Merge pull request #9 from brunobotelhobr/dependabot/pip/urllib3-2.0.7 #55

Workflow file for this run

	name: CI Github Actions
	on:
	workflow_dispatch:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main

	jobs:

	Lint:
	runs-on: ubuntu-latest
	env:
	PYTHON: '3.11'
	steps:
	- uses: actions/checkout@master
	- name: Setup Python
	uses: actions/setup-python@master
	with:
	python-version: 3.11
	- name: Generate lint
	run: \|
	pip install poetry
	poetry config virtualenvs.create false
	poetry install
	poetry run task lint

	Test:
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	os: [ubuntu-latest, macos-latest, windows-latest]
	env:
	OS: ${{ matrix.os }}
	PYTHON: '3.11'
	steps:
	- uses: actions/checkout@master
	- name: Setup Python
	uses: actions/setup-python@master
	with:
	python-version: 3.11
	- name: Generate coverage report
	run: \|
	pip install poetry
	poetry config virtualenvs.create false
	poetry install
	pytest --cov=src --cov-report=xml
	- name: Upload coverage to Codecov
	uses: codecov/codecov-action@v3
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	directory: ./coverage/reports/
	env_vars: OS,PYTHON
	fail_ci_if_error: true
	files: ./coverage.xml
	flags: unittests
	name: codecov-umbrella
	verbose: true

	Security:
	runs-on: ubuntu-latest
	env:
	PYTHON: '3.11'
	steps:
	- uses: actions/checkout@master
	- name: Setup Python
	uses: actions/setup-python@master
	with:
	python-version: 3.11
	- name: Run Code Security Checks
	run: \|
	curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh \| sh -s -- -b /usr/local/bin v0.45.1
	curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh \| bash -s latest
	pip install poetry
	poetry config virtualenvs.create false
	poetry install
	bandit -c pyproject.toml -r src
	horusec start -D -p ./src
	trivy fs --exit-code 1 --scanners vuln,config,secret .
	- name: Run Container Security Checks
	run: \|
	docker build -t test_img:ci-test .
	trivy image --exit-code 1 --severity HIGH,CRITICAL test_img:ci-test

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #9 from brunobotelhobr/dependabot/pip/urllib3-2.0.7 #55

Workflow file

Merge pull request #9 from brunobotelhobr/dependabot/pip/urllib3-2.0.7 #55

Jobs

Run details

Workflow file for this run