Skip to content

Fix security alerts (#116) #49

Fix security alerts (#116)

Fix security alerts (#116) #49

Workflow file for this run

# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation
#
# This program and the accompanying materials are made available under the
# terms of the Apache License, Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# SPDX-License-Identifier: Apache-2.0
name: CI workflow
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
on:
workflow_dispatch:
push:
# Run only on branches/commits and not tags
branches:
- main
pull_request:
branches:
- main
jobs:
build-and-publish:
runs-on: ubuntu-latest
name: Run Linters, Unit Tests and sdist
strategy:
max-parallel: 3
matrix:
python-version: ["3.9", "3.10"]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
cache-dependency-path: |
**/requirements*.txt
- name: Install Dependencies
run: |
python3 -m pip install --upgrade pip
python3 -m pip install -r requirements.txt
python3 -m pip install -r requirements-links.txt
python3 -m pip install tox-gh-actions
- name: Run Linters
uses: pre-commit/[email protected]
- name: Run the daparized databroker binary
run: |
./.vscode/scripts/ensure-dapr.sh DAPR --task
./.vscode/scripts/run-mosquitto.sh --task &
./.vscode/scripts/run-vehicledatabroker.sh DAPR --task &
sleep 10s
- name: Run unit and integration tests
run: tox
- name: Publish Unit Test Results
uses: mikepenz/action-junit-report@v4
if: always()
with:
report_paths: ./results/UnitTest/junit.xml
summary: true
update_check: true
annotate_only: true
- name: ReportGenerator
uses: danielpalme/[email protected]
with:
reports: "./results/CodeCoverage/cobertura-coverage.xml" # REQUIRED # The coverage reports that should be parsed (separated by semicolon). Globbing is supported.
targetdir: "." # REQUIRED # The directory where the generated report should be saved.
reporttypes: "MarkdownSummaryGithub" # The output formats and scope (separated by semicolon) Values: Badges, Clover, Cobertura, OpenCover, CsvSummary, Html, Html_Dark, Html_Light, Html_BlueRed, HtmlChart, HtmlInline, HtmlInline_AzurePipelines, HtmlInline_AzurePipelines_Dark, HtmlInline_AzurePipelines_Light, HtmlSummary, JsonSummary, Latex, LatexSummary, lcov, MarkdownSummary, MarkdownSummaryGithub, MarkdownDeltaSummary, MHtml, PngChart, SonarQube, TeamCitySummary, TextSummary, TextDeltaSummary, Xml, XmlSummary
sourcedirs: "./velocitas_sdk" # Optional directories which contain the corresponding source code (separated by semicolon). The source directories are used if coverage report contains classes without path information.
verbosity: "Info" # The verbosity level of the log messages. Values: Verbose, Info, Warning, Error, Off
title: "Coverage" # Optional title.
tag: "${{ github.run_number }}_${{ github.run_id }}" # Optional tag or build version.
- run: |
cat SummaryGithub.md >> $GITHUB_STEP_SUMMARY
- name: Test setup.cfg execution
run: |
python3 setup.py sdist
ls