Add CI and packaging workflow

[Peerapat-J]

Summary

• Add a GitHub Actions CI workflow for pull requests, pushes to main, and manual runs
• Run both SwiftPM and xcodebuild build/test checks for the macOS app scaffold
• Add an unsigned app artifact job for main pushes and manual dispatches
• Add --package mode to script/build_and_run.sh so CI can build the .app bundle without launching it
• Document CI/CD behavior and local parity commands

Validation

• bash -n script/build_and_run.sh
• ruby -e 'require "yaml"; YAML.load_file(".github/workflows/ci.yml"); puts "workflow yaml ok"'
• git diff --check
• swift build --product LinguistMac
• swift test
• ./script/build_and_run.sh --package
• test -x dist/LinguistMac.app/Contents/MacOS/LinguistMac
• plutil -lint dist/LinguistMac.app/Contents/Info.plist
• xcodebuild -scheme LinguistMac -destination platform=macOS -derivedDataPath /tmp/linguistmac-ci-derived CODE_SIGNING_ALLOWED=NO build
• xcodebuild -scheme LinguistMac -destination platform=macOS -derivedDataPath /tmp/linguistmac-ci-derived-test CODE_SIGNING_ALLOWED=NO test

Notes

• The delivery job uploads an unsigned development artifact only.
• Signing and notarization should be added after app identity, entitlements, and Developer ID distribution are defined.

Closes #4

Summary by CodeRabbit

• Documentation

  • Added comprehensive CI/CD and local development documentation describing automated quality checks and build procedures.

• Chores

  • Established automated CI/CD pipeline with code quality validation (linting, formatting, static analysis, testing).
  • Configured project-wide code standards and formatting conventions.
  • Enabled automated unsigned app packaging and artifact distribution.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: a457f8e9-e587-4d13-a9de-16e7206549c8

📥 Commits

Reviewing files that changed from the base of the PR and between 1ce7e4f and 15f1458.

📒 Files selected for processing (3)

• .github/workflows/ci.yml
• Sources/LinguistMacCore/AppFeature.swift
• docs/ci-cd.md

💤 Files with no reviewable changes (1)

• Sources/LinguistMacCore/AppFeature.swift

✅ Files skipped from review due to trivial changes (1)

• docs/ci-cd.md

---

📝 Walkthrough

Walkthrough

This PR establishes end-to-end GitHub Actions CI/CD automation for LinguistMac, including code quality tooling configuration, build script refactoring to support CI execution, a four-job workflow for linting/formatting/building/testing/analysis, unsigned app artifact delivery, and developer documentation for local parity.

Changes

CI/CD Infrastructure and Automation

Layer / File(s)	Summary
Code quality configuration .swiftformat, .swiftlint.yml	SwiftFormat and SwiftLint configurations define formatting standards (indentation, line endings, semicolon removal, whitespace trimming) and linting rules (unused declarations/imports, length thresholds) with excluded build/package directories.
Build script refactoring for automation script/build_and_run.sh	Extracts Swift build and app bundle assembly into a centralized build_app_bundle() function that handles binary resolution, directory cleanup, binary copying, and Info.plist setup. Mode handlers for run, package, debug, logs, telemetry, and verify consolidated to call this function in appropriate combinations.
GitHub Actions CI workflow .github/workflows/ci.yml	Four-job workflow triggered on pull requests, pushes to main, and manual dispatch. Lint-and-format runs SwiftLint strict mode and analyzer with xcodebuild logs, plus SwiftFormat lint. Build-and-test runs Debug/Release matrix via swift build/test and Xcode schemes with signing disabled. Strict-analysis enables warnings-as-errors and strict concurrency. Package-unsigned-app depends on prior jobs and archives the app bundle as an artifact for main/dispatch only.
Documentation and test setup docs/ci-cd.md, Tests/LinguistMacCoreTests/AppFeatureTests.swift	Adds CI/CD documentation with workflow triggers, job descriptions, unsigned artifact behavior, and local parity commands for developers. Test imports reordered to place @testable import LinguistMacCore before import XCTest.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Peerapat-J/LinguistMac#8: Introduces the original script/build_and_run.sh that this PR refactors by extracting the build_app_bundle() function and restructuring mode handlers for CI automation.

Poem

🐰 A workflow takes shape, swift lints and tests align,
Jobs orchestrate in parallel, artifacts shine.
The build script hops forward, bundled and clean,
CI/CD magic, the finest we've seen!* ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Add CI and packaging workflow' clearly and concisely summarizes the main change: introduction of a GitHub Actions CI workflow with packaging capabilities.
Linked Issues check	✅ Passed	The PR successfully implements the core requirement from issue #4 to add GitHub Actions CI for build and tests, including SwiftLint/SwiftFormat validation, SwiftPM and xcodebuild builds/tests, strict analysis, and packaging.
Out of Scope Changes check	✅ Passed	All changes are directly related to implementing the CI/CD workflow and supporting documentation; no unrelated modifications detected outside the scope of issue #4.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch PJ/issue-4-ci-cd-workflows

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci.yml:
- Line 25: Replace mutable workflow tags with pinned commit SHAs: find the lines
using "uses: actions/checkout@v4" and "uses: actions/upload-artifact@v4" in the
workflow and update each to the corresponding full commit SHA for the specific
release you intend to use (e.g., actions/checkout@<full-sha>,
actions/upload-artifact@<full-sha>), ensuring all occurrences (the multiple
checkout lines and the upload-artifact line) are replaced so the workflow uses
immutable references.
- Around line 24-25: Update every GitHub Actions checkout step that uses "uses:
actions/checkout@v4" to disable credential persistence by adding a with block
containing "persist-credentials: false"; specifically modify each checkout
invocation (the occurrences with the literal "uses: actions/checkout@v4") so it
includes a with: persist-credentials: false entry, ensuring all four instances
noted are changed so the runner token is not persisted in git config for later
steps.
- Around line 40-41: Update the "Run SwiftLint" job's step named "Run SwiftLint"
to invoke swiftlint analyze (not swiftlint lint) and ensure the job provides the
required compiler-log inputs (e.g., build output / compile_commands or Xcode
build logs) that swiftlint analyze needs so analyzer_rules like
unused_declaration and unused_import run; in the same workflow update the
actions/checkout@v4 usages to include persist-credentials: false (if the job
does not need authenticated git) and replace tag-pinned action references (e.g.,
actions/checkout@v4 and any other `@vX` usages) with the corresponding commit SHA
pins to reduce supply-chain risk.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: f5e1677c-1b8d-487d-8d9f-21a5264d7352

📥 Commits

Reviewing files that changed from the base of the PR and between de0c380 and 1ce7e4f.

📒 Files selected for processing (6)

• .github/workflows/ci.yml
• .swiftformat
• .swiftlint.yml
• Tests/LinguistMacCoreTests/AppFeatureTests.swift
• docs/ci-cd.md
• script/build_and_run.sh