v2.4.2 - bug fixes, feature updates, unit tests, ci/cd updates #72
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Building and Testing | |
| on: | |
| #triggers the workflow on push or pull request events but only for the master branch | |
| push: | |
| branches: [ master ] | |
| paths-ignore: | |
| - '**/README.md' | |
| - '**/.ipynb' | |
| - 'docs/**/*' | |
| - 'config/**' | |
| pull_request: | |
| branches: [ main ] | |
| #allow for workflow to be manually initiated from the Actions tab | |
| workflow_dispatch: | |
| #build and test pySAR | |
| jobs: | |
| #build job | |
| test: | |
| timeout-minutes: 15 | |
| name: Build pySAR | |
| runs-on: ubuntu-latest #platform: [ubuntu-latest, macos-latest, windows-latest] | |
| strategy: | |
| matrix: | |
| python-version: ["3.8", "3.9", "3.10"] #testing on multiple python versions | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| #install all required modules and dependancies using pip and setup.py installation | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install pip | |
| python3 -m pip install setuptools wheel twine | |
| pip install flake8 pytest | |
| pip3 install pytest | |
| pip3 install pytest-cov | |
| pip3 install bandit | |
| pip3 install safety | |
| if [ -f requirements.txt ]; then pip install -r requirements.txt; fi | |
| python3 setup.py install | |
| #create artifacts dir | |
| - name: Artifacts mkdir | |
| run: mkdir artifacts | |
| #package vulnerability check | |
| - name: Package safety check | |
| run: | | |
| echo "Running package safety check" | |
| python3 -m safety check > artifacts/package_safety_output.txt | |
| cat artifacts/package_safety_output.txt | |
| continue-on-error: true | |
| #run Bandit security check for any known vulnerabilities in code | |
| - name: Bandit | |
| run: | | |
| echo "Running Bandit" | |
| python3 -m bandit -r pySAR > artifacts/bandit_output.txt | |
| cat artifacts/bandit_output.txt | |
| continue-on-error: true | |
| #linting with flake8 | |
| - name: Lint with flake8 | |
| run: | | |
| echo "Testing using flake8..." | |
| # stop the build if there are Python syntax errors or undefined names | |
| flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics > artifacts/flake8_output.txt | |
| # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide | |
| flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics >> artifacts/flake8_output.txt | |
| continue-on-error: true | |
| #unit tests using pytest, unittest, flake8 and bandit frameworks | |
| - name: Testing with unittest | |
| run: | | |
| echo "Testing using unittest..." | |
| python3 -m unittest discover tests -b | |
| #upload to Code Coverage, only if matrix python version is 3.9 | |
| - name: Upload Coverage Report to Codecov | |
| uses: codecov/codecov-action@v3 | |
| if: ${{ matrix.python-version == '3.9' }} | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| with: | |
| flags: pySAR_workflow | |
| #upload test artifacts to workflow | |
| - name: Upload Test Artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: test_artifacts | |
| path: | | |
| artifacts/package_safety_output.txt | |
| artifacts/bandit_output.txt | |
| if-no-files-found: error |