Home-Assistant
/
core
mirror of https://github.com/home-assistant/core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CI: Move bandit into the other linters job (#60357)

pull/60362/head
Franck Nijhof 2021-11-25 20:53:49 +01:00 committed by GitHub
parent fb909eca8a
commit e5d8c69a92
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
.github/workflows/ci.yaml vendored
View File

@ -186,55 +186,6 @@ jobs:
. venv/bin/activate . venv/bin/activate
pre-commit install-hooks pre-commit install-hooks
lint-bandit:
name: Check bandit
runs-on: ubuntu-latest
needs:
- changes
- prepare-base
steps:
- name: Check out code from GitHub
uses: actions/checkout@v2.4.0
- name: Set up Python ${{ env.DEFAULT_PYTHON }}
uses: actions/setup-python@v2.3.0
id: python
with:
python-version: ${{ env.DEFAULT_PYTHON }}
- name: Restore base Python virtual environment
id: cache-venv
uses: actions/cache@v2.1.7
with:
path: venv
key: ${{ runner.os }}-${{ steps.python.outputs.python-version }}-${{
needs.prepare-base.outputs.python-key }}
- name: Fail job if Python cache restore failed
if: steps.cache-venv.outputs.cache-hit != 'true'
run: |
echo "Failed to restore Python virtual environment from cache"
exit 1
- name: Restore pre-commit environment from cache
id: cache-precommit
uses: actions/cache@v2.1.7
with:
path: ${{ env.PRE_COMMIT_CACHE }}
key: ${{ runner.os }}-${{ needs.prepare-base.outputs.pre-commit-key }}
- name: Fail job if pre-commit cache restore failed
if: steps.cache-precommit.outputs.cache-hit != 'true'
run: |
echo "Failed to restore pre-commit environment from cache"
exit 1
- name: Run bandit (fully)
if: needs.changes.outputs.test_full_suite == 'true'
run: |
. venv/bin/activate
pre-commit run --hook-stage manual bandit --all-files --show-diff-on-failure
- name: Run bandit (partially)
if: needs.changes.outputs.test_full_suite == 'false'
shell: bash
run: |
. venv/bin/activate
pre-commit run --hook-stage manual bandit --files {homeassistant,tests}/components/${{ needs.changes.outputs.integrations_glob }}/* --show-diff-on-failure
lint-black: lint-black:
name: Check black name: Check black
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -379,7 +330,9 @@ jobs:
lint-other: lint-other:
name: Check other linters name: Check other linters
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: prepare-base needs:
- changes
- prepare-base
steps: steps:
- name: Check out code from GitHub - name: Check out code from GitHub
uses: actions/checkout@v2.4.0 uses: actions/checkout@v2.4.0
@ -452,7 +405,6 @@ jobs:
- name: Register hadolint problem matcher - name: Register hadolint problem matcher
run: | run: |
echo "::add-matcher::.github/workflows/matchers/hadolint.json" echo "::add-matcher::.github/workflows/matchers/hadolint.json"
- name: Check Dockerfile - name: Check Dockerfile
uses: docker://hadolint/hadolint:v1.18.2 uses: docker://hadolint/hadolint:v1.18.2
with: with:
@ -462,6 +414,18 @@ jobs:
with: with:
args: hadolint Dockerfile.dev args: hadolint Dockerfile.dev
- name: Run bandit (fully)
if: needs.changes.outputs.test_full_suite == 'true'
run: |
. venv/bin/activate
pre-commit run --hook-stage manual bandit --all-files --show-diff-on-failure
- name: Run bandit (partially)
if: needs.changes.outputs.test_full_suite == 'false'
shell: bash
run: |
. venv/bin/activate
pre-commit run --hook-stage manual bandit --files {homeassistant,tests}/components/${{ needs.changes.outputs.integrations_glob }}/* --show-diff-on-failure
hassfest: hassfest:
name: Check hassfest name: Check hassfest
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -651,7 +615,6 @@ jobs:
- changes - changes
- gen-requirements-all - gen-requirements-all
- hassfest - hassfest
- lint-bandit
- lint-black - lint-black
- lint-other - lint-other
- lint-isort - lint-isort