from prod - from test - from dev - Bump version: 1.0.7 → 1.0.8 into t… #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # .github/workflows/ci.yml | |
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| id-token: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.12' | |
| - name: Install dependencies | |
| run: | | |
| python -m venv venv | |
| source venv/bin/activate | |
| pip install --upgrade pip | |
| pip install poetry | |
| poetry lock | |
| poetry install | |
| - name: Format check with Black | |
| run: | | |
| source venv/bin/activate | |
| black --check scripts/ | |
| continue-on-error: true | |
| - name: Lint with Pylint | |
| run: | | |
| source venv/bin/activate | |
| pylint $(git ls-files '*.py') | |
| continue-on-error: true | |
| - name: Run tests | |
| run: | | |
| source venv/bin/activate | |
| pytest --cov=app --cov-report=xml:coverage.xml || [$? -eq 5] | |
| continue-on-error: true | |
| - name: List files to verify coverage.xml | |
| run: | | |
| ls -la *.xml | |
| cat *.xml | |
| continue-on-error: true | |
| - name: Upload coverage to Codecov | |
| if: success() | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: coverage.xml | |
| flags: unittests | |
| name: codecov-umbrella | |
| continue-on-error: true | |
| - name: OSSF Scorecard action | |
| uses: ossf/[email protected] | |
| with: | |
| results_file: scoreboard-results.json | |
| results_format: json | |
| #publish_results: true | |
| continue-on-error: true | |
| - name: List files to verify scoreboard-results.json | |
| run: | | |
| ls -la scoreboard-results.json | |
| cat scoreboard-results.json | |
| continue-on-error: true | |
| - name: Upload Scorecard Results to Security Scorecards API | |
| if: always() | |
| run: | | |
| curl -X POST \ | |
| "" \ | |
| -H "Authorization: Bearer ${{ secrets.SCORECARD_TOKEN }}" \ | |
| -H "Content-Type: application/json" \ | |
| -d @scoreboard-results.json | |
| continue-on-error: true |