ci.yml•2.49 kB
name: CI
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [3.9, 3.10, 3.11, 3.12]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Cache pip dependencies
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install pytest-cov
- name: Run tests
run: |
pytest tests/ -v --cov=src --cov-report=xml --cov-report=html
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
if: matrix.python-version == '3.12'
with:
file: ./coverage.xml
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.12
uses: actions/setup-python@v4
with:
python-version: '3.12'
- name: Install linting dependencies
run: |
python -m pip install --upgrade pip
pip install flake8 black isort mypy
- name: Run black formatter check
run: black --check src/ tests/
- name: Run isort import sorting check
run: isort --check-only src/ tests/
- name: Run flake8 linter
run: flake8 src/ tests/
- name: Run mypy type checker
run: mypy src/ --ignore-missing-imports
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.12
uses: actions/setup-python@v4
with:
python-version: '3.12'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install safety bandit
- name: Run safety check
run: safety check
- name: Run bandit security linter
run: bandit -r src/ -f json -o bandit-report.json || true
- name: Upload bandit report
uses: actions/upload-artifact@v3
if: always()
with:
name: bandit-report
path: bandit-report.json