Skip to content

Replace bandit with Ruff's flake8-bandit rules #898

Replace bandit with Ruff's flake8-bandit rules

Replace bandit with Ruff's flake8-bandit rules #898

Workflow file for this run

name: Tests
on:
pull_request:
push:
branches:
- main
jobs:
tests:
name: "Test on ${{ matrix.os }}"
runs-on: "${{ matrix.os }}-latest"
strategy:
fail-fast: false
matrix:
os:
- ubuntu
steps:
- name: "Check out source code"
uses: "actions/checkout@v4"
- name: "Install Python"
uses: "actions/setup-python@v4"
with:
python-version: |
3.11
3.12
- name: "Restore cache"
id: "restore-cache"
uses: "actions/cache@v3"
with:
path: |
.tox/
.venv/
key: "cache-python-${{ steps.setup-python.outputs.python-version }}-os-${{ runner.os }}-hash-${{ hashFiles('pyproject.toml', 'requirements.txt', 'requirements-dev.txt') }}"
- name: "Install tox"
if: "steps.restore-cache.outputs.cache-hit == false"
run: |
python -m venv .venv
.venv/bin/python -m pip install -U setuptools
.venv/bin/python -m pip install tox
- name: "Run tox"
run: |
.venv/bin/python -m tox -e py
- name: "Upload coverage data"
uses: actions/upload-artifact@v3
with:
name: covdata
path: .coverage.*
coverage:
name: Coverage
needs: tests
runs-on: ubuntu-latest
steps:
- name: "Check out the repo"
uses: "actions/checkout@v4"
- name: "Set up Python"
uses: "actions/setup-python@v4"
with:
python-version-file: ".python-version"
cache: pip
cache-dependency-path: "requirements-dev.txt"
- name: "Install tox"
run: |
python -m pip install -U setuptools
python -m pip install tox
- name: "Download coverage data"
uses: actions/download-artifact@v3
with:
name: covdata
- name: "Combine and report"
run: |
python -m tox -e coverage
export TOTAL=$(python -c "import json;print(json.load(open('coverage.json'))['totals']['percent_covered_display'])")
echo "total=$TOTAL" >> $GITHUB_ENV
echo "### Total coverage: ${TOTAL}%" >> $GITHUB_STEP_SUMMARY
- name: "Codecov"
uses: codecov/codecov-action@v3
with:
files: coverage.xml
pre-commit:
name: "Run pre-commit"
runs-on: "ubuntu-latest"
steps:
- name: "Check out the repo"
uses: "actions/checkout@v4"
- name: "Set up Python"
uses: "actions/setup-python@v4"
with:
python-version-file: ".python-version"
cache: pip
cache-dependency-path: "requirements-dev.txt"
- name: "Install requirements"
run: |
python -m pip install -U setuptools
python -m pip install -r requirements-dev.txt
- name: "Run pre-commit"
run: tox -e pre-commit
e2e:
name: "Run E2E tests"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and cache
uses: docker/build-push-action@v5
with:
context: .
tags: a3m:latest
push: false
load: true
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Run test
run: |
docker image ls
docker run \
--rm \
--entrypoint=python \
--env=A3M_DEBUG=yes \
a3m:latest \
-m a3m.cli.client \
--name=MARBLES \
https://github.com/artefactual/archivematica-sampledata/raw/master/SampleTransfers/Images/pictures/MARBLES.TGA
# TODO: main branch? push image to a3m:main
# TODO: and tagged? push image to a3m:${tag} and a3m:latest