Skip to content

fix: escape HTML in Asana task titles and update configurations #543

fix: escape HTML in Asana task titles and update configurations

fix: escape HTML in Asana task titles and update configurations #543

Workflow file for this run

name: Test and Lint
on:
push:
branches:
- main
pull_request:
branches:
- main
schedule:
- cron: "20 7 * * 6"
workflow_dispatch:
env:
PYTHON_VERSION: "3.10"
jobs:
version:
name: Generate version
runs-on: ubuntu-latest
permissions:
contents: write
outputs:
FullSemVer: ${{ steps.gitversion.outputs.FullSemVer }}
PreReleaseTag: ${{ steps.gitversion.outputs.PreReleaseTag }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Install GitVersion
uses: gittools/actions/gitversion/setup@v3.0.0
with:
versionSpec: "5.x"
- name: Use GitVersion
id: gitversion # step id used as reference for output values
uses: gittools/actions/gitversion/execute@v3.0.0
- name: Create annotation for build error
run: |
echo "::notice::FullSemVer ${{ steps.gitversion.outputs.FullSemVer }}"
echo "::notice::PreReleaseTag ${{ steps.gitversion.outputs.PreReleaseTag }}"
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5 # https://github.com/marketplace/actions/setup-python
id: setup-python
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: poetry install --no-interaction --no-root
- name: Test with pytest
run: poetry run tox
- uses: actions/upload-artifact@v4
with:
name: test-output
path: coverage.xml
sonarcloud:
name: SonarCloud
runs-on: ubuntu-latest
needs: [version, test]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- uses: actions/setup-python@v5 # https://github.com/marketplace/actions/setup-python
id: setup-python
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: poetry install --no-interaction --no-root
- name: Lint with flake8
run: |
# exit-zero treats all errors as warnings
poetry run flake8 ado_asana_sync --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics | tee flake8.out
- name: Lint with Pylint
run: |
poetry run pylint --output-format=parseable --recursive=true ado_asana_sync | tee pylint.out
- name: Security lint with bandit
run: |
poetry run bandit --format json --output bandit.out --exit-zero --recursive ado_asana_sync
- name: Static type check with mypy
run: |
poetry run mypy ado_asana_sync | tee mypy.out
- name: Run Hadolint
uses: hadolint/hadolint-action@v3.1.0 # https://github.com/marketplace/actions/hadolint-action
with:
dockerfile: Dockerfile
output-file: hadolint.out
format: json
failure-threshold: ignore
- uses: actions/download-artifact@v4
with:
name: test-output
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
with:
args: >
-Dsonar.projectVersion=${{ needs.version.outputs.FullSemVer }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}