From 019bfc149c8d42a25183e005b01002abbe68eada Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joakim=20Hells=C3=A9n?= Date: Mon, 26 Sep 2022 19:46:11 +0200 Subject: [PATCH] Test code with GitHub Actions and run CodeQL weekly --- .github/workflows/build.yml | 21 +++++++++++++++++++++ .github/workflows/codeql.yml | 31 +++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..f503ba5 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,21 @@ +--- +name: Test code +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + workflow_dispatch: + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - run: pipx install poetry + - uses: actions/setup-python@v4 + with: + python-version: "3.10" + cache: 'poetry' + - run: poetry install + - run: poetry run pytest \ No newline at end of file diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..184ad91 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,31 @@ +--- +name: "CodeQL" +on: + schedule: + - cron: '33 11 * * 5' +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + steps: + - uses: actions/checkout@v3 + - run: pipx install poetry + - uses: actions/setup-python@v4 + with: + python-version: '3.10' + cache: 'poetry' + - run: poetry install + - run: echo "CODEQL_PYTHON=$(poetry run which python)" >> $GITHUB_ENV + - uses: github/codeql-action/init@v2 + with: + languages: 'python' + queries: security-extended,security-and-quality + setup-python-dependencies: false + + - uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}"