-
Notifications
You must be signed in to change notification settings - Fork 6
156 lines (142 loc) · 4.45 KB
/
code-quality.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: code-quality
on:
push:
branches:
- main
- develop
tags:
- '*'
pull_request:
workflow_dispatch:
jobs:
isort:
name: Check import sorting
runs-on: ubuntu-latest
steps:
- name: Install libxml
run: |
sudo apt-get update
sudo apt-get install -y libxml2-dev libxmlsec1-dev libxmlsec1-openssl
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
with:
python-version: '3.11'
- uses: isort/[email protected]
with:
requirementsFiles: requirements/dev.txt
sortPaths: 'src'
configuration: '--check-only --diff'
black:
name: Check code formatting with black
runs-on: ubuntu-latest
steps:
- name: Install libxml
run: |
sudo apt-get update
sudo apt-get install -y libxml2-dev libxmlsec1-dev libxmlsec1-openssl
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
with:
python-version: '3.11'
- name: Install dependencies
run: |
pip install -r requirements/dev.txt
- name: Run black
run: |
black --check --diff src
flake8:
name: Code style (flake8)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up backend environment
uses: maykinmedia/setup-django-backend@v1
with:
apt-packages: 'libxml2-dev libxmlsec1-dev libxmlsec1-openssl gdal-bin'
python-version: '3.11'
setup-node: 'no'
- name: Run flake8
id: flake8
run: |
flake8 src 2>&1 | tee flake8_output.txt
result_code=${PIPESTATUS[0]}
report="$(cat flake8_output.txt)"
report="${report//$'\n'/'%0A'}" # escape newlines
echo "flake8_output=${report}" >> $GITHUB_OUTPUT
exit $result_code
- name: Emit flake8 flake8 output
if: ${{ failure() }}
run: |
echo "${{ steps.flake8.outputs.flake8_output }}"
echo 'flake8 found some issues' >> $GITHUB_STEP_SUMMARY
echo '' >> $GITHUB_STEP_SUMMARY
echo '| File | Line | Column | Issue |' >> $GITHUB_STEP_SUMMARY
echo '| :--- | ---- | ------ | :---- |' >> $GITHUB_STEP_SUMMARY
python ./bin/flake8_summary.py "${{ steps.flake8.outputs.flake8_output }}" >> $GITHUB_STEP_SUMMARY
migrations:
name: Check for model changes not present in the migrations
runs-on: ubuntu-latest
services:
postgres:
image: postgres:12
env:
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- 5432:5432
# Needed because the postgres container does not provide a healthcheck
options:
--health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install system packages
run: |
sudo apt-get update \
&& sudo apt-get install -y --no-install-recommends \
libgdal-dev \
gdal-bin
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libxml2-dev libxmlsec1-dev libxmlsec1-openssl
pip install -r requirements/dev.txt
- name: Run manage.py makemigrations --check --dry-run
run: |
src/manage.py makemigrations --check --dry-run
env:
DJANGO_SETTINGS_MODULE: open_inwoner.conf.dev
SECRET_KEY: dummy
DB_USER: postgres
DB_PASSWORD: ''
prettier:
name: Check code formatting with prettier
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install dependencies
run: |
npm install --legacy-peer-deps
- name: Run Prettier
run: |
npm run check-linting
bandit:
name: Python security check using Bandit
runs-on: ubuntu-latest
steps:
- name: Install libxml
run: |
sudo apt-get update
sudo apt-get install -y libxml2-dev libxmlsec1-dev libxmlsec1-openssl
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
with:
python-version: '3.11'
- name: Install dependencies
run: |
pip install -r requirements/dev.txt
- name: Run Bandit
run: |
bandit -r ./src/ -x tests,conf/utils.py -s B101