1  name: "Master Python Pipeline"
 2  
 3  on:
 4    workflow_call:
 5      inputs:
 6        repo_name:
 7          required: true
 8          type: string
 9      secrets:
10        CI_READ: required
11        RAD_PASSPHRASE: required
12  
13  jobs:
14    verify:
15      runs-on: native
16      steps:
17        - uses: actions/checkout@v4
18        - uses: actions/setup-python@v4
19          with: { python-version: '3.11' }
20  
21        - name: Install Deps
22          run: pip install -r backend/requirements.txt || pip install -r requirements.txt
23  
24        - name: Lint (Ruff)
25          run: |
26            pip install ruff
27            ruff check .
28  
29        - name: Security (Safety)
30          run: |
31            pip install safety
32            safety check
33  
34        - name: Test
35          run: |
36            pip install pytest
37            pytest
38  
39    radicle-sync:
40      needs: verify
41      if: github.ref == 'refs/heads/main'
42      runs-on: native
43      steps:
44        - uses: actions/checkout@v4
45          with: { fetch-depth: 0 }
46        - name: Sync to Radicle
47          env: { RAD_PASSPHRASE: ${{ secrets.RAD_PASSPHRASE }} }
48          run: echo "Pushing Python tool to Radicle..."