name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
permissions:
contents: read
env:
CARGO_TERM_COLOR: always
jobs:
test:
name: Test (${{ matrix.os }}, Rust ${{ matrix.rust }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- { os: ubuntu-latest, rust: stable }
- { os: macos-latest, rust: stable }
- { os: windows-latest, rust: stable }
- { os: ubuntu-latest, rust: "1.85" }
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 with:
python-version: "3.14"
- name: Install Rust
uses: dtolnay/rust-toolchain@3c5f7ea28cd621ae0bf5283f0e981fb97b8a7af9 with:
toolchain: ${{ matrix.rust }}
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32
- name: Run tests (all features)
run: cargo test --all-features
- name: Run tests (no default features)
run: cargo test --no-default-features
failure-injection:
name: Failure Injection Tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- name: Install Rust
uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32
- name: Run IBKR F6 reconnect drill test
run: cargo test -p nanobook-broker --test ibkr_f6_reconnect_drill
- name: Run Binance F1 idempotency test
run: cargo test -p nanobook-broker --test binance_f_bin1_idempotency --features binance
- name: Run Binance F2 reconnect drill test
run: cargo test -p nanobook-broker --test binance_f_bin2_reconnect_drill --features binance
python-test:
name: Python (${{ matrix.os }}, ${{ matrix.python }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- { os: ubuntu-latest, python: "3.11" }
- { os: ubuntu-latest, python: "3.12" }
- { os: ubuntu-latest, python: "3.13" }
- { os: ubuntu-latest, python: "3.14" }
- { os: macos-latest, python: "3.14" }
- { os: windows-latest, python: "3.14" }
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 with:
python-version: ${{ matrix.python }}
- uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86
- uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 with:
key: python-${{ matrix.python }}
- name: Build and install Python extension
working-directory: python
run: uv sync --python ${{ matrix.python }} --group dev
- name: Run Python tests (property + unit)
working-directory: python
run: uv run --python ${{ matrix.python }} --group dev python -m pytest tests/ -v --ignore=tests/reference
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 with:
python-version: "3.14"
- name: Install Rust
uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 with:
components: clippy, rustfmt
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32
- name: Check formatting
run: cargo fmt --all -- --check
- name: Clippy
run: cargo clippy --all-targets --all-features -- -D warnings
security:
name: Security audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- name: Install Rust
uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32
- name: Install cargo-deny
run: cargo install cargo-deny --version 0.19.4 --locked
- name: Run cargo-deny
run: cargo deny check
- name: Install cargo-audit
run: cargo install cargo-audit --version 0.22.1 --locked
- name: Run cargo-audit
run: cargo audit
coverage:
name: Code coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- name: Install Rust
uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 with:
key: coverage
- name: Install cargo-llvm-cov
run: cargo install cargo-llvm-cov --version 0.8.5 --locked
- name: Generate coverage
run: cargo llvm-cov --all-features --lcov --output-path lcov.info
- name: Upload to Codecov
uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe with:
files: lcov.info
fail_ci_if_error: false
bench:
name: Benchmark
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- name: Install Rust
uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32
- name: Run benchmarks
run: cargo bench --all-features
itch-replay-smoke:
name: ITCH Replay Smoke (committed fixture)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 with:
python-version: "3.14"
- uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86
- name: Install Rust
uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 with:
key: itch-replay-smoke
- name: Decompress fixture
working-directory: examples/itch-replay
run: |
mkdir -p data
gunzip -c fixtures/smoke.itch.gz > data/smoke.itch
- name: Run replay on fixture
working-directory: examples/itch-replay
run: |
cargo run --release --example itch-replay --features itch -- \
--input data/smoke.itch \
--output-dir data/replay-smoke
- name: Install Python dependencies
working-directory: examples/itch-replay
run: |
uv venv
uv pip install -r requirements.txt
# report.py imports nanobook; build the local bindings.
uv pip install ../../python
- name: Generate report
working-directory: examples/itch-replay
run: uv run report.py --input data/replay-smoke/event-log.jsonl --output data/replay-smoke/report.html
- name: Verify summary matches expected
working-directory: examples/itch-replay
run: diff -u expected/summary.txt data/replay-smoke/summary.txt
- name: Verify invariants log is empty
working-directory: examples/itch-replay
run: |
if [ -s data/replay-smoke/invariants.log ]; then
echo "invariants.log should be empty but contains:"
cat data/replay-smoke/invariants.log
exit 1
fi
momentum-backtest-smoke:
name: Momentum Backtest Smoke (cached prices)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 with:
python-version: "3.14"
- uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86
- name: Install Rust
uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8
- uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 with:
key: momentum-backtest-smoke
- name: Install Python dependencies
working-directory: examples/momentum-backtest
run: |
uv venv
uv pip install -r requirements.txt
# strategy.py imports nanobook; build the local bindings so the
# smoke test exercises the code under review, not a PyPI wheel.
uv pip install ../../python
- name: Run backtest with cached data (zero cost)
working-directory: examples/momentum-backtest
run: |
# Window must cover the 12-month momentum lookback before the
# first rebalance, or the signal is all-NaN and no rebalances run.
uv run python strategy.py \
--data-file data/sp100_ohlcv.csv \
--start-date 2019-01-01 \
--end-date 2020-12-31 \
--initial-cash 1000000 \
--commission-bps 0 \
--slippage-bps 0 \
--output results.json
- name: Generate report
working-directory: examples/momentum-backtest
run: uv run python report.py --results results.json --output report.html
- name: Verify results exist
working-directory: examples/momentum-backtest
run: |
if [ ! -f results.json ]; then
echo "results.json not found"
exit 1
fi
if [ ! -f report.html ]; then
echo "report.html not found"
exit 1
fi