actions/gha-workflows
2
1
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity
22836419d3
gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml

67 lines
2.1 KiB
YAML
Raw Normal View History

Allow override of Python version
2024-11-28 22:29:24 +01:00
name: Python w/ Poetry + Docker CI
add Poetry workflows
2024-04-27 19:55:39 +02:00
on:
workflow_call:
Allow override of Python version
2024-11-28 22:29:24 +01:00
inputs:
python_version:
type: string
default: "3.11"
description: "Version of Python to use for testing environment"
add Poetry workflows
2024-04-27 19:55:39 +02:00
secrets:
SONAR_TOKEN:
required: true
SNYK_TOKEN:
required: true
jobs:
ci:
runs-on: ubuntu-latest
steps:
Allow override of Python version
2024-11-28 22:29:24 +01:00
- name: Set python_version
id: python_version
run: |
PYTHON_VERSION=${{ github.event.inputs.python_version }}
echo "::set-output name=value::${PYTHON_VERSION:-"3.11"}"
add Poetry workflows
2024-04-27 19:55:39 +02:00
- name: Check out repository code
chore(actions)(deps): bump actions/checkout from 4.1.6 to 4.1.7 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.6...v4.1.7) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2024-06-13 07:41:43 +02:00
uses: actions/checkout@v4.1.7
add Poetry workflows
2024-04-27 19:55:39 +02:00
with:
fetch-depth: 0
- uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: Dockerfile
output-file: hadolint.out
format: sonarqube
no-fail: true
- name: Setup Python
uses: actions/setup-python@v5
with:
Allow override of Python version
2024-11-28 22:29:24 +01:00
python-version: "${{ steps.python_version.outputs.value }}"
add Poetry workflows
2024-04-27 19:55:39 +02:00
- name: Setup Poetry
chore(actions)(deps): bump abatilo/actions-poetry from 2 to 3 Bumps [abatilo/actions-poetry](https://github.com/abatilo/actions-poetry) from 2 to 3. - [Release notes](https://github.com/abatilo/actions-poetry/releases) - [Changelog](https://github.com/abatilo/actions-poetry/blob/master/.releaserc) - [Commits](https://github.com/abatilo/actions-poetry/compare/v2...v3) --- updated-dependencies: - dependency-name: abatilo/actions-poetry dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2024-04-29 07:28:10 +02:00
uses: abatilo/actions-poetry@v3
add Poetry workflows
2024-04-27 19:55:39 +02:00
- name: Install dependencies
run: poetry install
- name: Lint
Update ci-python-poetry-with-docker.yml
2024-11-21 22:24:47 +01:00
run: |
poetry run pylint --fail-under=8 --recursive=yes --output-format=parseable --output=lintreport.txt .
cat lintreport.txt
add Poetry workflows
2024-04-27 19:55:39 +02:00
- name: Unit Test
run: |
fix Poetry workflows
2024-04-27 19:59:18 +02:00
poetry run coverage run -m pytest -v --junitxml=testresults.xml
poetry run coverage xml
add Poetry workflows
2024-04-27 19:55:39 +02:00
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Snyk Vulnerability Scan
uses: snyk/actions/python-3.10@master
continue-on-error: true # To make sure that SARIF upload gets called
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Update ci-python-poetry-with-docker.yml
2024-11-21 22:59:58 +01:00
args: --sarif-file-output=snyk.sarif --all-projects
add Poetry workflows
2024-04-27 19:55:39 +02:00
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: snyk.sarif
Reference in New Issue Copy Permalink