From 44b6b611bafb60415c8c441dd7694b9a7593a272 Mon Sep 17 00:00:00 2001
From: matthope <matt.hope@publishing.nine.com.au>
Date: Sun, 19 Mar 2023 17:39:58 +1100
Subject: [PATCH] github workflow: Add 'black' and 'bandit' linters

Add linters:

- [black](https://black.readthedocs.io/)
- [bandit](https://bandit.readthedocs.io/)
---
 .github/workflows/bandit.yml | 32 ++++++++++++++++++++++++++++++++
 .github/workflows/black.yml  | 15 +++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100644 .github/workflows/bandit.yml
 create mode 100644 .github/workflows/black.yml

diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml
new file mode 100644
index 00000000..c1ab835a
--- /dev/null
+++ b/.github/workflows/bandit.yml
@@ -0,0 +1,32 @@
+name: Security check - Bandit
+
+on: push
+
+jobs:
+  build:
+    name: Python ${{ matrix.python-version }} ${{ matrix.os }}
+    runs-on: ubuntu-latest
+    steps:
+
+      - uses: actions/checkout@v3
+
+      - name: Security check - Bandit
+        uses: ./
+        with:
+          ignore_failure: true
+          project_path: .
+          python_version: ${{ matrix.python-version }}
+
+      - name: Security check report artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: Security report
+          path: output/security_report.txt
+
+    strategy:
+      matrix:
+        os:
+          - ubuntu-latest
+        python-version:
+          - 3.6.10
+
diff --git a/.github/workflows/black.yml b/.github/workflows/black.yml
new file mode 100644
index 00000000..117d1c5e
--- /dev/null
+++ b/.github/workflows/black.yml
@@ -0,0 +1,15 @@
+name: Lint
+
+on:
+  - push
+  - pull_request
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: psf/black@stable
+        with:
+          options: --check --verbose --diff --skip-string-normalization --line-length 400
+