From 88b39d3c78c0813c69c10d1492d33405405fa710 Mon Sep 17 00:00:00 2001 From: Arkadiusz Bokowy Date: Thu, 13 Oct 2022 09:45:46 +0200 Subject: [PATCH] Setup CodeQL analysis as a part of CI checks --- .github/workflows/check.yaml | 54 +++++++++++++++++++++++++++--- src/flake8_requirements/checker.py | 23 +++++++------ test/test_checker.py | 18 ++++++++++ 3 files changed, 80 insertions(+), 15 deletions(-) diff --git a/.github/workflows/check.yaml b/.github/workflows/check.yaml index ddaafac..07b72df 100644 --- a/.github/workflows/check.yaml +++ b/.github/workflows/check.yaml @@ -1,20 +1,64 @@ name: Check Python Package + on: push: pull_request: branches: [ master ] + +permissions: + actions: read + contents: read + security-events: write + jobs: - build: + + check: + strategy: + fail-fast: false runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - uses: actions/setup-python@v4 with: python-version: '3.x' - - name: Lint with flake8 + - name: Run Tests + run: python setup.py pytest + + code-ql: + strategy: + fail-fast: false + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: python + queries: security-and-quality + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + + doc8-lint: + strategy: + fail-fast: false + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Run reStructuredText Linter + uses: deep-entertainment/doc8-action@v4 + with: + scanPaths: ${{ github.workspace }} + + flake8-lint: + strategy: + fail-fast: false + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-python@v4 + with: + python-version: '3.x' + - name: Run flake8 Linter run: | pip install flake8 flake8 --count --show-source --statistics src test - - name: Test with pytest - run: | - python setup.py pytest diff --git a/src/flake8_requirements/checker.py b/src/flake8_requirements/checker.py index acbd5c0..274f529 100644 --- a/src/flake8_requirements/checker.py +++ b/src/flake8_requirements/checker.py @@ -18,7 +18,7 @@ from .modules import STDLIB_PY3 # NOTE: Changing this number will alter package version as well. -__version__ = "1.7.1" +__version__ = "1.7.2" __license__ = "MIT" LOG = getLogger('flake8.plugin.requirements') @@ -397,13 +397,13 @@ def parse_options(cls, options): @staticmethod def discover_host_3rd_party_modules(): """Scan host site-packages for 3rd party modules.""" + mapping = {} try: - site_packages_dirs = site.getsitepackagess() + site_packages_dirs = site.getsitepackages() site_packages_dirs.append(site.getusersitepackages()) except AttributeError as e: LOG.error("Couldn't get site packages: %s", e) - return - mapping = {} + return mapping for site_dir in site_packages_dirs: try: dir_entries = os.listdir(site_dir) @@ -423,7 +423,7 @@ def discover_host_3rd_party_modules(): with open(modules_path) as f: modules = list(yield_lines(f.readlines())) mapping[project2module(name)] = modules - return mapping + return mapping @staticmethod def discover_project_root_dir(path): @@ -714,12 +714,12 @@ def get_mods_3rd_party_requirements(cls, is_setup_py): def check_I900(self, node): """Run missing requirement checker.""" if node.module[0] in STDLIB: - return + return None is_setup_py = self.is_project_setup_py(self.root_dir, self.filename) if node.module in self.get_mods_3rd_party(is_setup_py): - return + return None if node.module in self.get_mods_1st_party(): - return + return None # When processing setup.py file, forcefully add setuptools to the # project requirements. Setuptools might be required to build the # project, even though it is not listed as a requirement - this @@ -727,12 +727,15 @@ def check_I900(self, node): # requirement would be pointless. if (is_setup_py and node.module[0] in KNOWN_3RD_PARTIES["setuptools"]): - return + return None return ERRORS['I900'].format(pkg=node.module[0]) def check_I901(self, node): """Run not-used requirement checker.""" - return + if node.module[0] in STDLIB: + return None + # TODO: Implement this check. + return None def run(self): """Run checker.""" diff --git a/test/test_checker.py b/test/test_checker.py index 9fb9cf9..17ee829 100644 --- a/test/test_checker.py +++ b/test/test_checker.py @@ -113,6 +113,24 @@ def test_relative(self): errors = check("from ..local import local") self.assertEqual(len(errors), 0) + def test_discover_host_3rd_party_modules(self): + class Options(Flake8Options): + scan_host_site_packages = True + Flake8Checker.parse_options(Options) + self.assertEqual( + type(Flake8Checker.known_host_3rd_parties), + dict, + ) + # Since flake8-requirements (this package) is a plugin for flake8, + # it is very likely that onc will have flake8 installed in the host + # site-packages. However, that is not the case for all our GitHub + # Actions runners, so we can not enforce this assertion. + if 'flake8' in Flake8Checker.known_host_3rd_parties: + self.assertEqual( + Flake8Checker.known_host_3rd_parties['flake8'], + ['flake8'], + ) + def test_custom_mapping_parser(self): class Options(Flake8Options): known_modules = ":[pydrmcodec],mylib:[mylib.drm,mylib.ex]"