Skip to content

Continuos Integration #131

Continuos Integration

Continuos Integration #131

Workflow file for this run

name: Continuos Integration
on:
push:
branches:
- main
pull_request:
branches:
- main
schedule:
- cron: '0 0 * * 1' # Every Monday at 00:00 UTC
jobs:
project-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check if Dockerfiles were generated
run: |
./scripts/pipeline.py dockerfiles
test -z "$(git status --short)"
generate-docker-jobs:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.generate-jobs.outputs.matrix }}
steps:
- uses: actions/checkout@v3
- name: Generate jobs
id: generate-jobs
run: |
matrix=$(./scripts/pipeline.py ci)
echo "matrix=$matrix" >> "$GITHUB_OUTPUT"
docker-check:
needs: [project-check, generate-docker-jobs]
continue-on-error: true
strategy:
matrix: ${{ fromJson(needs.generate-docker-jobs.outputs.matrix) }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Build Docker image
run: docker build --tag mateusoliveira43/poetry:${{ matrix.version }} - < ${{ matrix.dockerfile }}
- name: Dockerfile linter
uses: hadolint/[email protected]
with:
dockerfile: ${{ matrix.dockerfile }}
- name: Docker image security vulnerability scan
uses: snyk/actions/docker@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: mateusoliveira43/poetry:${{ matrix.version }}
args: --severity-threshold=medium --file=${{ matrix.dockerfile }}
python-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v3
with:
python-version: "3.10"
cache: "pip"
cache-dependency-path: "requirements/*.txt"
- name: Install Python dependencies
run: |
pip install -r requirements/dev.txt
pip install -e .
# - name: Python test and coverage
# run: pytest
# - name: Save html coverage report
# uses: actions/upload-artifact@v2
# with:
# name: html-coverage-report
# path: tests/coverage-results/htmlcov/
- name: Python type check
run: mypy .
- name: Python linter
run: dev lint
- name: Python Code format
run: dev format --check
- name: Code format
run: ec -verbose
- name: Security vulnerability scan in Python code
run: dev scan --code
- name: Security vulnerability scan in Python dependencies
run: dev scan --dependencies
# - name: Test documentation
# run: dev doc --check