mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 06:45:08 +00:00
65 lines
1.9 KiB
YAML
65 lines
1.9 KiB
YAML
name: pr-lint-test
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "master"
|
|
pull_request:
|
|
branches:
|
|
- "master"
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
python-version: ["3.9"]
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: Install poetry
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pipx install poetry
|
|
- name: Set up Python ${{ matrix.python-version }}
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
cache: 'poetry'
|
|
- name: Install dependencies
|
|
run: |
|
|
poetry install
|
|
poetry run pip list
|
|
VERSION=$(curl --silent "https://api.github.com/repos/hadolint/hadolint/releases/latest" | \
|
|
grep '"tag_name":' | \
|
|
sed -E 's/.*"v([^"]+)".*/\1/' \
|
|
) && curl -L -o /tmp/hadolint "https://github.com/hadolint/hadolint/releases/download/v${VERSION}/hadolint-Linux-x86_64" \
|
|
&& chmod +x /tmp/hadolint
|
|
- name: Poetry check
|
|
run: |
|
|
poetry lock --check
|
|
- name: Lint with flake8
|
|
run: |
|
|
poetry run flake8 . --ignore=E266,W503,E203,E501,W605,E128 --exclude contrib
|
|
- name: Checking format with black
|
|
run: |
|
|
poetry run black --check .
|
|
- name: Lint with pylint
|
|
run: |
|
|
poetry run pylint --disable=W,C,R,E -j 0 -rn -sn prowler/
|
|
- name: Bandit
|
|
run: |
|
|
poetry run bandit -q -lll -x '*_test.py,./contrib/' -r .
|
|
- name: Safety
|
|
run: |
|
|
poetry run safety check
|
|
- name: Vulture
|
|
run: |
|
|
poetry run vulture --exclude "contrib" --min-confidence 100 .
|
|
- name: Hadolint
|
|
run: |
|
|
/tmp/hadolint Dockerfile --ignore=DL3013
|
|
- name: Test with pytest
|
|
run: |
|
|
poetry run pytest tests -n auto
|