pyTooling/Actions
1
0
Fork 0
mirror of https://github.com/pyTooling/Actions.git synced 2026-02-12 11:06:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added Bandir, Radon metrics and PyLint checking.

Browse Source
This commit is contained in:
Patrick Lehmann
2025-09-17 07:46:08 +02:00
parent 1041e7b5c7
commit bfe857a4af
9 changed files with 276 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

140
.github/workflows/CheckCodeQuality.yml vendored Normal file
View File

@@ -0,0 +1,140 @@
# ==================================================================================================================== #
# Authors: #
# Patrick Lehmann #
# #
# ==================================================================================================================== #
# Copyright 2025-2025 The pyTooling Authors #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); #
# you may not use this file except in compliance with the License. #
# You may obtain a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
# #
# SPDX-License-Identifier: Apache-2.0 #
# ==================================================================================================================== #
name: Code Quality Checking
on:
workflow_call:
inputs:
ubuntu_image_version:
description: 'Ubuntu image version.'
required: false
default: '24.04'
type: string
python_version:
description: 'Python version.'
required: false
default: '3.13'
type: string
package_directory:
description: '.'
required: true
type: string
requirements:
description: ''
required: false
default: '-r requirements.txt'
type: string
artifact:
description: 'Name of the package artifact.'
required: true
type: string
jobs:
Bandit:
name: 🚨 Security Scanning (Bandit)
runs-on: "ubuntu-${{ inputs.ubuntu_image_version }}"
steps:
- name: ⏬ Checkout repository
uses: actions/checkout@v5
with:
lfs: true
submodules: true
- name: 🐍 Setup Python ${{ inputs.python_version }}
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python_version }}
- name: ⚙ Install dependencies for running bandit
run: python -m pip install --disable-pip-version-check bandit
- name: 👮 Bandit
if: inputs.artifact != ''
run: |
mkdir -p report/bandit
bandit -c pyproject.toml -r ${{ inputs.package_directory }} -f xml -o report/bandit/report.xml
Radon:
name: ☢️ Metrics and Complexity
runs-on: "ubuntu-${{ inputs.ubuntu_image_version }}"
steps:
- name: ⏬ Checkout repository
uses: actions/checkout@v5
with:
lfs: true
submodules: true
- name: 🐍 Setup Python ${{ inputs.python_version }}
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python_version }}
- name: ⚙ Install dependencies for running radon
run: python -m pip install --disable-pip-version-check radon
- name: Code Metrics
# if: inputs.artifact != ''
run: |
radon raw ${{ inputs.package_directory }} -s
- name: Code Complexity
# if: inputs.artifact != ''
run: |
radon cc ${{ inputs.package_directory }} --total-average
- name: Halstead Complexity Metrics
# if: inputs.artifact != ''
run: |
radon hal ${{ inputs.package_directory }}
- name: Maintainability Index
# if: inputs.artifact != ''
run: |
radon mi ${{ inputs.package_directory }} -s
PyLint:
name: 🩺 Linting
runs-on: "ubuntu-${{ inputs.ubuntu_image_version }}"
steps:
- name: ⏬ Checkout repository
uses: actions/checkout@v5
with:
lfs: true
submodules: true
- name: 🐍 Setup Python ${{ inputs.python_version }}
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python_version }}
- name: ⚙ Install dependencies for running PyLint
run: |
python -m pip install --disable-pip-version-check pylint
python -m pip install --disable-pip-version-check ${{ inputs.requirements }}
- name: 🩺 PyLint
# if: inputs.artifact != ''
run: |
pylint ${{ inputs.package_directory }}

9
.github/workflows/CompletePipeline.yml vendored
View File

@@ -198,6 +198,15 @@ jobs:
junit_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_junit }}
html_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_html }}
CodeQuality:
uses: pyTooling/Actions/.github/workflows/CheckCodeQuality.yml@dev
needs:
- UnitTestingParams
with:
python_version: ${{ needs.UnitTestingParams.outputs.python_version }}
package_directory: ${{ needs.UnitTestingParams.outputs.package_directory }}
artifact: CodeQuality
DocCoverage:
uses: pyTooling/Actions/.github/workflows/CheckDocumentation.yml@dev
needs:

74
.github/workflows/StaticApplicationSecurityTesting.yml vendored Normal file
View File

@@ -0,0 +1,74 @@
# ==================================================================================================================== #
# Authors: #
# Patrick Lehmann #
# #
# ==================================================================================================================== #
# Copyright 2025-2025 The pyTooling Authors #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); #
# you may not use this file except in compliance with the License. #
# You may obtain a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
# #
# SPDX-License-Identifier: Apache-2.0 #
# ==================================================================================================================== #
name: Security Testing (SAST)
on:
workflow_call:
inputs:
ubuntu_image_version:
description: 'Ubuntu image version.'
required: false
default: '24.04'
type: string
python_version:
description: 'Python version.'
required: false
default: '3.13'
type: string
# requirements:
# description: 'Python dependencies to be installed through pip.'
# required: false
# default: 'bandit'
# type: string
package_directory:
description: '.'
required: true
type: string
artifact:
description: 'Name of the package artifact.'
required: true
type: string
jobs:
Bandit:
name: 🚨 Security Scanning
runs-on: "ubuntu-${{ inputs.ubuntu_image_version }}"
steps:
- name: ⏬ Checkout repository
uses: actions/checkout@v5
with:
lfs: true
submodules: true
- name: 🐍 Setup Python ${{ inputs.python_version }}
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python_version }}
- name: ⚙ Install dependencies for packaging and release
run: python -m pip install --disable-pip-version-check bandit
- name: 👮 Bandit
if: inputs.artifact != ''
run: |
bandit -c pyproject.toml -r ${{ inputs.package_directory }} -f xml -o report/bandit/report.xml

9
.github/workflows/_Checking_JobTemplates.yml vendored
View File

@@ -79,6 +79,15 @@ jobs:
html_report: ${{ needs.ConfigParams.outputs.typing_report_html }}
html_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_html }}
CodeQuality:
uses: pyTooling/Actions/.github/workflows/CheckCodeQuality.yml@dev
needs:
- UnitTestingParams
with:
python_version: ${{ needs.UnitTestingParams.outputs.python_version }}
package_directory: ${{ needs.UnitTestingParams.outputs.package_directory }}
artifact: CodeQuality
DocCoverage:
uses: pyTooling/Actions/.github/workflows/CheckDocumentation.yml@dev
needs: