add tox for linting and testing and add ci/cd

Signed-off-by: Robert Marklund <robbelibobban@gmail.com>

Author: trollkarlen

.github/workflows/ci.yml

@@ -0,0 +1,174 @@
+name: CI/CD Pipeline
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+
+jobs:
+  lint:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+        python-version: ['3.11', '3.12', '3.13']
+    defaults:
+      run:
+        shell: bash
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v4
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Install Poetry
+      uses: snok/install-poetry@v1
+      with:
+        version: latest
+        virtualenvs-create: true
+        virtualenvs-in-project: true
+
+    - name: Load cached venv
+      id: cached-poetry-dependencies
+      uses: actions/cache@v4
+      with:
+        path: .venv
+        key: venv-${{ runner.os }}-${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}
+
+    - name: Install dependencies
+      if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
+      run: poetry install --with dev
+
+    - name: Run linting with tox
+      run: poetry run tox -e flake8,pylint,ruff
+
+  test:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+        python-version: ['3.11', '3.12', '3.13']
+    defaults:
+      run:
+        shell: bash
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v4
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Install Poetry
+      uses: snok/install-poetry@v1
+      with:
+        version: latest
+        virtualenvs-create: true
+        virtualenvs-in-project: true
+
+    - name: Load cached venv
+      id: cached-poetry-dependencies
+      uses: actions/cache@v4
+      with:
+        path: .venv
+        key: venv-${{ runner.os }}-${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}
+
+    - name: Check poetry version
+      run: poetry --version
+
+    - name: Install dependencies
+      if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
+      run: poetry install --with dev
+
+    - name: Run tests with tox
+      run: poetry run tox -vvv -e py${{ matrix.python-version }}
+
+  security:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.12'
+
+    - name: Install Poetry
+      uses: snok/install-poetry@v1
+      with:
+        version: latest
+        virtualenvs-create: true
+        virtualenvs-in-project: true
+
+    - name: Load cached venv
+      id: cached-poetry-dependencies
+      uses: actions/cache@v4
+      with:
+        path: .venv
+        key: venv-${{ runner.os }}-3.12-${{ hashFiles('**/poetry.lock') }}
+
+    - name: Install dependencies
+      if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
+      run: poetry install --with dev
+
+    - name: Run security checks
+      run: poetry run tox -e security
+
+    - name: Upload security reports
+      uses: actions/upload-artifact@v4
+      if: always()
+      with:
+        name: security-reports
+        path: |
+          bandit-report.json
+          safety-report.json
+
+  build:
+    needs: [lint, test]
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.12'
+
+    - name: Install Poetry
+      uses: snok/install-poetry@v1
+      with:
+        version: latest
+        virtualenvs-create: true
+        virtualenvs-in-project: true
+
+    - name: Load cached venv
+      id: cached-poetry-dependencies
+      uses: actions/cache@v4
+      with:
+        path: .venv
+        key: venv-${{ runner.os }}-3.12-${{ hashFiles('**/poetry.lock') }}
+
+    - name: Install dependencies
+      if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
+      run: poetry install --with dev
+
+    - name: Build package
+      run: poetry build
+
+    - name: Check package
+      run: poetry run twine check dist/*
+
+    - name: Upload build artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: dist
+        path: dist/

.gitlab-ci.yml

@@ -0,0 +1,201 @@
+stages:
+  - lint
+  - test
+  - security
+  - build
+
+variables:
+  POETRY_CACHE_DIR: "$CI_PROJECT_DIR/.cache/poetry"
+  POETRY_VIRTUALENVS_IN_PROJECT: "true"
+
+cache:
+  paths:
+    - .cache/poetry
+    - .venv/
+    - .tox/
+
+.lint-template: &lint-template
+  stage: lint
+  before_script:
+    - python -m pip install --upgrade pip
+    - pip install poetry
+    - poetry config cache-dir $POETRY_CACHE_DIR
+    - poetry install --with dev
+  script:
+    - poetry run tox -e flake8,pylint,ruff
+  artifacts:
+    reports:
+      junit: reports/
+    paths:
+      - .tox/
+    expire_in: 1 week
+  only:
+    - merge_requests
+    - main
+    - develop
+
+.test-template: &test-template
+  stage: test
+  before_script:
+    - python -m pip install --upgrade pip
+    - pip install poetry
+    - poetry config cache-dir $POETRY_CACHE_DIR
+    - poetry install --with dev
+  script:
+    - poetry run tox -e py$PYTHON_VERSION
+  artifacts:
+    reports:
+      junit: reports/
+    paths:
+      - .tox/
+    expire_in: 1 week
+  only:
+    - merge_requests
+    - main
+    - develop
+
+# Linux jobs
+lint-linux:
+  <<: *lint-template
+  image: python:3.12-slim
+  tags:
+    - linux
+    - docker
+
+test-linux-311:
+  <<: *test-template
+  image: python:3.11-slim
+  variables:
+    PYTHON_VERSION: "311"
+  tags:
+    - linux
+    - docker
+
+test-linux-312:
+  <<: *test-template
+  image: python:3.12-slim
+  variables:
+    PYTHON_VERSION: "312"
+  tags:
+    - linux
+    - docker
+
+test-linux-313:
+  <<: *test-template
+  image: python:3.13-slim
+  variables:
+    PYTHON_VERSION: "313"
+  tags:
+    - linux
+    - docker
+
+# Windows jobs
+lint-windows:
+  <<: *lint-template
+  tags:
+    - windows
+    - shell
+
+test-windows-311:
+  <<: *test-template
+  tags:
+    - windows
+    - shell
+  variables:
+    PYTHON_VERSION: "311"
+
+test-windows-312:
+  <<: *test-template
+  tags:
+    - windows
+    - shell
+  variables:
+    PYTHON_VERSION: "312"
+
+test-windows-313:
+  <<: *test-template
+  tags:
+    - windows
+    - shell
+  variables:
+    PYTHON_VERSION: "313"
+
+# macOS jobs
+lint-macos:
+  <<: *lint-template
+  tags:
+    - macos
+    - shell
+
+test-macos-311:
+  <<: *test-template
+  tags:
+    - macos
+    - shell
+  variables:
+    PYTHON_VERSION: "311"
+
+test-macos-312:
+  <<: *test-template
+  tags:
+    - macos
+    - shell
+  variables:
+    PYTHON_VERSION: "312"
+
+test-macos-313:
+  <<: *test-template
+  tags:
+    - macos
+    - shell
+  variables:
+    PYTHON_VERSION: "313"
+
+# Security checks
+security:
+  stage: security
+  image: python:3.12-slim
+  before_script:
+    - python -m pip install --upgrade pip
+    - pip install poetry
+    - poetry config cache-dir $POETRY_CACHE_DIR
+    - poetry install --with dev
+  script:
+    - poetry run tox -e security
+  artifacts:
+    reports:
+      sast: gl-sast-report.json
+    paths:
+      - bandit-report.json
+      - safety-report.json
+    expire_in: 1 week
+  only:
+    - merge_requests
+    - main
+    - develop
+  tags:
+    - linux
+    - docker
+
+# Build stage
+build:
+  stage: build
+  image: python:3.12-slim
+  before_script:
+    - python -m pip install --upgrade pip
+    - pip install poetry
+    - poetry config cache-dir $POETRY_CACHE_DIR
+    - poetry install --with dev
+  script:
+    - poetry build
+    - poetry run twine check dist/*
+  artifacts:
+    paths:
+      - dist/
+    expire_in: 1 week
+  only:
+    - main
+    - develop
+  tags:
+    - linux
+    - docker