Skip to content

fix program query

fix program query #341

Workflow file for this run

# Workflow responsible for core acceptance testing.
# Tests Currently Run:
# - flake8-linter
# - PYTest
# - Bandit
# For PR Vulnerability Scanning a separate workflow will run.
# The build-push-dev-image and build-push-release workflows
# handle the develop and release image storage respectively.
#
#
name: Code-Checks
on:
# push:
# branches-ignore:
# - master
# - main
# - develop
pull_request:
branches:
- develop
- master
- main
types: [ opened, synchronize ]
paths-ignore:
- README.md
- .old_cicd/*
# - .github/*
# - .github/workflows/*
- LICENSE
- .gitignore
- .dockerignore
- .githooks
jobs:
############################## flake8-linter ##############################
flake8-linter:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.12'
# Currently actions/setup-python supports caching
# but the cache is not as robust as cache action.
# Here we cache the entire python env which speeds subsequent builds up alot. (alot being scientific term)
# Ref: https://blog.allenai.org/python-caching-in-github-actions-e9452698e98d
- uses: actions/cache@v3
name: Cache Python
with:
path: ${{ env.pythonLocation }}
key: ${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('pyproject.toml') }}
- name: Install Requirements
run: |
pip install -r requirements.txt
- name: Lint with flake8
run: |
pip install flake8
flake8 --ignore=E,W src
# We continue on error here until the code is clean
# flake8 --ignore=E,W --exit-zero .
continue-on-error: true
################################### PYTEST ###################################
pytest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.12'
- name: Install Requirements
run: |
pip install -r requirements.txt
pip install coverage
pip install .
- name: Test with pytest
run: |
make test
############################ Bandit ################################
bandit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.12'
- name: Install Requirements
run: |
pip install -r requirements.txt
pip install bandit
pip install .
# Only report high security issues
- name: Test with Bandit
run: |
bandit -r src -n3 -lll
############################## test-image-build ##############################
test-image-build:
runs-on: ubuntu-latest
# if: ${{ github.actor == 'dependabot[bot]' }}
steps:
- uses: actions/checkout@v3
- name: Set short git commit SHA
id: vars
run: |
echo "short_sha=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
# https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
- name: Confirm git commit SHA output
run: echo ${{ steps.vars.outputs.short_sha }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
logout: true
- name: Parse Github Reference Name
id: branch
run: |
REF=${{ github.ref_name }}
echo "GHR=${REF%/*}" >> $GITHUB_OUTPUT
# Notes on Cache:
# https://docs.docker.com/build/ci/github-actions/examples/#inline-cache
- name: Build Container
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: |
${{ github.repository }}:test_${{ steps.branch.outputs.GHR }}
cache-from: type=registry,ref=${{ github.repository }}:buildcache
cache-to: type=registry,ref=${{ github.repository }}:buildcache,mode=max