guardrails-ai/guardrails
10 workflows · maturity 83% · 9 patterns · GitHub ↗
Practices
✓ Matrix✓ Permissions○ Security scan✓ AI review✓ Cache✓ Concurrency○ Reusable workflows
Detected patterns
Security dimensions
Workflows (10)
autoclose_stale_issues_and_prs perms .github/workflows/autoclose_stale_issues_and_prs.yml
View raw YAML
name: 'Close stale issues and PRs'
on:
schedule:
- cron: '30 3 * * *'
# modify permissions to allow writing to issues and PRs
permissions:
contents: write # only for delete-branch option
issues: write
pull-requests: write
jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v9
with:
stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 14 days.'
stale-pr-message: 'This PR is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 14 days.'
close-issue-message: 'This issue was closed because it has been stalled for 14 days with no activity.'
close-pr-message: 'This PR was closed because it has been stalled for 14 days with no activity.'
days-before-issue-stale: 60
days-before-pr-stale: 60
days-before-issue-close: 30
days-before-pr-close: 30
repo-token: ${{ secrets.GITHUB_TOKEN }}
operations-per-run: 300
autopr AI .github/workflows/autopr.yml
View raw YAML
name: AutoPR
on:
issues:
types: [edited]
jobs:
autopr:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: AutoPR
uses: irgolic/AutoPR@v0.1.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
openai_api_key: ${{ secrets.OPENAI_API_KEY }}
issue_number: ${{ github.event.issue.number }}
issue_title: ${{ github.event.issue.title }}
issue_body: ${{ github.event.issue.body }}
ci matrix .github/workflows/ci.yml
View raw YAML
name: CI
on:
push:
branches:
- main
- dev
pull_request:
branches:
- main
- dev
- feat/*
- 0.*.*
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
LicenseChecks:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ["3.10", "3.11", "3.12", "3.13"]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
uses: snok/install-poetry@v1
- name: Install Dependencies
# TODO: fix errors so that we can run `make dev` instead
run: |
# Setup Virtual Environment
python3 -m venv ./.venv
source .venv/bin/activate
make dev
- name: Check license
run: |
source .venv/bin/activate
.venv/bin/pip install greenlet "setuptools<81"
.venv/bin/liccheck
Linting:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ["3.10", "3.11", "3.12", "3.13"]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
uses: snok/install-poetry@v1
- name: Install Dependencies
run: |
# Setup Virtual Environment
python3 -m venv ./.venv
source .venv/bin/activate
make dev
- name: Lint with ruff
run: |
source .venv/bin/activate
make lint
Typing:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ["3.10", "3.11", "3.12", "3.13"]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
uses: snok/install-poetry@v1
- name: Install Dependencies
run: |
# Setup Virtual Environment
python3 -m venv ./.venv
source .venv/bin/activate
make full
- name: Static analysis with pyright
run: |
source .venv/bin/activate
make type
Pytests:
runs-on: LargeBois
strategy:
matrix:
python-version: ["3.10", "3.11", "3.12", "3.13"]
# TODO: fix errors so that we can run both `make dev` and `make full`
# dependencies: ['dev', 'full']
# dependencies: ["full"]
steps:
- uses: actions/checkout@v4
- name: Create .guardrailsrc
run: |
echo 'id="SYSTEM TESTING"' > ~/.guardrailsrc
echo 'enable_metrics=false' >> ~/.guardrailsrc
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
uses: snok/install-poetry@v1
- name: Install Dependencies
run: |
# Setup Virtual Environment
python3 -m venv ./.venv
source .venv/bin/activate
make full
if [ "${{ matrix.python-version }}" == "3.12" ]; then
echo "Installing latest langchain-core and langsmith from PyPI"
pip install "langchain-core>=0.2" "langsmith<0.2.0,>=0.1.75"
fi
- name: Run Pytests
run: |
source .venv/bin/activate
echo "langchain-core version:"
pip show langchain-core
echo "langsmith version:"
pip show langsmith
make test-cov
- name: Upload to codecov.io
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
file: ./coverage.xml
flags: unittests
name: codecov-umbrella
fail_ci_if_error: truecli-compatibility matrix .github/workflows/cli-compatibility.yml
View raw YAML
name: CLI Compatibility Tests
on:
push:
branches: [ main ]
paths:
- guardrails/**
- pyproject.toml
workflow_dispatch:
jobs:
CLI-Compatibility:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ["3.10", "3.11", "3.12", "3.13"]
typer-version: ["0.16.0", "0.17.0", "0.18.0", "0.19.2"]
click-version: ["8.1.0", "8.2.0"]
exclude:
- typer-version: "0.16.0"
click-version: "8.2.0"
- typer-version: "0.16.0"
click-version: "8.2.1"
- typer-version: "0.16.0"
click-version: "8.3.0"
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
uses: snok/install-poetry@v1
- name: Install Dependencies
run: |
# Setup Virtual Environment
python3 -m venv ./.venv
source .venv/bin/activate
# Install dev dependencies
poetry install --extras dev
# Install specific typer and click versions
pip install typer==${{ matrix.typer-version }} click==${{ matrix.click-version }}
- name: Test CLI Commands
run: |
source .venv/bin/activate
# Test basic CLI help
guardrails --help
# Test validate command help
guardrails validate --help
# Test hub command help
guardrails hub --help
# Test configure command help
guardrails configure --help
# Test hub list command (end-to-end)
guardrails hub list
# Create a simple RAIL spec for testing validate command
cat > test_spec.rail << 'EOF'
<rail version="0.1">
<output>
<string name="answer" description="A simple answer"/>
</output>
<prompt>
Answer the question: What is 2+2?
</prompt>
</rail>
EOF
# Test validate command end-to-end with the RAIL spec
echo '{"answer": "4"}' | guardrails validate test_spec.rail -
# Clean up
rm test_spec.raildeploy_docs perms .github/workflows/deploy_docs.yml
View raw YAML
# Simple workflow for deploying static content to GitHub Pages
name: Deploy static content to Pages
on:
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
permissions:
contents: read
pages: write
id-token: write
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
concurrency:
group: "pages"
cancel-in-progress: false
jobs:
# Single deploy job since we're just deploying
deploy:
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Pages
uses: actions/configure-pages@v3
- name: Poetry cache
uses: actions/cache@v3
with:
path: ~/.cache/pypoetry
key: poetry-cache-${{ runner.os }}-${{ steps.setup_python.outputs.python-version }}-${{ env.POETRY_VERSION }}
- name: Install Poetry
uses: snok/install-poetry@v1
- name: Install dependencies
run: poetry install --with docs
- name: Build
run: poetry run mkdocs build
- name: Upload artifact
uses: actions/upload-pages-artifact@v2
with:
# Upload build folder
path: 'site'
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v2
examples_check matrix .github/workflows/examples_check.yml
View raw YAML
name: Notebook Execution and Error Check
on:
schedule:
- cron: "0 0 * * *"
push:
branches:
- main
- dev
paths:
- guardrails/**
- pyproject.toml
workflow_dispatch: # This enables manual triggering
jobs:
execute_notebooks:
runs-on: ubuntu-latest
strategy:
matrix:
# this line is automatically generated by the script in .github/workflows/scripts/update_notebook_matrix.sh
notebook: ["bug_free_python_code.ipynb","check_for_pii.ipynb","competitors_check.ipynb","constrained_decoding.ipynb","extracting_entities.ipynb","generate_structured_data_cohere.ipynb","generate_structured_data.ipynb","guard_use.ipynb","guardrails_with_chat_models.ipynb","input_validation.ipynb","json_function_calling_tools.ipynb","langchain_integration.ipynb","lite_llm_defaults.ipynb","llamaindex-output-parsing.ipynb","no_secrets_in_generated_text.ipynb","provenance.ipynb","recipe_generation.ipynb","regex_validation.ipynb","response_is_on_topic.ipynb","secrets_detection.ipynb","select_choice_based_on_action.ipynb","summarizer.ipynb","syntax_error_free_sql.ipynb","text_summarization_quality.ipynb","toxic_language.ipynb","translation_to_specific_language.ipynb","valid_chess_moves.ipynb","value_within_distribution.ipynb"]
env:
COHERE_API_KEY: ${{ secrets.COHERE_API_KEY }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
HUGGINGFACE_API_KEY: ${{ secrets.HUGGINGFACE_API_KEY }}
MISTRAL_API_KEY: ${{ secrets.MISTRAL_API_KEY }}
GUARDRAILS_API_KEY: ${{ secrets.GUARDRAILS_API_KEY }}
NLTK_DATA: /tmp/nltk_data
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
- name: Create .guardrailsrc
run: |
echo 'id="SYSTEM TESTING"' > ~/.guardrailsrc
echo 'no_metrics=false' >> ~/.guardrailsrc
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: 3.13.x
- name: Install dependencies
run: |
# Setup Virtual Environment
python3 -m venv ./.venv
source .venv/bin/activate
# Install the current branch
pip install .
# Install extra stuff for notebook runs
pip install "huggingface_hub[cli]" jupyter nbconvert cohere==5.3.2
pip install nltk
- name: Huggingface Hub Login
run: |
source .venv/bin/activate
huggingface-cli login --token $HUGGINGFACE_API_KEY
- name: download nltk data
run: |
source .venv/bin/activate
mkdir /tmp/nltk_data;
python -m nltk.downloader -d /tmp/nltk_data punkt;
- name: Login to Guardrails
run: |
source .venv/bin/activate
guardrails configure --token $GUARDRAILS_API_KEY --disable-metrics --enable-remote-inferencing
- name: Execute notebooks and check for errors
run: |
source .venv/bin/activate
bash ./.github/workflows/scripts/run_notebooks.sh ${{ matrix.notebook }}
find_dead_links .github/workflows/find_dead_links.yml
View raw YAML
on:
schedule:
- cron: 0 12 * * * # run monthly
workflow_dispatch:
name: Broken Link Check
jobs:
check:
name: Broken Link Check
runs-on: ubuntu-latest
steps:
- name: Broken Link Check
uses: technote-space/broken-link-checker-action@v2install_from_hub .github/workflows/install_from_hub.yml
View raw YAML
name: Install from Hub
on:
push:
branches:
- main
paths:
- guardrails/**
- pyproject.toml
workflow_dispatch: # This enables manual triggering
jobs:
install_from_hub:
runs-on: ubuntu-latest
env:
GUARDRAILS_API_KEY: ${{ secrets.GUARDRAILS_API_KEY }}
steps:
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: 3.13.x
- name: pip install from main
run: pip install git+https://github.com/guardrails-ai/guardrails.git@main
- name: Install PII validator
run: |
guardrails configure --token $GUARDRAILS_API_KEY --disable-metrics --enable-remote-inferencing;
guardrails hub install hub://guardrails/detect_pii;
- name: Verify PII validator is addressable
run: echo 'from guardrails.hub import DetectPII' | python
release_version .github/workflows/release_version.yml
View raw YAML
name: Release PyPi Version
on:
workflow_dispatch: # This event allows manual triggering
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v2
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: 3.13.x
- name: Poetry cache
uses: actions/cache@v3
with:
path: ~/.cache/pypoetry
key: poetry-cache-${{ runner.os }}-${{ steps.setup_python.outputs.python-version }}-${{ env.POETRY_VERSION }}
- name: Install Poetry
uses: snok/install-poetry@v1
- name: Install dependencies
run: make full
- name: Upload to PyPI
env:
PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
run: poetry publish --build -u __token__ -p $PYPI_PASSWORD
server_ci .github/workflows/server_ci.yml
View raw YAML
name: Server CI
on:
push:
branches:
- main
paths:
- guardrails/**
- pyproject.toml
workflow_dispatch:
jobs:
build-test-server:
runs-on: ubuntu-latest
steps:
- name: Check out head
uses: actions/checkout@v5
with:
persist-credentials: false
- name: Set up QEMU
uses: docker/setup-qemu-action@master
with:
platforms: linux/amd64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@master
with:
platforms: linux/amd64
- name: Build Docker image
uses: docker/build-push-action@v6
with:
context: .
file: server_ci/Dockerfile
platforms: linux/amd64
push: false
tags: guardrails:server-ci
load: true
build-args: |
GUARDRAILS_TOKEN=${{ secrets.GUARDRAILS_API_KEY }}
- name: Start Docker container
run: |
docker run -d --name guardrails-container -p 8000:8000 -e OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }} guardrails:server-ci
- name: Wait for Docker container to be ready
run: |
for i in {1..30}; do
if docker exec guardrails-container curl -s http://localhost:8000/; then
echo "Server is up!"
break
fi
echo "Waiting for server..."
sleep 5
done
- name: Run Pytest
run: |
pip install pytest pytest-asyncio openai ".[api]"
pytest server_ci/tests
docker stop guardrails-container
docker rm guardrails-container