-
Notifications
You must be signed in to change notification settings - Fork 43
50 lines (42 loc) · 1.59 KB
/
ci-pull-request.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
name: CI PR Linting and Security
on:
pull_request:
# branches: [ master ]
jobs:
ci:
environment: Dev
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
python-version: ["3.7", "3.8", "3.9", "3.10"]
poetry-version: ["1.1.13", "1.1.12"]
steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v3
with:
python-version: ${{ matrix.python-version }}
- name: Set up Poetry ${{ matrix.poetry-version }}
uses: abatilo/[email protected]
with:
poetry-version: ${{ matrix.poetry-version }}
- name: Set Poetry env to use Python ${{ matrix.python-version }}
run: |
poetry env use ${{ matrix.python-version }}
- name: Install dependencies with Poetry
run: |
poetry install -E github
echo "::set-output name=POETRY_VENV::$(poetry env info -p)"
id: install
- name: Lint with flake8
run: |
# work from the virtualenv
source ${{ steps.install.outputs.POETRY_VENV }}/bin/activate
# stop the build if there are Python syntax errors or undefined names
poetry run flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
poetry run flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Bandit Security scan
run: |
poetry run bandit -c bandit.yml -r ciscoaxl