Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
9cba668088 | ||
|
|
53e4b246a4 | ||
|
|
87c64c424f |
42
.gitea/workflows/node-checks.yml
Normal file
42
.gitea/workflows/node-checks.yml
Normal file
@@ -0,0 +1,42 @@
|
||||
name: Reusable Node Checks
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
node_version:
|
||||
type: string
|
||||
default: "22"
|
||||
install_command:
|
||||
type: string
|
||||
default: "npm ci"
|
||||
typecheck_command:
|
||||
type: string
|
||||
default: "npm run typecheck"
|
||||
test_command:
|
||||
type: string
|
||||
default: "npm test"
|
||||
build_command:
|
||||
type: string
|
||||
default: "npm run build"
|
||||
|
||||
jobs:
|
||||
check:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: node:${{ inputs.node_version }}-alpine
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install dependencies
|
||||
run: ${{ inputs.install_command }}
|
||||
|
||||
- name: Typecheck
|
||||
run: ${{ inputs.typecheck_command }}
|
||||
|
||||
- name: Run tests
|
||||
run: ${{ inputs.test_command }}
|
||||
|
||||
- name: Build
|
||||
run: ${{ inputs.build_command }}
|
||||
@@ -41,7 +41,7 @@ jobs:
|
||||
current_run_number = int("${{ gitea.run_number }}")
|
||||
current_branch = "${{ gitea.ref_name }}"
|
||||
current_event = "${{ gitea.event_name }}"
|
||||
token = os.environ["GITEA_TOKEN"]
|
||||
token = os.environ["API_GITEA_TOKEN"]
|
||||
|
||||
url = (
|
||||
f"{server}/api/v1/repos/{repo}/actions/runs"
|
||||
|
||||
@@ -6,9 +6,21 @@ on:
|
||||
python_version:
|
||||
type: string
|
||||
default: "3.14"
|
||||
source_path:
|
||||
type: string
|
||||
default: "app"
|
||||
tests_path:
|
||||
type: string
|
||||
default: "tests"
|
||||
test_command:
|
||||
type: string
|
||||
default: "coverage run -m pytest"
|
||||
coverage_fail_under:
|
||||
type: string
|
||||
default: "60"
|
||||
run_security_scan:
|
||||
type: boolean
|
||||
default: true
|
||||
|
||||
jobs:
|
||||
check:
|
||||
@@ -26,24 +38,25 @@ jobs:
|
||||
- name: Install Tools & Deps
|
||||
run: |
|
||||
python -m pip install --upgrade pip setuptools wheel
|
||||
pip install -e .[dev] || pip install -e .[test] || pip install -e .
|
||||
pip install -e ".[dev]" || pip install -e ".[test]" || pip install -e .
|
||||
pip install ruff coverage pip-audit bandit
|
||||
|
||||
- name: Linting
|
||||
run: ruff check app tests
|
||||
run: ruff check ${{ inputs.source_path }} ${{ inputs.tests_path }}
|
||||
|
||||
- name: Tests
|
||||
run: |
|
||||
${{ inputs.test_command }}
|
||||
coverage report --fail-under=60
|
||||
coverage report --fail-under=${{ inputs.coverage_fail_under }}
|
||||
coverage xml
|
||||
coverage html
|
||||
|
||||
- name: Security Scan
|
||||
if: ${{ inputs.run_security_scan }}
|
||||
run: |
|
||||
pip freeze | grep -v "git+" > req.txt
|
||||
pip-audit -r req.txt
|
||||
bandit -r app/
|
||||
bandit -r ${{ inputs.source_path }}
|
||||
|
||||
- name: Upload Coverage HTML
|
||||
if: always()
|
||||
|
||||
Reference in New Issue
Block a user