ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2025-12-19 05:17:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(codecov): create components (#6028)

Browse Source
This commit is contained in:
Pepe Fagoaga
2024-12-05 16:35:56 +01:00
committed by GitHub
parent eddc672264
commit ecfd94aeb1
3 changed files with 43 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
.github/workflows/api-pull-request.yml vendored
View File

@@ -69,6 +69,7 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Test if changes are in not ignored paths - name: Test if changes are in not ignored paths
id: are-non-ignored-files-changed id: are-non-ignored-files-changed
uses: tj-actions/changed-files@v45 uses: tj-actions/changed-files@v45
@@ -80,18 +81,21 @@ jobs:
api/permissions/** api/permissions/**
api/README.md api/README.md
api/mkdocs.yml api/mkdocs.yml
- name: Install poetry - name: Install poetry
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
python -m pip install --upgrade pip python -m pip install --upgrade pip
pipx install poetry pipx install poetry
- name: Set up Python ${{ matrix.python-version }} - name: Set up Python ${{ matrix.python-version }}
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
uses: actions/setup-python@v5 uses: actions/setup-python@v5
with: with:
python-version: ${{ matrix.python-version }} python-version: ${{ matrix.python-version }}
cache: "poetry" cache: "poetry"
- name: Install dependencies - name: Install dependencies
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
@@ -109,48 +113,59 @@ jobs:
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry lock --check poetry lock --check
- name: Lint with ruff - name: Lint with ruff
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run ruff check . --exclude contrib poetry run ruff check . --exclude contrib
- name: Check Format with ruff - name: Check Format with ruff
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run ruff format --check . --exclude contrib poetry run ruff format --check . --exclude contrib
- name: Lint with pylint - name: Lint with pylint
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run pylint --disable=W,C,R,E -j 0 -rn -sn src/ poetry run pylint --disable=W,C,R,E -j 0 -rn -sn src/
- name: Bandit - name: Bandit
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run bandit -q -lll -x '*_test.py,./contrib/' -r . poetry run bandit -q -lll -x '*_test.py,./contrib/' -r .
- name: Safety - name: Safety
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run safety check --ignore 70612,66963 poetry run safety check --ignore 70612,66963
- name: Vulture - name: Vulture
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run vulture --exclude "contrib,tests,conftest.py" --min-confidence 100 . poetry run vulture --exclude "contrib,tests,conftest.py" --min-confidence 100 .
- name: Hadolint - name: Hadolint
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
/tmp/hadolint Dockerfile --ignore=DL3013 /tmp/hadolint Dockerfile --ignore=DL3013
- name: Test with pytest - name: Test with pytest
working-directory: ./api working-directory: ./api
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run pytest --cov=./src/backend --cov-report=xml src/backend poetry run pytest --cov=./src/backend --cov-report=xml src/backend
- name: Upload coverage reports to Codecov - name: Upload coverage reports to Codecov
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
uses: codecov/codecov-action@v5 uses: codecov/codecov-action@v5
env: env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
flags: api

16
.github/workflows/pull-request.yml vendored
View File

@@ -22,6 +22,7 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Test if changes are in not ignored paths - name: Test if changes are in not ignored paths
id: are-non-ignored-files-changed id: are-non-ignored-files-changed
uses: tj-actions/changed-files@v45 uses: tj-actions/changed-files@v45
@@ -36,17 +37,20 @@ jobs:
README.md README.md
mkdocs.yml mkdocs.yml
.backportrc.json .backportrc.json
- name: Install poetry - name: Install poetry
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
python -m pip install --upgrade pip python -m pip install --upgrade pip
pipx install poetry pipx install poetry
- name: Set up Python ${{ matrix.python-version }} - name: Set up Python ${{ matrix.python-version }}
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
uses: actions/setup-python@v5 uses: actions/setup-python@v5
with: with:
python-version: ${{ matrix.python-version }} python-version: ${{ matrix.python-version }}
cache: "poetry" cache: "poetry"
- name: Install dependencies - name: Install dependencies
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
@@ -57,44 +61,56 @@ jobs:
sed -E 's/.*"v([^"]+)".*/\1/' \ sed -E 's/.*"v([^"]+)".*/\1/' \
) && curl -L -o /tmp/hadolint "https://github.com/hadolint/hadolint/releases/download/v${VERSION}/hadolint-Linux-x86_64" \ ) && curl -L -o /tmp/hadolint "https://github.com/hadolint/hadolint/releases/download/v${VERSION}/hadolint-Linux-x86_64" \
&& chmod +x /tmp/hadolint && chmod +x /tmp/hadolint
- name: Poetry check - name: Poetry check
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry lock --check poetry lock --check
- name: Lint with flake8 - name: Lint with flake8
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run flake8 . --ignore=E266,W503,E203,E501,W605,E128 --exclude contrib,ui,api poetry run flake8 . --ignore=E266,W503,E203,E501,W605,E128 --exclude contrib,ui,api
- name: Checking format with black - name: Checking format with black
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run black --exclude api ui --check . poetry run black --exclude api ui --check .
- name: Lint with pylint - name: Lint with pylint
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run pylint --disable=W,C,R,E -j 0 -rn -sn prowler/ poetry run pylint --disable=W,C,R,E -j 0 -rn -sn prowler/
- name: Bandit - name: Bandit
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run bandit -q -lll -x '*_test.py,./contrib/,./api/,./ui' -r . poetry run bandit -q -lll -x '*_test.py,./contrib/,./api/,./ui' -r .
- name: Safety - name: Safety
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run safety check --ignore 70612 -r pyproject.toml poetry run safety check --ignore 70612 -r pyproject.toml
- name: Vulture - name: Vulture
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run vulture --exclude "contrib,api,ui" --min-confidence 100 . poetry run vulture --exclude "contrib,api,ui" --min-confidence 100 .
- name: Hadolint - name: Hadolint
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
/tmp/hadolint Dockerfile --ignore=DL3013 /tmp/hadolint Dockerfile --ignore=DL3013
- name: Test with pytest - name: Test with pytest
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
run: | run: |
poetry run pytest -n auto --cov=./prowler --cov-report=xml tests poetry run pytest -n auto --cov=./prowler --cov-report=xml tests
- name: Upload coverage reports to Codecov - name: Upload coverage reports to Codecov
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true' if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
uses: codecov/codecov-action@v5 uses: codecov/codecov-action@v5
env: env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
flags: prowler

11
codecov.yml Normal file
View File

@@ -0,0 +1,11 @@
component_management:
individual_components:
- component_id: "prowler"
paths:
- "prowler/**"
- component_id: "api"
paths:
- "api/**"
comment:
layout: "header, diff, flags, components"