ci: Tweak codeql.yml to ignore static admin js files #262
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - v1 | |
| pull_request: | |
| branches: | |
| - v1 | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:11 | |
| env: | |
| POSTGRES_USER: exodus | |
| POSTGRES_PASSWORD: exodus | |
| POSTGRES_BD: exodus | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| strategy: | |
| matrix: | |
| python-version: | |
| - "3.9" | |
| - "3.10" | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y dexdump | |
| python -m pip install --upgrade pip | |
| pip install pipenv | |
| pipenv sync --dev --system | |
| - name: Lint with flake8 | |
| run: | | |
| flake8 exodus/ | |
| - name: Check if lock is uptodate | |
| run: | | |
| pipenv install --deploy | |
| - name: Check vulnerabilites in dependencies | |
| run: | | |
| pipenv check | |
| continue-on-error: true | |
| - name: Run tests | |
| run: | | |
| cd exodus | |
| python manage.py test | |
| env: | |
| DJANGO_SETTINGS_MODULE: exodus.settings.dev | |
| hadolint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: hadolint/hadolint-action@v3.1.0 | |
| with: | |
| dockerfile: docker/Dockerfile | |
| docker_build: | |
| needs: hadolint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Log into registry ${{ env.REGISTRY }} | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Extract metadata (tags, labels) for Docker | |
| # https://github.com/docker/metadata-action | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@69f6fc9d46f2f8bf0d5491e4aabe0bb8c6a4678a | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| # Build and push Docker image with Buildx (don't push on PR) | |
| # https://github.com/docker/build-push-action | |
| - name: Build and push Docker image | |
| id: build-and-push | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| file: ./docker/Dockerfile | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} |