diff options
| author | lian-manonog <160282780+lian-manonog@users.noreply.github.com> | 2024-08-15 13:58:46 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-08-15 13:58:46 +0100 |
| commit | 2309062a8099c04bedd7f88638abf03ebf5f5171 (patch) | |
| tree | 1bdebb2046a9b1356faa2fe902d9187601ecb3f7 /.github/workflows | |
| parent | 848a86b7f3b9c5ce16cd774d19e3fa62ca8ffc68 (diff) | |
| parent | a009ffe72a2005e72e67345f728539e500b899f5 (diff) | |
| download | de-project-bentley-2309062a8099c04bedd7f88638abf03ebf5f5171.tar.gz de-project-bentley-2309062a8099c04bedd7f88638abf03ebf5f5171.zip | |
Merge pull request #33 from ajschofield/tf-secrets-manager
PR: merge secrets manager with extract_lambda
Diffstat (limited to '.github/workflows')
| -rw-r--r-- | .github/workflows/python.yml | 50 | ||||
| -rw-r--r-- | .github/workflows/terraform.yml | 37 |
2 files changed, 87 insertions, 0 deletions
diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml new file mode 100644 index 0000000..7d5b5b1 --- /dev/null +++ b/.github/workflows/python.yml @@ -0,0 +1,50 @@ +name: python-quality-checks + +on: + push: + branches: [development] + pull_request: + branches: [development, staging] + +jobs: + + check-if-py-files-exist: + runs-on: ubuntu-latest + outputs: + py_files_exist: ${{ steps.check.outputs.py_files_exist }} + steps: + - uses: actions/checkout@v2 + - id: check_files + run: | + if [ -n "$(find . -name '*.py')" ]; then + echo "::set-output name=py_files_exist::true" + else + echo "::set-output name=py_files_exist::false" + fi + + quality-checks: + needs: check-if-py-files-exist + if: ${{ needs.check-if-py-files-exist.outputs.py_files_exist == 'true' }} + runs-on: ubuntu-latest + steps: + - uses : actions/checkout@v2 + - name : Setup + uses : actions/setup-python@v2 + with: + python-version: 3.11 + - name : Dependencies + run: | + python -m pip install --upgrade pip + pip install flake8 pylint black bandit safety + - name : Linting + run: | + flake8 . + find . -name "*.py" | xargs pylint + - name : Formatting + run: | + black --check . + - name: Security + run: | + bandit -r . + safety check +
\ No newline at end of file diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml new file mode 100644 index 0000000..c349756 --- /dev/null +++ b/.github/workflows/terraform.yml @@ -0,0 +1,37 @@ +name: terraform-quality-checks + +on: + push: + branches: [development] + paths: + - 'terraform/**.tf' + - 'terraform/**.tfvars' + pull_request: + branches: [development, staging] + paths: + - 'terraform/**.tf' + - 'terraform/**.tfvars' +jobs: + terraform-validation: + runs-on: ubuntu-latest + defaults: + run: + working-directory: ./terraform + steps: + - uses: actions/checkout@v2 + - name: Setup Terraform + uses: hashicorp/setup-terraform@v1 + with: + terraform_version: latest # Using the latest version, but not sure if it's the best practice + - name: Format + run: terraform fmt -check -recursive + - name: Init + run: terraform init -backend=false + - name: Validate + run: terraform validate + - name: Setup TFLint + uses: terraform-linters/setup-tflint@v2 + with: + tflint_version: latest + - name: Run TFLint + run: tflint -f compact
\ No newline at end of file |