Skip to content

Feature: x509 chain verification #585

Feature: x509 chain verification

Feature: x509 chain verification #585

Workflow file for this run

# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: pyeudiw
on:
push:
branches: [ "*" ]
pull_request:
branches: [ "*" ]
jobs:
pre_job:
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/[email protected]
with:
skip_after_successful_duplicate: 'true'
same_content_newer: 'true'
main_job:
needs: pre_job
if: needs.pre_job.outputs.should_skip != 'true'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version:
- '3.10'
- '3.11'
steps:
- uses: actions/checkout@v2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
- name: Install system package
run: |
sudo apt update
sudo apt install python3-dev python3-pip
- name: Install MongoDB
run: |
sudo apt-get install -y gnupg wget
sudo wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
sudo echo "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
sudo apt-get update
sudo apt-get install -y mongodb-org
- name: Start MongoDB
run: sudo systemctl start mongod
- name: Install dependencies
run: |
python -m pip install --upgrade pip
if [ -f requirements-dev.txt ]; then pip install -r requirements-dev.txt; fi
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
if [ -f requirements-customizations.txt ]; then pip install -r requirements-customizations.txt; fi
python -m pip install -U setuptools
python -m pip install -e .
python -m pip install "Pillow>=10.0.0,<10.1" "device_detector>=5.0,<6" "satosa>=8.4,<8.6" "jinja2>=3.0,<4" "pymongo>=4.4.1,<4.5" aiohttp
python -m pip install git+https://github.com/openwallet-foundation-labs/sd-jwt-python.git
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
flake8 pyeudiw --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
flake8 pyeudiw --count --exit-zero --statistics --max-line-length 160
- name: Tests
run: |
# pytest --cov=pyeudiw --cov-fail-under=90 pyeudiw
pytest --cov=pyeudiw pyeudiw
coverage report -m --skip-covered
- name: Bandit Security Scan
run: |
bandit -r -x pyeudiw/tests* pyeudiw/*
- name: Lint with html linter
run: |
echo -e '\nHTML:'
readarray -d '' array < <(find $SRC example -name "*.html" -print0)
echo "Running linter on (${#array[@]}): "
printf '\t- %s\n' "${array[@]}"
echo "Linter output:"
for file in "${array[@]}"
do
echo -e "\n$file:"
html_lint.py "$file" | awk -v path="file://$PWD/$file:" '$0=path$0' | sed -e 's/: /:\n\t/';
done
# block if the html linter fails
#for file in "${array[@]}"
#do
#errors=$(html_lint.py "$file" | grep -c 'Error')
#if [ "$errors" -gt 0 ]; then exit 1; fi;
#done