style: format with black #85
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| jobs: | |
| qa: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install QA dependencies | |
| run: | | |
| python -m pip install -U pip | |
| pip install ruff black mypy pandas openpyxl | |
| - name: Run Ruff | |
| run: ruff check . | |
| - name: Run Black | |
| run: black --check . | |
| - name: Run MyPy | |
| run: mypy src | |
| build-artifacts: | |
| needs: qa | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| # Création d’un CSV factice si le vrai est ignoré par .gitignore | |
| - name: Ensure risk_matrix.csv exists | |
| run: | | |
| if [ ! -f "02-Matrices/risk_matrix.csv" ]; then | |
| mkdir -p 02-Matrices | |
| echo "ID,Asset,Threat,Vulnerability,Probability,Impact,Risk,Decision,Recommendation" > 02-Matrices/risk_matrix.csv | |
| echo "R001,Example asset,Example threat,Example vulnerability,1,1,1,Accept,Example recommendation" >> 02-Matrices/risk_matrix.csv | |
| fi | |
| - name: Install Python deps | |
| run: | | |
| python -m pip install -U pip | |
| pip install pandas openpyxl | |
| - name: Generate XLSX | |
| run: python tools/csv2xlsx.py | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: risk-matrix-xlsx | |
| path: docs/reports/risk_matrix.xlsx | |
| security: | |
| needs: qa | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Syft | |
| run: | | |
| curl -sSfL https://github.com/anchore/syft/releases/download/v0.41.0/syft_0.41.0_linux_amd64.tar.gz \ | |
| | sudo tar -xz -C /usr/local/bin | |
| - name: Install Trivy | |
| run: | | |
| curl -sfL https://github.com/aquasecurity/trivy/releases/download/v0.35.0/trivy_0.35.0_Linux-64bit.tar.gz \ | |
| | sudo tar -xz -C /usr/local/bin | |
| - name: Run security checks | |
| run: bash tools/sec_checks.sh |