Skip to content
Formatting and security checks

Update README.md #17

Sign in to view logs

Update README.md

Update README.md #17

Workflow file for this run

.github/workflows/ci.yml at c4ed193
name: Formatting and security checks
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
# Detect secrets
Detect_Secrets:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Detecting secrets
run: |
pip install detect-secrets
detect-secrets scan --all-files
# Terraform and IaC Checks
Terraform_IaC_Checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Terraform and Infrastruce as Code Checks
run: |
wget https://github.com/tfsec/tfsec/releases/download/v0.58.9/tfsec-linux-amd64
chmod +x tfsec-linux-amd64
sudo mv tfsec-linux-amd64 /usr/local/bin/tfsec
pip install checkov
tfsec --force-all-dirs . || true
checkov -d . || true
# Python formatting and security
Python_Checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v3
with:
python-version: '3.10'
cache: "pip"
- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install black isort bandit safety
- name: Check formatting with Black
run: black --check .
- name: Check imports with isort
run: isort --profile black --check-only .
- name: Run bandit for vulnerabilities
run: |
bandit --recursive . --exit-zero
- name: Run safety for security checks for packages
run: |
safety check -r api/requirements.txt || true
safety check || true
# Node.js formatting with Prettier
Prettier_Checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Node.js for formatting & linting
uses: actions/setup-node@v3
with:
node-version: '14'
- name: Check formatting with Prettier
run: |
npm install --save-dev --save-exact prettier
npx prettier --check "**/*.{html,css,js}"