-
Notifications
You must be signed in to change notification settings - Fork 0
104 lines (91 loc) · 3.39 KB
/
CI.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
name: Python Lints / Checks
on:
push:
branches:
- main
pull_request:
jobs:
mypy_lint:
name: Lint files
runs-on: ubuntu-latest
container:
image: python:3.11-bookworm
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: prepare environment
run: |
pip install pipenv -U --quiet
apt-get update
apt-get install python3-wxgtk4.0 libgtk-3-dev -y
pipenv install --dev
- name: run lint
run: |
pipenv run mypy
pipenv run ruff-ci
- name: run checks
run: |
pipenv check
tests:
name: Run tests
runs-on: ubuntu-latest
container:
image: python:3.11-bookworm
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: prepare environment
run: |
pip install pipenv -U --quiet
apt-get update
apt-get install python3-wxgtk4.0 libgtk-3-dev ffmpeg -y
pipenv install --dev
- name: run tests
run: |
pipenv run test
sonarqube_checks:
name: SonarQube Checks
runs-on: ubuntu-latest
needs:
- mypy_lint
- tests
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: prepare environment
run: |
sudo apt-get update
sudo apt-get install python3.11 python3.11-dev --install-recommends python3-distutils python3-wxgtk4.0 libgtk-3-dev ffmpeg -y
pip install pipenv -U --quiet
pipenv install --dev
- name: run coverage report
run: |
pipenv run coverage
- name: generate requirements.txt
run: |
pipenv requirements --dev > requirements.txt
- name: Dependency check
uses: dependency-check/Dependency-Check_Action@main
id: Dependency_check
with:
project: "Video Language Detection"
path: "."
format: HTML
out: "reports" # this is the default, no need to specify unless you wish to override it
args: >
--failOnCVSS 7
--enableRetired
--enableExperimental
- uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
# If you wish to fail your job when the Quality Gate is red, uncomment the
# following lines. This would typically be used to fail a deployment.
- uses: sonarsource/sonarqube-quality-gate-action@master
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}