ci: update build pipeline for python #26
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Test and Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| env: | |
| PYTHON_VERSION: "3.10" | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: "pip" | |
| cache-dependency-path: "**/requirements*.txt" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| if [ -f requirements.txt ]; then pip install -r requirements.txt; fi | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: "pip" | |
| cache-dependency-path: "**/requirements*.txt" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install tox pytest pytest-cov | |
| if [ -f requirements.txt ]; then pip install -r requirements.txt; fi | |
| - name: Test with pytest | |
| run: tox -e py | |
| sonarcloud: | |
| name: SonarCloud | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: "pip" | |
| cache-dependency-path: "**/requirements*.txt" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install flake8 pytest pylint bandit mypy | |
| if [ -f requirements.txt ]; then pip install -r requirements.txt; fi | |
| - name: Lint with flake8 | |
| run: | | |
| # exit-zero treats all errors as warnings | |
| flake8 . --count --exit-zero --max-complexity=10 --statistics | tee flake8.out | |
| - name: Lint with Pylint | |
| run: | | |
| pylint --output-format=parseable --recursive=true . | tee pylint.out | |
| - name: Security lint with bandit | |
| run: | | |
| bandit -r . | tee bandit.out | |
| - name: Static type check with mypy | |
| run: | | |
| mypy . | tee mypy.out | |
| - name: SonarCloud Scan | |
| uses: SonarSource/sonarcloud-github-action@master | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| #TODO: Links: https://docs.sonarcloud.io/enriching/external-analyzer-reports/ && https://docs.sonarcloud.io/enriching/test-coverage/overview/ | |
| # TODO: Remove other steps and run linting and testing with coverage in the sonar job |