-
Notifications
You must be signed in to change notification settings - Fork 0
73 lines (71 loc) · 1.92 KB
/
static_code_checks.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
name: code checks
on:
push:
branches:
- main
paths:
- .pre-commit-config.yaml
- .github/workflows/static_code_checks.yaml
- '**.py'
- poetry.lock
- pyproject.toml
- '**.ipynb'
- '**.tsx'
pull_request:
branches:
- main
paths:
- .pre-commit-config.yaml
- .github/workflows/static_code_checks.yaml
- '**.py'
- poetry.lock
- pyproject.toml
- '**.ipynb'
- '**.tsx'
workflow_dispatch:
inputs:
logLevel:
description: 'Log level'
required: true
default: 'debug'
type: choice
options:
- info
- warning
- debug
jobs:
run-code-check:
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
- uses: actions/[email protected]
with:
python-version: '3.10'
cache: 'poetry'
- name: Setup yarn
uses: mskelton/setup-yarn@v3
- name: Install dependencies and check code
run: |
yarn
poetry env use '3.10'
source .venv/bin/activate
poetry install --with test --all-extras
pre-commit run --all-files --verbose
- name: pip-audit (gh-action-pip-audit)
uses: pypa/[email protected]
with:
virtual-environment: .venv/
# Skipping 3 cryptography issues that can't be patched because of FL4Health
# Skipping 1 cryptography issue that can't be patched because of Flower
# Skipping 1 torch issue that can't be ugraded because of torchvision
ignore-vulns: |
GHSA-3ww4-gg4f-jr7f
GHSA-9v9h-cgj8-h64p
GHSA-6vqw-3v5j-54x4
GHSA-h4gh-qq45-vh27
GHSA-pg7h-5qx3-wjr3