Awesome-omni-skill python-github-actions
Complete Python GitHub Actions system. PROACTIVELY activate for: (1) uv-based CI workflows (10-100x faster), (2) Matrix testing across Python versions, (3) Dependency caching with setup-uv, (4) Parallel test execution, (5) Reusable workflows, (6) Publishing to PyPI with trusted publishing, (7) Code coverage with codecov, (8) Security scanning. Provides: Workflow templates, caching config, matrix strategies, composite actions. Ensures fast, reliable CI/CD pipelines.
install
source · Clone the upstream repo
git clone https://github.com/diegosouzapw/awesome-omni-skill
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/diegosouzapw/awesome-omni-skill "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/cli-automation/python-github-actions" ~/.claude/skills/diegosouzapw-awesome-omni-skill-python-github-actions && rm -rf "$T"
manifest:
skills/cli-automation/python-github-actions/SKILL.mdsafety · automated scan (low risk)
This is a pattern-based risk scan, not a security review. Our crawler flagged:
- pip install
Always read a skill's source content before installing. Patterns alone don't mean the skill is malicious — but they warrant attention.
source content
Quick Reference
| Action | Purpose | Speed |
|---|---|---|
| Install uv + caching | 10-100x faster |
| Traditional pip | Baseline |
| uv CI Pattern | Code |
|---|---|
| Setup | |
| Install Python | |
| Sync deps | |
| Run tests | |
| Matrix Strategy | Config |
|---|---|
| Python versions | |
| Operating systems | |
| Fail fast | |
| Optimization | Technique |
|---|---|
| Caching | |
| Parallel jobs | Split lint/test/build |
| Concurrency | |
| Path filters | |
When to Use This Skill
Use for CI/CD pipelines:
- Setting up GitHub Actions for Python projects
- Caching dependencies for fast builds
- Matrix testing across Python versions
- Publishing packages to PyPI
- Code coverage and security scanning
Related skills:
- For package management: see
python-package-management - For testing: see
python-testing - For type checking: see
python-type-hints
Python GitHub Actions Optimization
Overview
GitHub Actions is the primary CI/CD platform for Python projects. This guide covers best practices for fast, reliable, and efficient Python workflows.
Quick Start Workflow
# .github/workflows/ci.yml name: CI on: push: branches: [main] pull_request: branches: [main] jobs: test: runs-on: ubuntu-latest strategy: matrix: python-version: ["3.11", "3.12", "3.13"] steps: - uses: actions/checkout@v4 - name: Install uv uses: astral-sh/setup-uv@v4 - name: Set up Python ${{ matrix.python-version }} run: uv python install ${{ matrix.python-version }} - name: Install dependencies run: uv sync --all-extras --dev - name: Run linting run: uv run ruff check . - name: Run type checking run: uv run mypy src - name: Run tests run: uv run pytest --cov
Modern uv-Based Workflow
Setup with uv
name: CI with uv on: push: branches: [main] pull_request: jobs: lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install uv uses: astral-sh/setup-uv@v4 with: version: "latest" enable-cache: true # Automatic caching! - name: Lint with ruff run: | uv run ruff check . uv run ruff format --check . type-check: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 with: enable-cache: true - name: Type check with mypy run: uv run mypy src test: runs-on: ubuntu-latest strategy: fail-fast: false matrix: python-version: ["3.11", "3.12", "3.13"] steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 with: enable-cache: true - name: Set up Python run: uv python install ${{ matrix.python-version }} - name: Install dependencies run: uv sync --all-extras - name: Run tests run: uv run pytest -v --cov --cov-report=xml - name: Upload coverage uses: codecov/codecov-action@v4 with: file: ./coverage.xml
Dependency Caching with uv
# uv handles caching automatically with setup-uv - uses: astral-sh/setup-uv@v4 with: enable-cache: true cache-dependency-glob: "uv.lock" # This caches: # - Downloaded packages # - Python installations # - Virtual environments
Traditional pip-Based Workflow
Manual Caching Setup
name: CI with pip on: [push, pull_request] jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: "3.12" cache: "pip" # Built-in pip caching cache-dependency-path: | requirements.txt requirements-dev.txt - name: Install dependencies run: | python -m pip install --upgrade pip pip install -r requirements.txt pip install -r requirements-dev.txt - name: Run tests run: pytest
Advanced Caching
- name: Cache pip packages uses: actions/cache@v4 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }} restore-keys: | ${{ runner.os }}-pip- - name: Cache pre-commit hooks uses: actions/cache@v4 with: path: ~/.cache/pre-commit key: pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
Parallel and Matrix Builds
Efficient Matrix Strategy
jobs: test: runs-on: ${{ matrix.os }} strategy: fail-fast: false # Don't cancel all on first failure matrix: os: [ubuntu-latest, windows-latest, macos-latest] python-version: ["3.11", "3.12", "3.13"] exclude: # Skip Python 3.13 on Windows (if issues) - os: windows-latest python-version: "3.13" steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 with: enable-cache: true - run: uv python install ${{ matrix.python-version }} - run: uv sync - run: uv run pytest
Split by Test Type
jobs: unit: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 - run: uv sync - run: uv run pytest tests/unit -v integration: runs-on: ubuntu-latest needs: unit # Run after unit tests pass steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 - run: uv sync - run: uv run pytest tests/integration -v e2e: runs-on: ubuntu-latest needs: integration steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 - run: uv sync - run: uv run pytest tests/e2e -v
Reusable Workflows
Composite Action
# .github/actions/python-setup/action.yml name: Python Setup description: Set up Python environment with uv inputs: python-version: description: Python version to use default: "3.12" runs: using: composite steps: - name: Install uv uses: astral-sh/setup-uv@v4 with: enable-cache: true - name: Set up Python shell: bash run: uv python install ${{ inputs.python-version }} - name: Install dependencies shell: bash run: uv sync --all-extras
# .github/workflows/ci.yml jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: ./.github/actions/python-setup with: python-version: "3.12" - run: uv run pytest
Reusable Workflow
# .github/workflows/python-test.yml name: Reusable Python Test on: workflow_call: inputs: python-version: type: string default: "3.12" jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 with: enable-cache: true - run: uv python install ${{ inputs.python-version }} - run: uv sync - run: uv run pytest
# .github/workflows/ci.yml jobs: test-3-11: uses: ./.github/workflows/python-test.yml with: python-version: "3.11" test-3-12: uses: ./.github/workflows/python-test.yml with: python-version: "3.12"
YAML Anchors (2025 Feature)
# Reduce repetition with anchors name: CI on: [push, pull_request] # Define anchor x-common-steps: &common-steps - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 with: enable-cache: true jobs: lint: runs-on: ubuntu-latest steps: *common-steps # Reference anchor - run: uv run ruff check . test: runs-on: ubuntu-latest steps: *common-steps # Reuse same steps - run: uv sync - run: uv run pytest
Publishing to PyPI
name: Publish on: release: types: [published] jobs: publish: runs-on: ubuntu-latest permissions: id-token: write # Required for trusted publishing steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 - name: Build package run: uv build - name: Publish to PyPI uses: pypa/gh-action-pypi-publish@release/v1 # No password needed with trusted publishing!
Comprehensive CI/CD Example
name: CI/CD on: push: branches: [main] pull_request: release: types: [published] env: PYTHON_VERSION: "3.12" jobs: # ========== Quality Checks ========== lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 with: enable-cache: true - run: uv sync --only-dev - run: uv run ruff check . - run: uv run ruff format --check . type-check: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 with: enable-cache: true - run: uv sync - run: uv run mypy src # ========== Tests ========== test: needs: [lint, type-check] runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] python-version: ["3.11", "3.12", "3.13"] steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 with: enable-cache: true - run: uv python install ${{ matrix.python-version }} - run: uv sync - name: Run tests run: uv run pytest -v --cov --cov-report=xml - name: Upload coverage if: matrix.os == 'ubuntu-latest' && matrix.python-version == '3.12' uses: codecov/codecov-action@v4 with: file: ./coverage.xml fail_ci_if_error: true # ========== Security ========== security: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 - run: uv sync - run: uv run pip-audit # Check for known vulnerabilities - run: uv run bandit -r src # Security linting # ========== Build ========== build: needs: test runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v4 - name: Build package run: uv build - name: Upload artifact uses: actions/upload-artifact@v4 with: name: dist path: dist/ # ========== Publish ========== publish: if: github.event_name == 'release' needs: build runs-on: ubuntu-latest permissions: id-token: write steps: - uses: actions/download-artifact@v4 with: name: dist path: dist/ - name: Publish to PyPI uses: pypa/gh-action-pypi-publish@release/v1
Performance Optimization Tips
1. Use uv for Fastest Installs
# uv is 10-100x faster than pip - uses: astral-sh/setup-uv@v4 with: enable-cache: true
2. Fail Fast (or Not)
strategy: fail-fast: true # Cancel all on first failure (faster feedback) fail-fast: false # Run all (complete coverage)
3. Job Dependencies
jobs: lint: runs-on: ubuntu-latest test: needs: lint # Only run if lint passes runs-on: ubuntu-latest
4. Concurrency Control
concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true # Cancel previous runs on same branch
5. Skip Unnecessary Runs
on: push: paths: - "src/**" - "tests/**" - "pyproject.toml" paths-ignore: - "**.md" - "docs/**"
6. ARM64 Runners (2025)
# Free ARM64 runners for public repos runs-on: ubuntu-24.04-arm64 # Faster for ARM-native workloads
Common Issues & Solutions
Issue: Slow pip install
# Solution: Use uv - uses: astral-sh/setup-uv@v4 with: enable-cache: true
Issue: Cache not working
# Solution: Verify cache key matches dependency files - uses: actions/cache@v4 with: path: ~/.cache key: deps-${{ hashFiles('uv.lock', 'pyproject.toml') }}
Issue: Python version not found
# Solution: Use uv to manage Python versions - uses: astral-sh/setup-uv@v4 - run: uv python install 3.13 # Works even for newest versions
Issue: Tests fail on Windows
# Solution: Normalize line endings - uses: actions/checkout@v4 with: # Prevent Windows line ending issues persist-credentials: false # Or in .gitattributes # *.py text eol=lf