Add actions
This commit is contained in:
parent
944f1e8691
commit
2be1e9e895
GPG key ID:
59B3F0C24135C6A9
3 changed files with 84 additions and 0 deletions
32
.forgejo/workflows/ci.yml
Normal file
32
.forgejo/workflows/ci.yml
Normal file
|
|
@ -0,0 +1,32 @@
|
||||||
|
name: CI
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
test:
|
||||||
|
runs-on: docker
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install system dependencies
|
||||||
|
run: |
|
||||||
|
apt-get update
|
||||||
|
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends python3-venv pipx
|
||||||
|
|
||||||
|
- name: Install Poetry
|
||||||
|
run: |
|
||||||
|
pipx install poetry==1.8.3
|
||||||
|
/root/.local/bin/poetry --version
|
||||||
|
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
|
||||||
|
|
||||||
|
- name: Install project deps (including test extras)
|
||||||
|
run: |
|
||||||
|
poetry install --with test
|
||||||
|
|
||||||
|
- name: Run test script
|
||||||
|
run: |
|
||||||
|
./tests.sh
|
||||||
|
|
||||||
26
.forgejo/workflows/lint.yml
Normal file
26
.forgejo/workflows/lint.yml
Normal file
|
|
@ -0,0 +1,26 @@
|
||||||
|
name: Lint
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
test:
|
||||||
|
runs-on: docker
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install system dependencies
|
||||||
|
run: |
|
||||||
|
apt-get update
|
||||||
|
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
||||||
|
black pyflakes3 python3-bandit
|
||||||
|
|
||||||
|
- name: Run linters
|
||||||
|
run: |
|
||||||
|
black --diff --check src/*
|
||||||
|
black --diff --check tests/*
|
||||||
|
pyflakes3 src/*
|
||||||
|
pyflakes3 tests/*
|
||||||
|
bandit -s B110 -r src/
|
||||||
26
.forgejo/workflows/trivy.yml
Normal file
26
.forgejo/workflows/trivy.yml
Normal file
|
|
@ -0,0 +1,26 @@
|
||||||
|
name: Trivy
|
||||||
|
|
||||||
|
on:
|
||||||
|
schedule:
|
||||||
|
- cron: '0 1 * * *'
|
||||||
|
push:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
test:
|
||||||
|
runs-on: docker
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install system dependencies
|
||||||
|
run: |
|
||||||
|
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends wget gnupg
|
||||||
|
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | tee /usr/share/keyrings/trivy.gpg > /dev/null
|
||||||
|
echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | tee -a /etc/apt/sources.list.d/trivy.list
|
||||||
|
apt-get update
|
||||||
|
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends trivy
|
||||||
|
|
||||||
|
- name: Run trivy
|
||||||
|
run: |
|
||||||
|
trivy fs --no-progress --ignore-unfixed --format table --disable-telemetry .
|
||||||
Loading…
Add table
Add a link
Reference in a new issue