3cb1c0b103
- Remove app/.venv from git tracking (should not be committed) - Update flake8 to only scan project code (app/stiftung, app/core) - Update black and isort to only check project code - Update bandit security scanning to only check project code - Excludes third-party packages that cause linting failures
53 lines
1.4 KiB
YAML
53 lines
1.4 KiB
YAML
name: Code Quality
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main ]
|
|
|
|
jobs:
|
|
quality:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.10'
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install flake8 black isort
|
|
pip install -r app/requirements.txt
|
|
|
|
- name: Lint with flake8
|
|
run: |
|
|
# Stop the build if there are Python syntax errors or undefined names
|
|
flake8 app/stiftung app/core --count --select=E9,F63,F7,F82 --show-source --statistics
|
|
# Exit-zero treats all errors as warnings
|
|
flake8 app/stiftung app/core --count --exit-zero --max-complexity=10 --max-line-length=88 --statistics
|
|
|
|
- name: Check code formatting with black
|
|
run: |
|
|
black --check app/stiftung app/core
|
|
|
|
- name: Check import sorting with isort
|
|
run: |
|
|
isort --check-only app/stiftung app/core
|
|
|
|
- name: Check for security issues
|
|
run: |
|
|
pip install bandit
|
|
bandit -r app/stiftung app/core -f json -o bandit-report.json || true
|
|
|
|
- name: Upload security report
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: bandit-security-report
|
|
path: bandit-report.json
|