Skip to content

define a smart rule in the gitlab ci, since "sonarsource/sonar-scanne… #25

define a smart rule in the gitlab ci, since "sonarsource/sonar-scanne…

define a smart rule in the gitlab ci, since "sonarsource/sonar-scanne… #25

Workflow file for this run

name: Python Lints / Checks
on:
push:
branches:
- main
jobs:
sonarqube_checks:
name: SonarQube Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: prepare environment
run: |
sudo apt-get update
sudo apt-get install python3.11 --install-recommends
pip install pipenv -U --quiet
pipenv install --dev
- name: Dependency check
uses: dependency-check/Dependency-Check_Action@main
id: Dependency_check
with:
project: "Video Language Detection"
path: "."
format: HTML
out: "reports" # this is the default, no need to specify unless you wish to override it
args: >
--failOnCVSS 7
--enableRetired
--enableExperimental
- uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
# If you wish to fail your job when the Quality Gate is red, uncomment the
# following lines. This would typically be used to fail a deployment.
- uses: sonarsource/sonarqube-quality-gate-action@master
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
mypy_lint:
name: Lint with Mypy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: prepare environment
run: |
sudo apt-get update
sudo apt-get install python3.11 --install-recommends
pip install pipenv -U --quiet
pipenv install --dev
- name: run lint
run: pipenv run lint