Skip to content
/ PythonTestKit Public

A Python testing toolkit with Docker-based CI/CD pipeline for code quality, security analysis, and automated testing.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Suizer98/PythonTestKit

BranchesTags

Repository files navigation

Python Test Kit

A comprehensive Python testing toolkit with Docker-based CI/CD pipeline for code quality, security analysis, and automated testing.

Tech stacks

Testing Pipeline

flowchart TD
    A[Source Code] --> B[Black<br/>Code Formatting]
    B --> C[Ruff<br/>Linting & Import Sorting]
    C --> D[Bandit<br/>Security Analysis]
    D --> E[Safety<br/>Dependency Vulnerabilities]
    E --> F[Semgrep<br/>Static Analysis & Supply Chain]
    F --> G[Pytest<br/>Unit Tests]
    G --> H[All Checks Pass]
Loading

Testing

Run whole test suite:

docker-compose --profile test up --build test
docker-compose --profile test run test

To run black check suite separately:

docker-compose run --rm test black check .     # Check code formatting
docker-compose run --rm test black .           # Format code

To test with ruff and try out its auto-corrected function

docker-compose run --rm test ruff check .      # Lint code
docker-compose run --rm test ruff check --fix . # Fix linting issues

To run bandit security analysis:

docker-compose run --rm test bandit -r .       # Security analysis

To run safety checks:

docker-compose run --rm test safety check      # Check for dependency vulnerabilities

Customised unit tests:

docker-compose run --rm test pytest tests/

Semgrep:

# Full scan
docker-compose run --rm test bash -c \
  "git config --global --add safe.directory /usr/src/app && semgrep ci"

# To run locally without uploading results
docker-compose run --rm test bash -c \
  "git config --global --add safe.directory /usr/src/app && semgrep ci --dry-run"

# Or with Semgrep customised rules
docker-compose run --rm test semgrep \
  --config=p/python \
  --config=p/dockerfile \
  --config=p/ci \
  --config=p/owasp-top-ten \
  --config=p/security-audit \
  --config=p/secrets \
  --config=p/supply-chain \
  --metrics=off \
  --error \
  --no-git-ignore .

To spin up mock environment:

docker-compose up --build mock
docker-compose run --rm mock bash

Use with Other Repositories

Add this docker-compose.test.yml to any Python project:

services:
  test:
    image: suizer98/python-test-kit:latest
    volumes:
      - .:/usr/src/app
      - ./.git:/usr/src/app/.git
    working_dir: /usr/src/app
    environment:
      - SEMGREP_APP_TOKEN=${SEMGREP_APP_TOKEN:-}

Then run:

docker-compose -f docker-compose.test.yml up test

Manual Image Push

Build and push the test image manually:

# Login to Docker Hub
docker login

# Build and push
docker build -f Dockerfile.test -t suizer98/python-test-kit:latest .
docker push suizer98/python-test-kit:latest

About

A Python testing toolkit with Docker-based CI/CD pipeline for code quality, security analysis, and automated testing.

Topics

python docker docker-compose actions cicd automated-testing semgrep

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages