-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add static check with "avocado-static-checks" #129
base: main
Are you sure you want to change the base?
Conversation
@@ -272,18 +287,15 @@ | |||
elif match in [1, 2, 3, 10]: # "password:" | |||
if password_prompt_count == 0: | |||
if debug: | |||
LOG.debug("Got password prompt, sending '%s'", | |||
password) | |||
LOG.debug("Got password prompt, sending '%s'", password) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
password_list[password_prompt_count]) | ||
LOG.debug( | ||
"Got password prompt, sending '%s'", | ||
password_list[password_prompt_count], |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
password_list[password_prompt_count]) | ||
LOG.debug( | ||
"Got password prompt, sending '%s'", | ||
password_list[password_prompt_count], |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
This expression logs
sensitive data (password)
- name: Check out repository code | ||
uses: actions/checkout@v4 | ||
- name: run static checks | ||
uses: avocado-framework/avocado-ci-tools@main |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I expected to see something like this coming when I saw that new repo... Anyway currently there are 2 checks only and both of them already exist as GH action targets. What is the benefit of bundling them and using the avocado-ci-tools target instead? I mean I'd rather have 2 independent psf/black@stable
and isort/isort-action@v1
pipelines to one combined avocado-framework/avocado-ci-tools@main
one.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @ldoktor, the reason for the avocado-ci-tools is to reduce the duplications in avocado workflows. Right now, it has static-checks
and project
. The project
is for configuration of MR. Avocado bot which is automatization for avocado-project dashboard. And static-checks
which is for running unified checks for all avocado related repos.
I understand that from your point the static-checks
does the same work as psf/black@stable
and isort/isort-action@v1
, but the static-checks repo has one mayor advantage. We can use it as submodule for other repos and bring the same static-checks to CI and local environments for developers. I hope that this explanation will help you better understand why we use this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @ldoktor, as @richtja explained, one of the goals is to allow for development time execution of those checks, that is, before it gets sent to a Git forge such as GitHub.
BTW, I'm keeping this as draft, because to be a fair request for change, this needs to implement at least as much as it's currently implemented in inspect checkall
, OR, at least (transitionally) changing inspekt checkall
to a combination of static-checks/check*
and inspekt $SPECIFIC_CHECK_COMMAND
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, I understand although I'm wondering if separate checks wouldn't be easier to post-process on failure. I mean looking into one single blob with multiple checks might be hard to process using human eyes and harder to reproduce unless the output is pretty damn simple. Something like:
::group::Running style check
...
::endgroup::
::group::Running import order check
...
::error::Import order failed, use `isort --profile black .` to reproduce locally
::endgroup::
...
::group::Report
Successful checks:
* Style check
Unsuccessful checks:
* Import order
::endgroup::
Adds a Python module import order check, and code style check. This is based on "avocado-static-checks", which is being added here as a submodule. On CI, it uses the "avocado-ci-tools" actions to check out and run it, but the same can be done locally with the submodule. Signed-off-by: Cleber Rosa <[email protected]>
3d7315e
to
28eaf9a
Compare
Adds a Python module import order check, and code style check.
This is based on "avocado-static-checks", which is being added here as a submodule. On CI, it uses the "avocado-ci-tools" actions to check out and run it, but the same can be done locally with the submodule.