9 Commits

Author	SHA1	Message	Date
Kevin Veen-Birkenbach	ea84c1b14e	Add ShellCheck and Ruff code sniffers to CI and release workflows ... - Introduce dedicated ShellCheck workflow for Bash scripts - Add Ruff as Python code sniffer for src/ and tests/ - Integrate both sniffers into main CI pipeline - Require successful sniffer runs before marking a release as stable - Ensure consistent code quality checks across CI and release workflows https://chatgpt.com/share/693d5b26-293c-800f-999d-48b2950b9417	2025-12-13 13:24:58 +01:00
Kevin Veen-Birkenbach	324f6db1f3	ci: split container tests into virtualenv and Nix flake environments ... Refactor CI to clearly separate virtualenv-based container tests from pure Nix flake tests across all distros (arch, debian, ubuntu, fedora, centos). Introduce dedicated test-env-nix workflow and Makefile targets, rename former container tests to test-env-virtual, and update stable pipeline dependencies. Improve Nix reliability in containers by fixing installer permissions and explicitly validating nix availability and version during image build and tests.	2025-12-12 12:15:40 +01:00
Kevin Veen-Birkenbach	3eb7c81fa1	**Mark stable only on highest version tag** ... Updated the `mark-stable` workflow so that the `stable` tag is only moved when: * the current push is a version tag (`v*`) * all tests have passed * the pushed version tag is the highest semantic version among all existing tags This ensures that `stable` always reflects the latest valid release and prevents older version tags from overwriting it. https://chatgpt.com/share/693b163b-0c34-800f-adcb-12cf4744dbe2	2025-12-11 20:06:22 +01:00
Kevin Veen-Birkenbach	eeda944b73	ci: migrate tests to reusable workflows and introduce stable-tag pipeline ... - convert all test workflows to reusable workflow_call - add central CI workflow for branches and PRs - add mark-stable workflow triggered on main pushes - ensure stable tag updates only after all tests succeed - remove duplicated triggers from test workflows ` https://chatgpt.com/share/693aa4a6-7460-800f-ba47-cfc15b1b2236	2025-12-11 13:04:44 +01:00
Kevin Veen-Birkenbach	52cfbebba4	ci: make mark-stable robust for workflow_run ... - fetch workflow_run runs without head_sha filter - match by workflow name and head_sha in jq - keep tagging logic and permissions unchanged https://chatgpt.com/share/693aa4a6-7460-800f-ba47-cfc15b1b2236	2025-12-11 12:46:42 +01:00
Kevin Veen-Birkenbach	e9e083c9dd	ci: finalize mark-stable workflow fixes ... - use correct GitHub API path (/repos/.../actions/runs) - resolve repository via workflow_run.repository.full_name - improve logging and safe no-tag exits - ensure correct token handling and tag update logic https://chatgpt.com/share/693aa4a6-7460-800f-ba47-cfc15b1b2236	2025-12-11 12:38:12 +01:00
Kevin Veen-Birkenbach	3218b2b39f	ci: fix mark-stable workflow for workflow_run events ... - use workflow_run.repository.full_name for gh API queries - expose GITHUB_TOKEN as GH_TOKEN for the GitHub CLI - improve log messages and keep tag skipped when checks are missing or failing	2025-12-11 12:26:29 +01:00
Kevin Veen-Birkenbach	ba296a79c9	ci: fix mark-stable permissions and ignore Nix result symlink ... https://chatgpt.com/share/693aa4a6-7460-800f-ba47-cfc15b1b2236	2025-12-11 12:16:34 +01:00
Kevin Veen-Birkenbach	62e05e2f5b	ci: tag commit as stable after full test matrix ... - add mark-stable workflow that runs on workflow_run for all test pipelines - use GitHub API to ensure all required workflows succeeded before moving the 'stable' tag - add Nix flake.lock to pin nixpkgs for reproducible builds https://chatgpt.com/share/693aa4a6-7460-800f-ba47-cfc15b1b2236	2025-12-11 12:01:21 +01:00