Fix security alerts (#116) #49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation | |
# | |
# This program and the accompanying materials are made available under the | |
# terms of the Apache License, Version 2.0 which is available at | |
# https://www.apache.org/licenses/LICENSE-2.0. | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
# License for the specific language governing permissions and limitations | |
# under the License. | |
# | |
# SPDX-License-Identifier: Apache-2.0 | |
name: CI workflow | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: true | |
on: | |
workflow_dispatch: | |
push: | |
# Run only on branches/commits and not tags | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
build-and-publish: | |
runs-on: ubuntu-latest | |
name: Run Linters, Unit Tests and sdist | |
strategy: | |
max-parallel: 3 | |
matrix: | |
python-version: ["3.9", "3.10"] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Initialize python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
cache: "pip" | |
cache-dependency-path: | | |
**/requirements*.txt | |
- name: Install Dependencies | |
run: | | |
python3 -m pip install --upgrade pip | |
python3 -m pip install -r requirements.txt | |
python3 -m pip install -r requirements-links.txt | |
python3 -m pip install tox-gh-actions | |
- name: Run Linters | |
uses: pre-commit/[email protected] | |
- name: Run the daparized databroker binary | |
run: | | |
./.vscode/scripts/ensure-dapr.sh DAPR --task | |
./.vscode/scripts/run-mosquitto.sh --task & | |
./.vscode/scripts/run-vehicledatabroker.sh DAPR --task & | |
sleep 10s | |
- name: Run unit and integration tests | |
run: tox | |
- name: Publish Unit Test Results | |
uses: mikepenz/action-junit-report@v4 | |
if: always() | |
with: | |
report_paths: ./results/UnitTest/junit.xml | |
summary: true | |
update_check: true | |
annotate_only: true | |
- name: ReportGenerator | |
uses: danielpalme/[email protected] | |
with: | |
reports: "./results/CodeCoverage/cobertura-coverage.xml" # REQUIRED # The coverage reports that should be parsed (separated by semicolon). Globbing is supported. | |
targetdir: "." # REQUIRED # The directory where the generated report should be saved. | |
reporttypes: "MarkdownSummaryGithub" # The output formats and scope (separated by semicolon) Values: Badges, Clover, Cobertura, OpenCover, CsvSummary, Html, Html_Dark, Html_Light, Html_BlueRed, HtmlChart, HtmlInline, HtmlInline_AzurePipelines, HtmlInline_AzurePipelines_Dark, HtmlInline_AzurePipelines_Light, HtmlSummary, JsonSummary, Latex, LatexSummary, lcov, MarkdownSummary, MarkdownSummaryGithub, MarkdownDeltaSummary, MHtml, PngChart, SonarQube, TeamCitySummary, TextSummary, TextDeltaSummary, Xml, XmlSummary | |
sourcedirs: "./velocitas_sdk" # Optional directories which contain the corresponding source code (separated by semicolon). The source directories are used if coverage report contains classes without path information. | |
verbosity: "Info" # The verbosity level of the log messages. Values: Verbose, Info, Warning, Error, Off | |
title: "Coverage" # Optional title. | |
tag: "${{ github.run_number }}_${{ github.run_id }}" # Optional tag or build version. | |
- run: | | |
cat SummaryGithub.md >> $GITHUB_STEP_SUMMARY | |
- name: Test setup.cfg execution | |
run: | | |
python3 setup.py sdist | |
ls |