tmtt/redis-om-python
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Adding dependency vulnerability scanning to the CI process (#345)

Browse source 
Adding dependency scanning for CI

Co-authored-by: dvora-h <67596500+dvora-h@users.noreply.github.com>
This commit is contained in:
Chayim 2022-10-18 14:55:58 +03:00 committed by GitHub
parent c16895c445
commit 1221efd2c3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
.github/workflows/ci.yml vendored
View file

@ -14,9 +14,31 @@ on:
schedule: schedule:
- cron: '0 6 * * *' # Daily 6AM UTC build - cron: '0 6 * * *' # Daily 6AM UTC build
env:
pythonversion: 3.9
jobs: jobs:
dependency-audit:
name: Dependency audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: install python
uses: actions/setup-python@v3.1.2
with:
python-version: ${{env.pythonversion}}
- name: create local poetry install
run: |
python -m venv .venv
source .venv/bin/activate
python -m pip install poetry
poetry install
- uses: trailofbits/gh-action-pip-audit@v1.0.0
with:
virtual-environment: .venv
lint: lint:
name: Linter name: Linter
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -27,7 +49,7 @@ jobs:
- name: Setup Python 3.9 - name: Setup Python 3.9
uses: actions/setup-python@v4.3.0 uses: actions/setup-python@v4.3.0
with: with:
python-version: 3.9 python-version: ${{env.pythonversion}}
#---------------------------------------------- #----------------------------------------------
# ----- install & configure poetry ----- # ----- install & configure poetry -----
#---------------------------------------------- #----------------------------------------------