feat(ci): Add Python linting CI workflow with ruff #889
Description
Summary
The repository has no CI enforcement for Python code quality. All existing languages (Markdown, PowerShell, YAML) have dedicated linting workflows called from the pr-validation.yml orchestrator. Adding a Python linting workflow with ruff closes this gap and satisfies the OSSF Best Practices coding_standards_enforced MUST criterion for silver badge compliance.
Context
The CI architecture uses reusable workflows stored at .github/workflows/.yml called by a pr-validation.yml orchestrator. Each reusable workflow accepts standard inputs like soft-fail (boolean, allows workflow to pass even if linting fails) and changed-files-only (boolean, scopes checks to files changed in the PR). This pattern was established through prior CI expansion work (#634, closed).
Ruff is the project's chosen Python linter and formatter, as configured in uv-projects.instructions.md and the Python coding standards. It provides both linting (ruff check) and format checking (ruff format --check) in a single fast tool.
This workflow has HIGH OSSF impact. Without CI-enforced linting for Python, adding Python as a supported language puts the coding_standards_enforced MUST criterion at risk, potentially affecting the silver badge.
Architecture: Multi-Skill Working Directory
The reusable workflow should accept a working-directory input parameter so the orchestrator can call it once per Python skill directory:
on:
workflow_call:
inputs:
working-directory:
type: string
required: false
default: ".github/skills/experimental/powerpoint"
soft-fail:
type: boolean
required: false
default: false
changed-files-only:
type: boolean
required: false
default: falseThe orchestrator (pr-validation.yml) calls this workflow once per Python skill directory. When a second Python skill is added, the orchestrator gains another job pointing to that skill's directory, with no changes to the reusable workflow itself. Each skill's pyproject.toml contains its own [tool.ruff] configuration, so ruff discovers the correct settings when run in the skill's working directory.
Changes Required
| File | Action | Change |
|---|---|---|
.github/workflows/python-lint.yml |
CREATE | New reusable workflow running ruff check and ruff format --check |
.github/workflows/pr-validation.yml |
MODIFY | Add job calling python-lint.yml with standard inputs |
The new workflow should follow the established reusable workflow pattern:
- Accept
soft-fail,changed-files-only, andworking-directoryinputs - Install
uvand runuv sync --lockedin the specified working directory for dependencies - Run
ruff checkwith appropriate configuration - Run
ruff format --checkto verify formatting - Output results in a structured format consistent with other linting workflows
Acceptance Criteria
-
.github/workflows/python-lint.ymlexists as a reusable workflow - Workflow accepts
soft-fail,changed-files-only, andworking-directorystandard inputs -
ruff checkruns against Python files and reports violations -
ruff format --checkverifies formatting compliance -
pr-validation.ymlcalls the new workflow as a job in the validation matrix - Workflow passes when no Python files are changed (changed-files-only mode)
- Workflow correctly reports failures when ruff finds violations
-
soft-failmode allows the workflow to pass with warnings rather than failures - Adding a new Python skill requires only a new orchestrator job entry, no workflow changes
OSSF Impact
| Criterion | Status | Impact |
|---|---|---|
coding_standards_enforced |
MUST (silver) | Satisfied by this workflow — ruff enforces coding standards for Python |
Dependencies
- Benefits from
uvbeing pre-installed (feat(devcontainer): Add Python development extensions and uv package manager #887, feat(ci): Add uv and Python package sync to copilot-setup-steps #888) but can installuvwithin the workflow itself - Benefits from npm scripts (feat(scripts): Add npm run scripts for Python linting and testing #886) but can invoke ruff directly
Related
- PR feat(skills): add PowerPoint automation skill with YAML-driven deck generation #868 — PowerPoint automation skill (first Python skill)
- feat(ci): Add Python file extensions to copyright/SPDX header validation #883 — Copyright/SPDX header validation for Python
- feat(ci): Add Python to CodeQL analysis language matrix #884 — CodeQL Python integration
- feat(scripts): Add npm run scripts for Python linting and testing #886 — npm scripts for Python
- feat(skills): Mandate unit testing, extend CI coverage, and document language support process #634 — Prior CI coverage expansion work (closed)