-
Notifications
You must be signed in to change notification settings - Fork 1
executable file
·86 lines (77 loc) · 2.64 KB
/
pythonapp.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: MADwaS
on:
push:
branches: [master]
pull_request:
branches: [master]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python 3.8
uses: actions/setup-python@v1
with:
python-version: 3.8
- run: pip install nox==2019.11.9
- run: pip install poetry==1.0.5
# - run: nox
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Lint with flake8
run: |
pip install flake8
# stop the build if there are Python syntax errors or undefined names
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Run bandit - security lint
run: |
pip install bandit
bandit -s B605 *
# continue-on-error: true
- name: Run pylint
run: |
pip install pylint
pylint *
continue-on-error: true
# - name: black check
# run: |
# pip install black
# black
- name: Wemake Python Stylguide
uses: wemake-services/[email protected]
continue-on-error: true
with:
reporter: "github-pr-review"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# - name: Test with pytest
# run: |
# pip install pytest
# # pytest
# pip install pytest-cov
# pytest --cov=./ --cov-report=xml
# - name: Upload coverage to Codecov
# uses: codecov/codecov-action@v1
# with:
# token: ${{ secrets.CODECOV_TOKEN }}
# file: ./coverage.xml
# flags: unittests
# - name: vulernability check in dependcies
# run: |
# pip install safety
# safety check --full-report
# - name: Run Snyk to check for vulnerabilities
# uses: snyk/actions/node@master
# env:
# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
# - name: SonarCloud scanner
# uses: sonarsource/sonarcloud-github-action@master
# env:
# # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}