Add github actions ci

Update toxfile with latest best practices
2025-09-18 15:28:38 +00:00 · 2022-04-08 01:44:50 -04:00
parent 80819c472e
commit c3d5733751
3 changed files with 145 additions and 10 deletions
--- a/tox.ini
+++ b/tox.ini
@@ -12,7 +12,10 @@ locked_deps =
    pytest-cov
    toml
 commands =
-    pytest --cov vault2vault --cov-config {toxinidir}/.coveragerc --cov-report term-missing {toxinidir}/tests/
+    pytest {toxinidir}/tests/ \
+      --cov vault2vault \
+      --cov-config {toxinidir}/.coveragerc \
+      --cov-report term-missing

 [testenv:static]
 description = Static formatting and quality enforcement
@@ -29,10 +32,15 @@ locked_deps =
    pre-commit
    pre-commit-hooks
    pylint
+    types-toml
 commands =
-    pre-commit run --all-files
-    pylint --rcfile {toxinidir}/.pylintrc {toxinidir}/vault2vault.py
-    mypy --ignore-missing-imports --no-strict-optional {toxinidir}/vault2vault.py
+    pre-commit run \
+      --all-files
+    pylint {toxinidir}/vault2vault.py \
+      --rcfile {toxinidir}/.pylintrc
+    mypy {toxinidir}/vault2vault.py \
+      --ignore-missing-imports \
+      --no-strict-optional

 [testenv:static-tests]
 description = Static formatting and quality enforcement for the tests
@@ -43,21 +51,37 @@ locked_deps =
    pylint
    pytest
    mypy
+    types-toml
 commands =
-    pylint --rcfile {toxinidir}/.pylintrc {toxinidir}/tests/
-    mypy --ignore-missing-imports --no-strict-optional {toxinidir}/tests/
+    pylint {toxinidir}/tests/ \
+      --rcfile {toxinidir}/.pylintrc
+    mypy {toxinidir}/tests/ \
+      --ignore-missing-imports \
+      --no-strict-optional

 [testenv:security]
 description = Security checks
 basepython = python3.8
 platform = linux
 ignore_errors = true
+skip_install = true
 locked_deps =
    bandit
    safety
    poetry
 commands =
-    bandit --recursive --quiet {toxinidir}/vault2vault.py
-    bandit --recursive --quiet --skip B101 {toxinidir}/tests/
-    poetry export --format requirements.txt --output {envtmpdir}/requirements.txt --without-hashes --dev
-    safety check --bare --file {envtmpdir}/requirements.txt
+    bandit {toxinidir}/vault2vault.py \
+      --recursive \
+      --quiet
+    bandit {toxinidir}/tests/ \
+      --recursive \
+      --quiet \
+      --skip B101
+    poetry export \
+      --format requirements.txt \
+      --output {envtmpdir}/requirements.txt \
+      --without-hashes \
+      --dev
+    safety check \
+      --file {envtmpdir}/requirements.txt \
+      --json