **Source distribution** (`.tar.gz`): Contains the source code
+- **Wheel distribution** (`.whl`): Ready-to-install binary package
+
+These artifacts are automatically attached to the GitHub release and can be downloaded or used for PyPI publishing.
+
+## Future Enhancements
+
+- [ ] Add PyPI publishing to the release workflow
+- [ ] Add security scanning with CodeQL
+- [ ] Add dependency updates with Dependabot
+- [ ] Add changelog generation
@@ -0,0 +1,81 @@
+name: Create Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Release version (e.g., 1.0.0)'
+        required: true
+        type: string
+      release_type:
+        description: 'Type of release'
+        required: true
+        default: 'release'
+        type: choice
+        options:
+        - release
+        - prerelease
+
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.13'
+        
+    - name: Install uv
+      uses: astral-sh/setup-uv@v4
+      with:
+        version: "latest"
+        
+    - name: Install dependencies
+      run: |
+        uv sync --all-extras
+        
+    - name: Update version in pyproject.toml
+      run: |
+        uv version ${{ github.event.inputs.version }}
+        
+    - name: Build package
+      run: |
+        uv build
+        
+    - name: Commit version bump
+      run: |
+        git config --local user.email "action@github.com"
+        git config --local user.name "GitHub Action"
+        git add pyproject.toml
+        git commit -m "Bump version to ${{ github.event.inputs.version }}"
+        git push
+        
+    - name: Create Release
+      uses: softprops/action-gh-release@v2
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        tag_name: v${{ github.event.inputs.version }}
+        name: Release v${{ github.event.inputs.version }}
+        draft: false
+        prerelease: ${{ github.event.inputs.release_type == 'prerelease' }}
+        body: |
+          ## Changes in v${{ github.event.inputs.version }}
+          
+          <!-- Add release notes here -->
+          
+          ## Installation
+          
+          ```bash
+          pip install fastapi-secure-errors==${{ github.event.inputs.version }}
+          ```
+          
+          ## Assets
+          
+          The package distributions are available as build artifacts in the release workflow.
@@ -0,0 +1,63 @@
+name: Release
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    environment: release  # Specify the release environment
+    permissions:
+      id-token: write    # Required for trusted publishing
+      contents: write    # Required to add release assets and checkout code
+      
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.13'
+        
+    - name: Install uv
+      uses: astral-sh/setup-uv@v4
+      with:
+        version: "latest"
+        
+    - name: Install dependencies
+      run: |
+        uv sync --all-extras
+        
+    - name: Build package
+      run: |
+        uv build
+        
+    - name: Upload package artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: python-package-distributions
+        path: dist/
+        
+    - name: Verify package contents
+      run: |
+        ls -la dist/
+        echo "Package files created:"
+        for file in dist/*; do
+          echo "  - $(basename "$file")"
+        done
+        
+    - name: Add package to release assets
+      uses: softprops/action-gh-release@v2
+      with:
+        files: dist/*
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        
+    # Publish to PyPI using trusted publishing
+    - name: Publish to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
+      with:
+        # No token needed with trusted publishing!
+        verbose: true
@@ -0,0 +1,42 @@
+name: Tests
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ['3.13']
+        
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ matrix.python-version }}
+        
+    - name: Install uv
+      uses: astral-sh/setup-uv@v4
+      with:
+        version: "latest"
+        
+    - name: Install dependencies
+      run: |
+        uv sync --all-extras --group test
+        
+    - name: Run tests with coverage
+      run: |
+        uv run pytest tests/ --cov=src --cov-report=xml --cov-report=term-missing -v
+        
+    # - name: Upload coverage to Codecov
+    #   uses: codecov/codecov-action@v4
+    #   with:
+    #     file: ./coverage.xml
+    #     fail_ci_if_error: false