Feature: upgrade dev env #32

	name: Gatekeeper checks

	on:
	pull_request:
	branches: [main]

	# add option to launch manually
	workflow_dispatch:

	# jobs to run:
	jobs:
	SCA-python:
	# FIXME: only run job if not draft PR and gatekeeper tag was added
	#if: github.event.pull_request.draft == false && startsWith(github.ref, 'refs/tags/gatekeeper')

	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	os: [ubuntu-latest]
	python-version: ["3.10"]

	env:
	CHANGED_PYTHON_FILES: $(git diff --diff-filter=d --name-only origin/$GITHUB_BASE_REF origin/$GITHUB_HEAD_REF \| grep ".py")

	steps:
	- name: Checkout branch
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Set up Python (${{ matrix.python-version }})
	uses: actions/setup-python@v5
	with:
	python-version: ${{ matrix.python-version }}

	- name: Install SCA Python tools
	run: \|
	pip install \
	ruff \
	mypy

	- name: "Check format: ruff"
	run: python -m ruff format ${{env.CHANGED_PYTHON_FILES}}"

	- name: "Check SCA: ruff"
	run: python -m ruff check ${{env.CHANGED_PYTHON_FILES}} --output-format=github"

	- name: "Check SCA: mypy"
	run: python -m mypy ${{env.CHANGED_PYTHON_FILES}} --config="pyproject.toml"

Provide feedback