-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[CI] Add supply chain security job for each service (#182)
# Description <!-- Please include a summary of the change(s) and which issue is being fixed. Please provide as much detail as possible. --> Added the GuardDog CI job to each service <!-- Replace `XXX` with the concerning issue number. The \"#\" links this PR to its relevant issue --> Closes #136 ## How to Test <!-- Provide some simple steps so that others can verify your implementation --> Observe the green checkmarks for each `Supply Chain Security` CI job ## Checklist - [ ] The code includes tests if relevant - [x] I have *actually* self-reviewed my changes and done QA <!-- Only check this off if you have actually done a self-review! DO NOT request any review from others until you have done your self-review! -->
- Loading branch information
Showing
4 changed files
with
56 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -58,8 +58,8 @@ jobs: | |
- name: Test | ||
run: docker compose exec ${{ matrix.service }} pytest | ||
|
||
security: | ||
name: Security | ||
sast: | ||
name: Static Application Security Testing | ||
runs-on: ubuntu-latest | ||
strategy: | ||
matrix: | ||
|
@@ -78,3 +78,17 @@ jobs: | |
- name: Test | ||
run: bandit -c .bandit -ll -ii -n 3 -a file -r src/ | ||
|
||
supply: | ||
name: Supply Chain Security | ||
runs-on: ubuntu-latest | ||
strategy: | ||
matrix: | ||
service: [search, recommend] | ||
fail-fast: false | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- uses: pypa/[email protected] | ||
with: | ||
inputs: apps/algorithm/${{ matrix.service }}/requirements.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters