Add env variables to CI #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Python CI Workflow | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| test: | |
| strategy: | |
| matrix: | |
| python-version: ['3.8', '3.9', '3.10', '3.11'] | |
| runs-on: ubuntu-latest | |
| env: | |
| AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }} | |
| AUTH0_API_AUDIENCE: ${{ secrets.AUTH0_API_AUDIENCE }} | |
| AUTH0_CLIENT_ID: ${{ secrets.AUTH0_CLIENT_ID }} | |
| AUTH0_CLIENT_SECRET: ${{ secrets.AUTH0_CLIENT_SECRET }} | |
| steps: | |
| # Checkout the code | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| # Set up Python environment | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| # Install dependencies | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| # Run linter | |
| - name: Lint with flake8 | |
| run: | | |
| pip install flake8 | |
| flake8 . --max-line-length=88 | |
| # Run tests with coverage | |
| - name: Run tests with coverage | |
| run: | | |
| pip install pytest pytest-cov | |
| pytest --cov=. --maxfail=5 --disable-warnings | |
| # Upload coverage report | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} # Add this token in your GitHub repository secrets | |
| database: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Set up SQLite test database | |
| - name: Setup SQLite test database | |
| run: | | |
| sqlite3 test.db ".databases" | |
| env: | |
| DATABASE_URL: sqlite:///test.db | |
| security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout the code | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| # Run security checks with Bandit | |
| - name: Run Bandit for security checks | |
| run: | | |
| pip install bandit | |
| bandit -r ./ -o bandit-output.json -f json || true | |
| - name: Fail on High Severity Bandit Issues | |
| run: | | |
| cat bandit-output.json | jq '.results[] | select(.issue_severity == "HIGH")' | grep . && exit 1 || true | |