From 6f12e84d30a798ce80c90ee29aebd7fa45501eba Mon Sep 17 00:00:00 2001 From: Alex Schofield Date: Thu, 15 Aug 2024 11:26:56 +0100 Subject: ci(staging-checks): replace *.yml with staging-checks.yml --- .github/workflows/staging-checks.yml | 50 ++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .github/workflows/staging-checks.yml (limited to '.github') diff --git a/.github/workflows/staging-checks.yml b/.github/workflows/staging-checks.yml new file mode 100644 index 0000000..cec0695 --- /dev/null +++ b/.github/workflows/staging-checks.yml @@ -0,0 +1,50 @@ +name: staging-checks + +on: + push: + branches: [development] + pull_request: + branches: [development, staging] + +jobs: + + check-if-py-files-exist: + runs-on: ubuntu-latest + outputs: + py_files_exist: ${{ steps.check.outputs.py_files_exist }} + steps: + - uses: actions/checkout@v2 + - id: check_files + run: | + if [ -n "$(find . -name '*.py')" ]; then + echo "::set-output name=py_files_exist::true" + else + echo "::set-output name=py_files_exist::false" + fi + + python-quality-checks: + needs: check-if-py-files-exist + if: ${{ needs.check-if-py-files-exist.outputs.py_files_exist == 'true' }} + runs-on: ubuntu-latest + steps: + - uses : actions/checkout@v2 + - name : Setup + uses : actions/setup-python@v2 + with: + python-version: 3.11 + - name : Dependencies + run: | + python -m pip install --upgrade pip + pip install flake8 pylint black bandit safety + - name : Linting + run: | + flake8 . + find . -name "*.py" | xargs pylint + - name : Formatting + run: | + black --check . + - name: Security + run: | + bandit -r . + safety check + \ No newline at end of file -- cgit v1.2.3 From 5fecc3060f0565af004368cd0856df848ca0127a Mon Sep 17 00:00:00 2001 From: Alex Schofield Date: Thu, 15 Aug 2024 12:09:27 +0100 Subject: ci(commit-qc-checks): add initial qc checks for commits using ga" it will: - lint python scripts - check python script formatting - check python script security - check formatting for tf scripts - validate tf configuration --- .github/workflows/on-commit.yml | 60 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 .github/workflows/on-commit.yml (limited to '.github') diff --git a/.github/workflows/on-commit.yml b/.github/workflows/on-commit.yml new file mode 100644 index 0000000..e429651 --- /dev/null +++ b/.github/workflows/on-commit.yml @@ -0,0 +1,60 @@ +name: commit-qc-checks + +on: + push: + branches-ignore: + - 'main' + +jobs: + check-if-py-files-exist: + runs-on: ubuntu-latest + outputs: + py_files_exist: ${{ steps.check.outputs.py_files_exist }} + steps: + - uses: actions/checkout@v2 + - id: check_files + run: | + if [ -n "$(find . -name '*.py')" ]; then + echo "::set-output name=py_files_exist::true" + else + echo "::set-output name=py_files_exist::false" + fi + + quality-checks: + needs: check-if-py-files-exist + if: ${{ needs.check-if-py-files-exist.outputs.py_files_exist == 'true' }} + runs-on: ubuntu-latest + steps: + - uses : actions/checkout@v2 + - name : 'Python: Setup' + uses : actions/setup-python@v2 + with: + python-version: 3.11 + - name : 'Python: Install Dependencies' + run: | + python -m pip install --upgrade pip + pip install flake8 pylint black bandit safety + - name : 'Python: Linting' + run: | + flake8 . + find . -name "*.py" | xargs pylint + - name : 'Python: Formatting' + run: | + black --check . + - name: 'Python: Security' + run: | + bandit -r . + safety check + - name: 'Terraform: Setup' + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: latest + - name: 'Terraform: Formatting' + working-directory: ./terraform + run: terraform fmt -check -recursive + - name: 'Terraform: Initialise' + working-directory: ./terraform + run: terraform init -backend=false + - name: 'Terraform: Validate' + working-directory: ./terraform + run: terraform validate -- cgit v1.2.3 From 9050c94bf9af7e90056217e9b1eb85f993ad5886 Mon Sep 17 00:00:00 2001 From: Alex Schofield Date: Thu, 15 Aug 2024 12:12:11 +0100 Subject: chore(ci): remove abandoned yml configs --- .github/workflows/python.yml | 50 ------------------------------------ .github/workflows/staging-checks.yml | 50 ------------------------------------ .github/workflows/terraform.yml | 37 -------------------------- 3 files changed, 137 deletions(-) delete mode 100644 .github/workflows/python.yml delete mode 100644 .github/workflows/staging-checks.yml delete mode 100644 .github/workflows/terraform.yml (limited to '.github') diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml deleted file mode 100644 index 7d5b5b1..0000000 --- a/.github/workflows/python.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: python-quality-checks - -on: - push: - branches: [development] - pull_request: - branches: [development, staging] - -jobs: - - check-if-py-files-exist: - runs-on: ubuntu-latest - outputs: - py_files_exist: ${{ steps.check.outputs.py_files_exist }} - steps: - - uses: actions/checkout@v2 - - id: check_files - run: | - if [ -n "$(find . -name '*.py')" ]; then - echo "::set-output name=py_files_exist::true" - else - echo "::set-output name=py_files_exist::false" - fi - - quality-checks: - needs: check-if-py-files-exist - if: ${{ needs.check-if-py-files-exist.outputs.py_files_exist == 'true' }} - runs-on: ubuntu-latest - steps: - - uses : actions/checkout@v2 - - name : Setup - uses : actions/setup-python@v2 - with: - python-version: 3.11 - - name : Dependencies - run: | - python -m pip install --upgrade pip - pip install flake8 pylint black bandit safety - - name : Linting - run: | - flake8 . - find . -name "*.py" | xargs pylint - - name : Formatting - run: | - black --check . - - name: Security - run: | - bandit -r . - safety check - \ No newline at end of file diff --git a/.github/workflows/staging-checks.yml b/.github/workflows/staging-checks.yml deleted file mode 100644 index cec0695..0000000 --- a/.github/workflows/staging-checks.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: staging-checks - -on: - push: - branches: [development] - pull_request: - branches: [development, staging] - -jobs: - - check-if-py-files-exist: - runs-on: ubuntu-latest - outputs: - py_files_exist: ${{ steps.check.outputs.py_files_exist }} - steps: - - uses: actions/checkout@v2 - - id: check_files - run: | - if [ -n "$(find . -name '*.py')" ]; then - echo "::set-output name=py_files_exist::true" - else - echo "::set-output name=py_files_exist::false" - fi - - python-quality-checks: - needs: check-if-py-files-exist - if: ${{ needs.check-if-py-files-exist.outputs.py_files_exist == 'true' }} - runs-on: ubuntu-latest - steps: - - uses : actions/checkout@v2 - - name : Setup - uses : actions/setup-python@v2 - with: - python-version: 3.11 - - name : Dependencies - run: | - python -m pip install --upgrade pip - pip install flake8 pylint black bandit safety - - name : Linting - run: | - flake8 . - find . -name "*.py" | xargs pylint - - name : Formatting - run: | - black --check . - - name: Security - run: | - bandit -r . - safety check - \ No newline at end of file diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml deleted file mode 100644 index c349756..0000000 --- a/.github/workflows/terraform.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: terraform-quality-checks - -on: - push: - branches: [development] - paths: - - 'terraform/**.tf' - - 'terraform/**.tfvars' - pull_request: - branches: [development, staging] - paths: - - 'terraform/**.tf' - - 'terraform/**.tfvars' -jobs: - terraform-validation: - runs-on: ubuntu-latest - defaults: - run: - working-directory: ./terraform - steps: - - uses: actions/checkout@v2 - - name: Setup Terraform - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: latest # Using the latest version, but not sure if it's the best practice - - name: Format - run: terraform fmt -check -recursive - - name: Init - run: terraform init -backend=false - - name: Validate - run: terraform validate - - name: Setup TFLint - uses: terraform-linters/setup-tflint@v2 - with: - tflint_version: latest - - name: Run TFLint - run: tflint -f compact \ No newline at end of file -- cgit v1.2.3