From 4673e38116aff501eaf8485bb28c9cf0daffca95 Mon Sep 17 00:00:00 2001 From: Andrei Pavel Date: Tue, 30 Apr 2024 13:25:29 +0300 Subject: [#3287] add bandit, pycodestyle and pylint CI jobs --- .gitlab-ci.yml | 31 +++++++++++++++++++++++++++++++ .gitlab/ci/pycodestyle.cfg | 2 ++ .gitlab/ci/pylint.rc | 17 +++++++++++++++++ 3 files changed, 50 insertions(+) create mode 100644 .gitlab/ci/pycodestyle.cfg create mode 100644 .gitlab/ci/pylint.rc diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e372517dea..77374a9245 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -72,6 +72,37 @@ shellcheck: script: - ./tools/shellcheck-all.sh +.base_get_list_of_modified_files: &get_modified_files + - MODIFIED_FILES=$(git diff --name-only $(git merge-base origin/master HEAD)) + - echo "${MODIFIED_FILES}" + +.base_get_list_of_python_scripts: &get_python_scripts + - PYTHON_SCRIPTS=$(find ${INPUT-.} -type f -not -path './.git/*' -and \( -name '*.py' -or -name '*.py.in' \) | sort) + - echo "${PYTHON_SCRIPTS}" + - if test -z "${PYTHON_SCRIPTS}"; then echo "No python scripts to check. Exiting early."; exit 0; fi + +bandit: + script: + - bandit -r ./ + +pycodestyle: + stage: test + script: + # - *get_modified_files + # - INPUT="${MODIFIED_FILES}" + - *get_python_scripts + - pycodestyle --config=.gitlab/ci/pycodestyle.cfg ${PYTHON_SCRIPTS} + +pylint: + stage: test + script: + # - *get_modified_files + # - INPUT="${MODIFIED_FILES}" + - *get_python_scripts + - pylint --jobs "$(nproc || gnproc || echo 1)" --rcfile ./.gitlab/ci/pylint.rc ${PYTHON_SCRIPTS} + # If we reached this point, it means pylint passed. Run again with all warnings enabled, but ignore the return code to show a list of improvements that the developer could do, even when CI is passing. + - pylint --jobs "$(nproc || gnproc || echo 1)" --rcfile ./.gitlab/ci/pylint.rc --enable all ${PYTHON_SCRIPTS} || true + ############################### SAST ################################ # Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/sast/ # diff --git a/.gitlab/ci/pycodestyle.cfg b/.gitlab/ci/pycodestyle.cfg new file mode 100644 index 0000000000..b00efd8853 --- /dev/null +++ b/.gitlab/ci/pycodestyle.cfg @@ -0,0 +1,2 @@ +[pycodestyle] + max-line-length = 120 diff --git a/.gitlab/ci/pylint.rc b/.gitlab/ci/pylint.rc new file mode 100644 index 0000000000..b605350349 --- /dev/null +++ b/.gitlab/ci/pylint.rc @@ -0,0 +1,17 @@ +[MASTER] +disable=, + consider-using-f-string, # TODO: This one is decent. There are too many to fix. Enable later. + fixme, + invalid-name, + missing-class-docstring, + missing-function-docstring, + missing-module-docstring, + too-few-public-methods, + too-many-arguments, + too-many-boolean-expressions, + too-many-branches, + too-many-instance-attributes, + too-many-lines, + too-many-locals, + too-many-statements, +max-line-length=120 -- cgit v1.2.3