Skip to content

fix: Dockerfile to reduce vulnerabilities #128

fix: Dockerfile to reduce vulnerabilities

fix: Dockerfile to reduce vulnerabilities #128

Workflow file for this run

# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: spid_cie_oidc
on:
push:
branches: '*'
pull_request:
branches: '*'
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version:
- '3.10'
- '3.11'
steps:
- uses: actions/checkout@v2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
- name: Install python dependencies
run: |
# sudo apt update && sudo apt python3-dev python3-pip
python -m pip install --upgrade pip
python -m pip install -r requirements-dev.txt
- name: Install Django Bootstrap Italia template
run: pip install design-django-theme
- name: Install spid-cie-oidc
run: |
pip install -e .
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
flake8 ./spid_cie_oidc --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
flake8 ./spid_cie_oidc --count --exit-zero --statistics --max-line-length 120
- name: Bandit Security Scan
run: |
bandit -r -x tests/ spid_cie_oidc/*
- name: spid_cie_oidc unit tests
run: |
cp examples/federation_authority/federation_authority/settingslocal.py.example examples/federation_authority/federation_authority/settingslocal.py
coverage erase
coverage run examples/federation_authority/manage.py test spid_cie_oidc
coverage report -m --skip-covered
- name: spid_cie_oidc example data imports
run: |
cp examples/federation_authority/federation_authority/settingslocal.py.example examples/federation_authority/federation_authority/settingslocal.py
cd examples/federation_authority/
./manage.py migrate
./manage.py loaddata dumps/example.json
- uses: paambaati/[email protected]
if: always()
env:
CC_TEST_REPORTER_ID: ${{ secrets.CodeClimate }}
with:
coverageCommand: coverage xml
#- name: Upload coverage to Codecov
#uses: codecov/codecov-action@v1
#with:
#token: ${{ secrets.CODECOV_TOKEN }}
#file: example/coverage.xml
#flags: unittests
#env_vars: OS,PYTHON
#name: codecov-umbrella
#fail_ci_if_error: true
#path_to_write_report: ./codecov_report.txt
# verbose: true