You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Create a GitHub Actions pipeline that runs on commit to a feature branch (i.e. not `main`) and performs the following checks on our simple Flask app.
Create a GitHub Actions pipeline that runs on commit to a feature branch (i.e. not `main`) and performs the following checks on our simple Flask app repository.
- Check `.editorconfig`
- Code Lint and style - use `pylint` and `black` to check for style/formatting/syntax errors
- Code Unittest - there's a simple unit test next to our app called `app_test.py`. Make sure our unittest passes (`python -m unittest` executed in the app directory)
- Check for hardcoded secrets (`gitleaks`) - not just our app but the whole repository.
- SAST - SonarCloud; Review code smells and security issues
- SCA - Snyk; review security issues
- Build a Docker image. Use Git commit SHA as an Image tag.
- Scan the built image with `Trivy`
- Push the built image to your Docker HUB account
- (optional) Add CONTRIBUTORS guide. Follow [this](https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/setting-guidelines-for-repository-contributors) document from GitHUb.
:warning: Make sure that you run as many tests in parallel as you see fit
