11name : Test - Lint - Scan
22on :
3- workflow_call :
4- secrets :
5- SNYK_TOKEN :
6- required : true
3+ workflow_call : {}
4+ workflow_dispatch : {}
75
86jobs :
97 test :
108 name : Testing
119 strategy :
1210 matrix :
1311 os : [ubuntu-latest, macos-latest, windows-latest]
14- python-version : [3.8, 3.9, 3.10, 3.11]
12+ python-version : [3.8, 3.9, " 3.10" , 3.11]
1513
1614 runs-on : ${{ matrix.os }}
1715
2321 python-version : ${{ matrix.python-version }}
2422 - name : Install dependencies
2523 run : |
26- pdm install -dG :all --no-self
24+ pdm install -dG :all
2725name : Run Testing
2826 run : |
2927 pdm run -v testing
@@ -51,28 +49,26 @@ jobs:
5149
5250 steps :
5351 - uses : actions/checkout@v3
54- - name : Initialize Runtime Code Analysis
55- uses : github/codeql-action/init@v2
56- with :
57- languages : python
58- - name : Setup snyk CLI
59- uses : snyk/actions/setup@master
6052 - name : Set up PDM
6153 uses : pdm-project/setup-pdm@v3
6254 with :
6355 python-version : 3.11
6456 - name : Install dependencies
6557 run : |
6658 pdm install -dG :all --no-self
59+ # Set the `CODEQL-PYTHON` environment variable to the Python executable
60+ # that includes the dependencies
61+ echo "CODEQL_PYTHON=$(pdm info --python)" >> $GITHUB_ENV
62+ name : Initialize Runtime Code Analysis
63+ uses : github/codeql-action/init@v2
64+ with :
65+ languages : python
66+ setup-python-dependencies : false
6767 - name : Perform Runtime Code Analysis
6868 uses : github/codeql-action/analyze@v2
6969 - name : Perform Secure Code Analysis (Secrets)
7070 uses : trufflesecurity/trufflehog@main
7171 with :
7272 path : ./
73- base : ${{ github.ref_name }}
74- head : HEAD
75- - name : Snyk monitor
76- run : snyk test
77- env :
78- SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
73+ base : ${{ github.event.repository.default_branch }}
74+ head : HEAD
0 commit comments