ci: add GitHub Actions CI pipeline

Michspirit99 · Michspirit99 · commit 34c7c8233d25 · 2026-02-07T19:47:27.000-08:00
- Validates code across Python 3.12/3.13 on Ubuntu and Windows
- Runs: pip check, compileall, ruff lint, pytest import smoke tests
- No live Copilot calls by default (contributor-friendly)
- CI-SETUP.md documents philosophy and local validation
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,57 @@
+name: CI
+
+on:
+  push:
+    branches: ["**"]
+  pull_request:
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ci-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  validate:
+    name: Validate (${{ matrix.os }}, Python ${{ matrix.python-version }})
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: ["ubuntu-latest", "windows-latest"]
+        python-version: ["3.12", "3.13"]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: pip
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install -r requirements.txt
+          python -m pip install pytest ruff
+
+      - name: Verify environment
+        run: |
+          python --version
+          python -m pip --version
+          python -m pip check
+
+      - name: Static checks (compile)
+        run: |
+          python -m compileall -q samples scripts
+
+      - name: Lint (ruff)
+        run: |
+          python -m ruff check .
+
+      - name: Tests
+        run: |
+          python -m pytest -q
diff --git a/CI-SETUP.md b/CI-SETUP.md
@@ -0,0 +1,60 @@
+# CI Setup
+
+This repo contains runnable Copilot SDK sample scripts. In CI, we **do not run** the scripts end-to-end because they require:
+
+- GitHub Copilot CLI availability and authentication
+- Network access
+- Potentially premium model usage depending on your Copilot plan
+
+Instead, CI validates that the repository stays healthy for contributors.
+
+## What CI does
+
+The workflow in [.github/workflows/ci.yml](.github/workflows/ci.yml) runs:
+
+1. **Dependency install** (`pip install -r requirements.txt`)
+2. **Environment verification** (`pip check`)
+3. **Static compile check** (`python -m compileall samples`)
+4. **Import smoke tests** (imports each script under `samples/` to ensure there are no missing top-level dependencies)
+
+## Local equivalent
+
+From repo root:
+
+- Create/activate a venv
+- `pip install -r requirements.txt`
+- `python -m compileall samples`
+- `pytest -q`
+
+## Running samples for real
+
+To run the samples end-to-end locally, you’ll need:
+
+- Copilot CLI installed and authenticated (`copilot auth login`)
+- For the Playwright sample: `python -m playwright install chromium`
+
+## Optional CI proof (E2E)
+
+If you want CI to run real networked scenarios as proof, use the manual workflow in [.github/workflows/agent-scenarios.yml](.github/workflows/agent-scenarios.yml).
+
+It supports two modes:
+
+1) `provider=copilot` (unattended Copilot models)
+
+The Copilot SDK client supports non-interactive auth via a GitHub token. Configure this repository secret:
+
+- `COPILOT_GITHUB_TOKEN`
+
+This should be a token that can authenticate as a user with access to Copilot models in your org/account (for example, a PAT/fine-grained token depending on your GitHub policies).
+
+1) `provider=openai` (BYOK)
+
+Configure this repository secret:
+
+- `OPENAI_API_KEY`
+
+Optional:
+
+- `OPENAI_BASE_URL` (defaults to `https://api.openai.com/v1`)
+
+The workflow uploads an `agent-scenarios.txt` transcript as an artifact.
diff --git a/tests/test_imports.py b/tests/test_imports.py
@@ -0,0 +1,29 @@
+from __future__ import annotations
+
+import importlib.util
+from pathlib import Path
+
+
+def _import_module_from_path(py_file: Path) -> None:
+    module_name = f"samples_{py_file.stem}"
+    spec = importlib.util.spec_from_file_location(module_name, py_file)
+    assert spec is not None
+    assert spec.loader is not None
+    module = importlib.util.module_from_spec(spec)
+    spec.loader.exec_module(module)
+
+
+def test_samples_import_cleanly() -> None:
+    """Import each sample script to catch missing deps / syntax errors.
+
+    These scripts should be safe to import because they guard runtime work
+    with `if __name__ == "__main__":`.
+    """
+    repo_root = Path(__file__).resolve().parents[1]
+    samples_dir = repo_root / "samples"
+
+    py_files = sorted(p for p in samples_dir.glob("*.py") if not p.name.startswith("_"))
+    assert py_files, "No sample files found"
+
+    for py_file in py_files:
+        _import_module_from_path(py_file)
