Pylint updates, CI workflows, attrs updates

[devanshjainms]

Description

This pull request includes several updates to GitHub Actions workflows and some minor code refactoring. The most important changes are the addition of new workflows for security and dependency management, updates to existing workflows, and code improvements for better readability and maintainability.

GitHub Actions Workflows:

• CodeQL Analysis: Added a new workflow for CodeQL analysis to detect vulnerabilities in JavaScript and Python code. This workflow runs on pushes and pull requests to the main and development branches and on a weekly schedule.
• Dependency Review: Introduced a new workflow to scan dependency manifest files for known vulnerabilities during pull requests. This helps prevent merging PRs with vulnerable packages.
• OSSF Scorecard: Added a workflow to run the OpenSSF Scorecard for supply-chain security analysis, scheduled weekly and on pushes to the main branch.
• Trivy Vulnerability Scanner: Implemented a workflow to run Trivy for vulnerability scanning on pull requests, merge groups, and manual dispatch.

Code Refactoring:

• Exception Handling:
• Standardized exception variable naming across multiple files by renaming exception variables from e to ex for better readability.
• Python Version Update: Updated the Python version to 3.10 in the GitHub Actions workflows for Ansible linting and code coverage.
• Pylint Configuration: Enhanced the Pylint configuration in pyproject.toml by adding new rules and organizing the configuration sections for better maintainability.
  These changes improve the project's security, code quality, and maintainability.

Problem Statement

• Incorrect HANA RHEL attributes.
• Missing CI workflows for codeql, ossf

Solution Details

• Implementation changes
• Configuration updates
• Documentation updates

Test Cases

• Unit tests added/updated
• Manual Testing done

Checklist

• Code follows project style guidelines
• Documentation has been updated
• Tests are passing
• PR title follows conventional commit format
• Breaking changes are clearly marked

[Copilot]

Pull Request Overview

This pull request adds new GitHub Actions workflows for security scanning (CodeQL, OSSF Scorecard, dependency review, and Trivy) and updates several code modules with improved docstrings and more consistent error handling (renaming exception variables from “e” to “ex”).

• New workflows for vulnerability scanning and dependency review
• Pylint configuration refactoring and upgrading Python versions in CI workflows
• Code refactoring to improve error handling and docstring clarity in several modules

Reviewed Changes

Copilot reviewed 36 out of 36 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
.github/workflows/codeql.yml	Introduces new CodeQL analysis workflow
.github/workflows/ossf-scoreboard.yml	Adds supply-chain security analysis using OSSF Scorecard
.github/workflows/dependency-review.yml	Adds dependency review workflow for scanning vulnerable packages
.github/workflows/trivy.yml	Implements Trivy vulnerability scanning workflow
pyproject.toml	Updates to Pylint configuration and reorders lint rules
.github/workflows/github-actions-code-coverage.yml	Updates Python version to 3.10 and adds a pylint check step
.github/workflows/github-actions-ansible-lint.yml	Updates Python version to 3.10 in the ansible linting workflow
src/modules/*.py	Refactoring changes including improved docstrings and exception renaming
src/module_utils/sap_automation_qa.py	Refines subprocess error handling with updated exception variable naming

Comments suppressed due to low confidence (2)

src/modules/filesystem_freeze.py:21

• The explicit init method has been removed from FileSystemFreeze; please verify that the superclass initialization covers all required setup to avoid unexpected behavior.

def __init__(
    self,
):
    super().__init()

src/modules/get_cluster_status_scs.py:5

• The removal of the 'import logging' statement should be reviewed to ensure that any logging calls in this module are either removed or that logging is imported elsewhere if needed.

-import logging

[Copilot]

Pull Request Overview

This PR introduces several GitHub Actions workflows for security scanning and dependency review, updates the Python version in CI, and standardizes exception handling and documentation to improve code quality and maintainability. Key changes include:

• New workflows for CodeQL analysis, dependency review, OSSF Scorecard, and Trivy vulnerability scanning.
• Enhanced Pylint configuration and updated CI jobs (code coverage and ansible lint).
• Code refactoring to standardize exception variable naming and improve docstrings.

Reviewed Changes

Copilot reviewed 36 out of 36 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
.github/workflows/codeql.yml	Added CodeQL analysis workflow with new branch and schedule triggers.
.github/workflows/dependency-review.yml	Introduced dependency review workflow to scan for vulnerable packages.
.github/workflows/ossf-scoreboard.yml	Added OSSF Scorecard workflow for supply-chain security analysis.
.github/workflows/trivy.yml	Implemented Trivy scanner workflow for vulnerability detection.
pyproject.toml	Updated Pylint configuration with reorganized sections and enhanced rules.
.github/workflows/github-actions-code-coverage.yml	Updated Python version to 3.10 and added a pylint step.
src/modules/*.py	Refactored exception handling and improved docstrings across multiple modules.
.github/workflows/github-actions-ansible-lint.yml	Changed Python version to 3.10 for consistency.

Comments suppressed due to low confidence (2)

pyproject.toml:38

• [nitpick] The identifier "missing-kwoa" in the messages control section appears to be a typographical error; consider correcting it to "missing-keyword-args" (or the intended term).

"missing-kwoa",

src/modules/filesystem_freeze.py:39

• The function _find_filesystem is annotated to return a string but returns None when no match is found; consider updating the return type to Optional[str] or returning an empty string to avoid potential type issues.

return None

[hdamecharla]

Approved.