Fix error when no repository exist for a project. #108
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: VCS Scraper CI | |
| on: | |
| push: | |
| paths-ignore: | |
| - '**/*.md' | |
| - '**/**.png' | |
| - '**/**.gif' | |
| - .gitignore | |
| pull_request: | |
| paths-ignore: | |
| - '**/*.md' | |
| - '**/**.png' | |
| - '**/**.gif' | |
| - .gitignore | |
| workflow_dispatch: | |
| env: | |
| CONTAINER_REGISTRY: rescabnamro | |
| IMAGE_NAME: resc-vcs-scraper | |
| permissions: read-all | |
| jobs: | |
| ruff: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Lint | |
| - uses: chartboost/ruff-action@v1 | |
| # Format check | |
| - uses: chartboost/ruff-action@v1 | |
| with: | |
| args: 'format --check' | |
| python-basic-validation: | |
| name: Python Basic Validation | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ["3.12"] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install test dependencies | |
| run: | | |
| pip install -r test-requirements.txt | |
| - name: Test with mypy | |
| if: always() | |
| run: | | |
| pip3 install mypy types-PyYAML | |
| pip3 install types-requests | |
| mypy src | |
| - name: Test with pytest | |
| run: | | |
| tox -e pytest | |
| # This step will only execute if PR is created internally. | |
| - name: SonarCloud Scan | |
| if: ${{ (github.event.pull_request.head.repo.full_name == 'abnamro/repository-scanner') || (github.ref == 'refs/heads/main') }} | |
| uses: SonarSource/sonarcloud-github-action@master | |
| with: | |
| args: > | |
| -Dsonar.organization=abnamro-resc | |
| -Dsonar.projectKey=abnamro-resc_resc-vcs-scraper | |
| -Dsonar.python.coverage.reportPaths=coverage.xml | |
| -Dsonar.sourceEncoding=UTF-8 | |
| -Dsonar.projectName=resc-vcs-scraper | |
| -Dsonar.groupid=resc | |
| -Dsonar.sources=src/ | |
| -Dsonar.inclusions=**/*.py | |
| -Dsonar.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js | |
| -Dsonar.tests=tests/ | |
| -Dsonar.cpd.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js | |
| -Dsonar.coverage.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js | |
| -Dsonar.pdf.skip=true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
| SONAR_TOKEN: ${{ secrets.__SONAR_TOKEN_BACKEND__ }} | |
| - name: Get Branch Name | |
| id: extract_branch | |
| run: | | |
| if [[ ${GITHUB_EVENT_NAME} == 'pull_request' ]]; then | |
| export BRANCH_NAME="${GITHUB_HEAD_REF}" | |
| echo "::set-output name=branch_name::${BRANCH_NAME}" | |
| elif [[ ${GITHUB_EVENT_NAME} == 'push' ]]; then | |
| export BRANCH_NAME="${GITHUB_REF_NAME}" | |
| echo "::set-output name=branch_name::${BRANCH_NAME}" | |
| else | |
| echo "Event is neither pull_request nor push" | |
| fi | |
| outputs: | |
| branch_name: ${{ steps.extract_branch.outputs.branch_name }} | |
| python-build-and-publish: | |
| name: Python Build and Publish | |
| needs: python-basic-validation | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ["3.12"] | |
| outputs: | |
| scraper_version: ${{ steps.getversion.outputs.scraper_version }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Building python package | |
| run: | | |
| python -m pip install --upgrade setuptools | |
| python -m pip install --upgrade pip | |
| pip install build wheel | |
| python setup.py sdist bdist_wheel | |
| - name: Publish python package to PyPI | |
| if: ${{ needs.python-basic-validation.outputs.branch_name == 'main' }} | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| password: ${{ secrets.__PYPI_TOKEN__ }} | |
| packages_dir: ./dist | |
| skip_existing: true | |
| - id: getversion | |
| name: Get package version | |
| run: | | |
| scraper_version=$(python ./setup.py --version) | |
| echo "scraper_version=$scraper_version" >> $GITHUB_OUTPUT | |
| dockerize: | |
| name: Build and Push Docker image | |
| needs: [python-basic-validation, python-build-and-publish] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| - name: Docker Lint | |
| uses: hadolint/hadolint-action@v2.0.0 | |
| with: | |
| dockerfile: ./Dockerfile | |
| failure-threshold: error | |
| - name: Build an image from Dockerfile | |
| run: | | |
| docker build -t ${{ env.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{needs.python-build-and-publish.outputs.scraper_version}} . | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| image-ref: ${{ env.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{needs.python-build-and-publish.outputs.scraper_version}} | |
| format: 'table' | |
| exit-code: '0' | |
| ignore-unfixed: true | |
| vuln-type: 'os,library' | |
| severity: 'CRITICAL,HIGH' | |
| - name: Get Branch Name | |
| run: | | |
| if [[ ${GITHUB_EVENT_NAME} == 'pull_request' ]]; then | |
| echo "BRANCH_NAME=$(echo ${GITHUB_HEAD_REF})" >> "$GITHUB_ENV" | |
| elif [[ ${GITHUB_EVENT_NAME} == 'push' ]]; then | |
| echo "BRANCH_NAME=$(echo ${GITHUB_REF_NAME})" >> "$GITHUB_ENV" | |
| else | |
| echo "Event is neither pull_request nor push" | |
| fi | |
| - name: Determine if image needs to be published | |
| run: | | |
| if [[ ${{ needs.python-basic-validation.outputs.branch_name }} == 'main' ]]; then | |
| echo "PUBLISH_IMAGE=true" >> "$GITHUB_ENV" | |
| echo "Going to publish image to registry" | |
| else | |
| echo "PUBLISH_IMAGE=false" >> "$GITHUB_ENV" | |
| echo "Skipping publishing of image to registry" | |
| fi | |
| - name: Log in to Container Registry | |
| if: ${{ env.PUBLISH_IMAGE == 'true' }} | |
| uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 | |
| with: | |
| username: ${{ secrets.__DOCKER_HUB_USER__ }} | |
| password: ${{ secrets.__DOCKER_HUB_PASS__ }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc | |
| with: | |
| context: ./ | |
| push: ${{ env.PUBLISH_IMAGE }} | |
| tags: ${{ env.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest, ${{ env.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{needs.python-build-and-publish.outputs.scraper_version}} |