forked from Azure-Samples/vision-on-edge-accelerator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
azure-pipelines.yml
108 lines (101 loc) · 4.2 KB
/
azure-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# Configuration file for Azure devops pipeline
---
trigger:
branches:
include:
- main
pool:
vmImage: ubuntu-latest
variables:
- name: pip_cache_dir
value: $(Pipeline.Workspace)/.pip
stages:
- stage: SanityCheck
displayName: Setup and run tests
jobs:
- job: scan_for_secrets
steps:
- task: UsePythonVersion@0
displayName: "Set python v3.9"
inputs:
versionSpec: "3.9"
- bash: pip install detect-secrets
displayName: "Install detect-secrets using pip"
- bash: |
detect-secrets --version
detect-secrets scan --all-files --force-use-all-plugins --exclude-files FETCH_HEAD > $(Pipeline.Workspace)/detect-secrets.json
displayName: "Run detect-secrets tool"
- task: PublishPipelineArtifact@1
displayName: "Publish results in the Pipeline Artifact"
inputs:
targetPath: "$(Pipeline.Workspace)/detect-secrets.json"
artifact: "detect-secrets-ubuntu"
publishLocation: "pipeline"
- bash: |
dsjson=$(cat $(Pipeline.Workspace)/detect-secrets.json)
echo "${dsjson}"
count=$(echo "${dsjson}" | jq -c -r '.results | length')
if [ $count -gt 0 ]; then
msg="Secrets were detected in code. ${count} file(s) affected."
echo "##vso[task.logissue type=error]${msg}"
echo "##vso[task.complete result=Failed;]${msg}."
else
echo "##vso[task.complete result=Succeeded;]No secrets detected."
fi
displayName: "Analyzing detect-secrets results"
- job: lint_checks
steps:
- script: |
docker pull oxsecurity/megalinter:v6.8.0
docker run -v $(System.DefaultWorkingDirectory):/tmp/lint -e GIT_AUTHORIZATION_BEARER=$(System.AccessToken) oxsecurity/megalinter:v6.8.0
displayName: 'MegaLinter analysis'
- task: PublishPipelineArtifact@1
displayName: 'Publish Artifact: MegaLinter Report'
condition: succeededOrFailed()
inputs:
targetPath: '$(System.DefaultWorkingDirectory)/megalinter-reports/'
artifactName: mega-linter-reports
- job: unit_tests
steps:
- task: UsePythonVersion@0
displayName: "Set python v3.9"
inputs:
versionSpec: "3.9"
- task: Cache@2
inputs:
key: 'pip | "$(Agent.OS)" | requirements.txt'
restoreKeys: |
pip | "$(Agent.OS)"
path: $(pip_cache_dir)
displayName: "Cache pip"
- bash: make install
displayName: "Install pip packages"
- bash: make label_extraction_tests
displayName: "Running label extraction tests"
- bash: make web_app_api_tests
displayName: "Running web app api tests"
- task: PublishTestResults@2
displayName: "Publishing unit test results"
inputs:
testResultsFormat: 'JUnit'
testResultsFiles: '$(System.DefaultWorkingDirectory)/**/nose2-junit.xml'
failTaskOnFailedTests: true
testRunTitle: 'Label extraction Unit tests'
- task: reportgenerator@5
displayName: "Combine coverage reports"
inputs:
reports: '$(System.DefaultWorkingDirectory)/label-reader/modules/**/coverage.xml'
targetdir: '$(System.DefaultWorkingDirectory)/label-reader/modules/coverage-results'
- task: PublishCodeCoverageResults@1
displayName: "Publishing code coverage for label-extraction"
inputs:
codeCoverageTool: 'Cobertura'
summaryFileLocation: '$(System.DefaultWorkingDirectory)/label-reader/modules/coverage-results/Cobertura.xml'
failIfCoverageEmpty: true
- task: BuildQualityChecks@8
displayName: "Checking code coverage threshold"
inputs:
checkCoverage: true
coverageFailOption: 'fixed'
coverageType: 'lines'
coverageThreshold: '80'