pyTooling/Actions
1
0
Fork 0
mirror of https://github.com/pyTooling/Actions.git synced 2026-02-12 02:56:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added Bandir, Radon metrics and PyLint checking.

Browse Source
This commit is contained in:
Patrick Lehmann
2025-09-17 07:46:08 +02:00
parent 1041e7b5c7
commit bfe857a4af
9 changed files with 276 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

140
.github/workflows/CheckCodeQuality.yml vendored Normal file
View File

@@ -0,0 +1,140 @@
# ==================================================================================================================== #
# Authors: #
# Patrick Lehmann #
# #
# ==================================================================================================================== #
# Copyright 2025-2025 The pyTooling Authors #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); #
# you may not use this file except in compliance with the License. #
# You may obtain a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
# #
# SPDX-License-Identifier: Apache-2.0 #
# ==================================================================================================================== #
name: Code Quality Checking
on:
workflow_call:
inputs:
ubuntu_image_version:
description: 'Ubuntu image version.'
required: false
default: '24.04'
type: string
python_version:
description: 'Python version.'
required: false
default: '3.13'
type: string
package_directory:
description: '.'
required: true
type: string
requirements:
description: ''
required: false
default: '-r requirements.txt'
type: string
artifact:
description: 'Name of the package artifact.'
required: true
type: string
jobs:
Bandit:
name: 🚨 Security Scanning (Bandit)
runs-on: "ubuntu-${{ inputs.ubuntu_image_version }}"
steps:
- name: ⏬ Checkout repository
uses: actions/checkout@v5
with:
lfs: true
submodules: true
- name: 🐍 Setup Python ${{ inputs.python_version }}
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python_version }}
- name: ⚙ Install dependencies for running bandit
run: python -m pip install --disable-pip-version-check bandit
- name: 👮 Bandit
if: inputs.artifact != ''
run: |
mkdir -p report/bandit
bandit -c pyproject.toml -r ${{ inputs.package_directory }} -f xml -o report/bandit/report.xml
Radon:
name: ☢️ Metrics and Complexity
runs-on: "ubuntu-${{ inputs.ubuntu_image_version }}"
steps:
- name: ⏬ Checkout repository
uses: actions/checkout@v5
with:
lfs: true
submodules: true
- name: 🐍 Setup Python ${{ inputs.python_version }}
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python_version }}
- name: ⚙ Install dependencies for running radon
run: python -m pip install --disable-pip-version-check radon
- name: Code Metrics
# if: inputs.artifact != ''
run: |
radon raw ${{ inputs.package_directory }} -s
- name: Code Complexity
# if: inputs.artifact != ''
run: |
radon cc ${{ inputs.package_directory }} --total-average
- name: Halstead Complexity Metrics
# if: inputs.artifact != ''
run: |
radon hal ${{ inputs.package_directory }}
- name: Maintainability Index
# if: inputs.artifact != ''
run: |
radon mi ${{ inputs.package_directory }} -s
PyLint:
name: 🩺 Linting
runs-on: "ubuntu-${{ inputs.ubuntu_image_version }}"
steps:
- name: ⏬ Checkout repository
uses: actions/checkout@v5
with:
lfs: true
submodules: true
- name: 🐍 Setup Python ${{ inputs.python_version }}
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python_version }}
- name: ⚙ Install dependencies for running PyLint
run: |
python -m pip install --disable-pip-version-check pylint
python -m pip install --disable-pip-version-check ${{ inputs.requirements }}
- name: 🩺 PyLint
# if: inputs.artifact != ''
run: |
pylint ${{ inputs.package_directory }}

9
.github/workflows/CompletePipeline.yml vendored
View File

@@ -198,6 +198,15 @@ jobs:
junit_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_junit }} junit_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_junit }}
html_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_html }} html_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_html }}
CodeQuality:
uses: pyTooling/Actions/.github/workflows/CheckCodeQuality.yml@dev
needs:
- UnitTestingParams
with:
python_version: ${{ needs.UnitTestingParams.outputs.python_version }}
package_directory: ${{ needs.UnitTestingParams.outputs.package_directory }}
artifact: CodeQuality
DocCoverage: DocCoverage:
uses: pyTooling/Actions/.github/workflows/CheckDocumentation.yml@dev uses: pyTooling/Actions/.github/workflows/CheckDocumentation.yml@dev
needs: needs:

74
.github/workflows/StaticApplicationSecurityTesting.yml vendored Normal file
View File

@@ -0,0 +1,74 @@
# ==================================================================================================================== #
# Authors: #
# Patrick Lehmann #
# #
# ==================================================================================================================== #
# Copyright 2025-2025 The pyTooling Authors #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); #
# you may not use this file except in compliance with the License. #
# You may obtain a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
# #
# SPDX-License-Identifier: Apache-2.0 #
# ==================================================================================================================== #
name: Security Testing (SAST)
on:
workflow_call:
inputs:
ubuntu_image_version:
description: 'Ubuntu image version.'
required: false
default: '24.04'
type: string
python_version:
description: 'Python version.'
required: false
default: '3.13'
type: string
# requirements:
# description: 'Python dependencies to be installed through pip.'
# required: false
# default: 'bandit'
# type: string
package_directory:
description: '.'
required: true
type: string
artifact:
description: 'Name of the package artifact.'
required: true
type: string
jobs:
Bandit:
name: 🚨 Security Scanning
runs-on: "ubuntu-${{ inputs.ubuntu_image_version }}"
steps:
- name: ⏬ Checkout repository
uses: actions/checkout@v5
with:
lfs: true
submodules: true
- name: 🐍 Setup Python ${{ inputs.python_version }}
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python_version }}
- name: ⚙ Install dependencies for packaging and release
run: python -m pip install --disable-pip-version-check bandit
- name: 👮 Bandit
if: inputs.artifact != ''
run: |
bandit -c pyproject.toml -r ${{ inputs.package_directory }} -f xml -o report/bandit/report.xml

9
.github/workflows/_Checking_JobTemplates.yml vendored
View File

@@ -79,6 +79,15 @@ jobs:
html_report: ${{ needs.ConfigParams.outputs.typing_report_html }} html_report: ${{ needs.ConfigParams.outputs.typing_report_html }}
html_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_html }} html_artifact: ${{ fromJson(needs.UnitTestingParams.outputs.artifact_names).statictyping_html }}
CodeQuality:
uses: pyTooling/Actions/.github/workflows/CheckCodeQuality.yml@dev
needs:
- UnitTestingParams
with:
python_version: ${{ needs.UnitTestingParams.outputs.python_version }}
package_directory: ${{ needs.UnitTestingParams.outputs.package_directory }}
artifact: CodeQuality
DocCoverage: DocCoverage:
uses: pyTooling/Actions/.github/workflows/CheckDocumentation.yml@dev uses: pyTooling/Actions/.github/workflows/CheckDocumentation.yml@dev
needs: needs:

3
.gitignore vendored
View File

@@ -15,6 +15,9 @@ coverage.xml
/report/unit /report/unit
/tests/*.github /tests/*.github
# bandit
/report/bandit
# setuptools # setuptools
/build/**/*.* /build/**/*.*
/dist/**/*.* /dist/**/*.*

8
.idea/Actions.iml generated
View File

@@ -1,7 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<module type="PYTHON_MODULE" version="4"> <module type="PYTHON_MODULE" version="4">
<component name="NewModuleRootManager"> <component name="NewModuleRootManager">
<content url="file://$MODULE_DIR$" /> <content url="file://$MODULE_DIR$">
<sourceFolder url="file://$MODULE_DIR$/myFramework" isTestSource="false" />
<sourceFolder url="file://$MODULE_DIR$/myPackage" isTestSource="false" />
<sourceFolder url="file://$MODULE_DIR$/tests" isTestSource="true" />
<excludeFolder url="file://$MODULE_DIR$/doc/_build" />
<excludeFolder url="file://$MODULE_DIR$/report" />
</content>
<orderEntry type="jdk" jdkName="Python 3.13" jdkType="Python SDK" /> <orderEntry type="jdk" jdkName="Python 3.13" jdkType="Python SDK" />
<orderEntry type="sourceFolder" forTests="false" /> <orderEntry type="sourceFolder" forTests="false" />
</component> </component>

9
myFramework/Extension/__init__.py
View File

@@ -67,6 +67,14 @@ class Base:
""" """
return self._value return self._value
def Add(self, value) -> None:
"""
Accumulate value to internal value.
:param value: Value to accumulate.
"""
self._value += value
@export @export
class Application(Base): class Application(Base):
@@ -81,6 +89,7 @@ class Application(Base):
super().__init__() super().__init__()
platform = Platform() platform = Platform()
# pylint: disable=using-constant-test
if platform.IsNativeLinux: if platform.IsNativeLinux:
self._value += 1 self._value += 1
elif platform.IsNativeMacOS: elif platform.IsNativeMacOS:

9
myPackage/__init__.py
View File

@@ -67,6 +67,14 @@ class Base:
""" """
return self._value return self._value
def Add(self, value) -> None:
"""
Accumulate value to internal value.
:param value: Value to accumulate.
"""
self._value += value
@export @export
class Application(Base): class Application(Base):
@@ -81,6 +89,7 @@ class Application(Base):
super().__init__() super().__init__()
platform = Platform() platform = Platform()
# pylint: disable=using-constant-test
if platform.IsNativeLinux: if platform.IsNativeLinux:
self._value += 1 self._value += 1
elif platform.IsNativeMacOS: elif platform.IsNativeMacOS:

18
pyproject.toml
View File

@@ -6,8 +6,22 @@ requires = [
] ]
build-backend = "setuptools.build_meta" build-backend = "setuptools.build_meta"
[tool.black] [tool.pylint.format]
line-length = 120 indent-string="\t"
max-line-length = 120
[tool.pylint.basic]
argument-naming-style = "camelCase"
attr-naming-style = "camelCase"
class-attribute-naming-style = "camelCase"
class-const-naming-style = "UPPER_CASE"
class-naming-style = "PascalCase"
const-naming-style = "UPPER_CASE"
function-naming-style = "camelCase"
inlinevar-naming-style = "camelCase"
method-naming-style = "PascalCase"
module-naming-style = "any"
variable-naming-style = "camelCase"
[tool.mypy] [tool.mypy]
packages = ["myPackage", "myFramework.Extension"] packages = ["myPackage", "myFramework.Extension"]