.github/workflows/github_actions.yml

Create this file to setup the action. It’s going to run on push

name: CI/CD pipeline

on: [push]

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ["3.8"]
    steps:
    - uses: actions/checkout@v3
    - name: Set up Python $
      uses: actions/setup-python@v3
      with:
        python-version: $
    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
        pip install -r requirements.txt
    - name: pylint analysis whilst disabling no-name-in-module, no-member, and protected-access to avoid false positives
      run: |
        pylint --extension-pkg-whitelist=pygame $(git ls-files '*.py') --disable=W0212
    - name: Run unit tests via pytest
      run: |
        pytest --cov-report term-missing --cov=my_package --cov-config=.coveragerc tests
    - name: Run cucumber
      run: |
        behave
    - name: Run bandit for the first security scan
      run: |
        bandit --ini .bandit
    - name: Run safety for the second (complementary) security scan
      run: |
        safety check

Notes:

all the dependencies need to be in requirements.txt
pylint disables the warning W0212: it’s possible to add more warnings and errors.
pytest runs the coverage on my_package and it’s configured in .coveragerc
bandit is configured in .bandit

requirements.txt

bandit
behave==1.2.6
flake8
pycodestyle==2.10.0
pyflakes==3.0.1
pygame==2.1.2
pylint
pytest
pytest-cov

.bandit

[bandit]
targets = rc_car
recursive = true

.coveragerc

[run]
source = my_package

[report]
omit =
    */__init__.py
    */foo.py

exclude_lines =
    pragma: no cover

Tags: Software Development Python