Skip to content

Commit

Permalink
Merge pull request #174 from kbase/remove_black_autocommit
Browse files Browse the repository at this point in the history 
Removing the black autocommit action and doing some general housekeep…
  • Loading branch information
@ialarmedalien
ialarmedalien authored May 17, 2024
2 parents 9a0be4b + 096c289 commit fdfc8c4
Show file tree
Hide file tree
Showing 7 changed files with 204 additions and 235 deletions.
20 changes: 0 additions & 20 deletions .github/workflows/black.yaml
View file

This file was deleted.

64 changes: 32 additions & 32 deletions .github/workflows/codacy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,41 +9,41 @@
name: Codacy Security Scan

on:
workflow_call:
workflow_call:

permissions:
contents: read
contents: read

jobs:
codacy-security-scan:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout code
uses: actions/checkout@v3
codacy-security-scan:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout code
uses: actions/checkout@v4

# Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@5cc54a75f9ad88159bb54046196d920e40e367a5
with:
# Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
# You can also omit the token and run the tools that support default configurations
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
verbose: true
output: results.sarif
format: sarif
# Adjust severity of non-security issues
gh-code-scanning-compat: true
# Force 0 exit code to allow SARIF file generation
# This will handover control about PR rejection to the GitHub side
max-allowed-issues: 2147483647
# Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@5cc54a75f9ad88159bb54046196d920e40e367a5
with:
# Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
# You can also omit the token and run the tools that support default configurations
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
verbose: true
output: results.sarif
format: sarif
# Adjust severity of non-security issues
gh-code-scanning-compat: true
# Force 0 exit code to allow SARIF file generation
# This will handover control about PR rejection to the GitHub side
max-allowed-issues: 2147483647

# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
60 changes: 30 additions & 30 deletions .github/workflows/codeql.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,40 +1,40 @@
name: "CodeQL"

on:
workflow_call:
workflow_call:

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ 'python' ]
# python-version: ["3.9", "3.10"]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
strategy:
fail-fast: false
matrix:
language: ["python"]
python-version: ["3.10", "3.11", "3.12"]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

steps:
- name: Checkout repository
uses: actions/checkout@v3
steps:
- name: Checkout repository
uses: actions/checkout@v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.

# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
24 changes: 12 additions & 12 deletions .github/workflows/on_branch_merge.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,20 @@
name: Merge to main / develop

on:
push:
branches:
- main
- develop
push:
branches:
- main
- develop

jobs:
run_unit_tests:
uses: ./.github/workflows/run_tests.yaml
run_unit_tests:
uses: ./.github/workflows/run_tests.yaml

run_code_ql:
uses: ./.github/workflows/codeql.yaml
run_code_ql:
uses: ./.github/workflows/codeql.yaml

run_codacy:
uses: ./.github/workflows/codacy.yaml
run_codacy:
uses: ./.github/workflows/codacy.yaml

run_trivy:
uses: ./.github/workflows/trivy.yaml
run_trivy:
uses: ./.github/workflows/trivy.yaml
32 changes: 14 additions & 18 deletions .github/workflows/on_pr.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,26 +1,22 @@
name: Standard PR workflow

on:
pull_request:
types:
- opened
- reopened
- synchronize
- ready_for_review
pull_request:
types:
- opened
- reopened
- synchronize
- ready_for_review

jobs:
format_files:
uses: ./.github/workflows/black.yaml
run_unit_tests:
uses: ./.github/workflows/run_tests.yaml

run_unit_tests:
uses: ./.github/workflows/run_tests.yaml
needs: format_files
run_code_ql:
uses: ./.github/workflows/codeql.yaml

run_code_ql:
uses: ./.github/workflows/codeql.yaml
run_codacy:
uses: ./.github/workflows/codacy.yaml

run_codacy:
uses: ./.github/workflows/codacy.yaml

run_trivy:
uses: ./.github/workflows/trivy.yaml
run_trivy:
uses: ./.github/workflows/trivy.yaml
Loading

0 comments on commit fdfc8c4

Please sign in to comment.