-
Notifications
You must be signed in to change notification settings - Fork 62
/
Copy pathtox.ini
101 lines (85 loc) · 2.57 KB
/
tox.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
[vars]
OPERATOR_MODULE = operator-pipeline-images/operatorcert
OPERATOR_TESTS = operator-pipeline-images/tests
MYPY_SOURCE_ARGS = --strict --ignore-missing-imports
MYPY_TEST_ARGS = {[vars]MYPY_SOURCE_ARGS}
[tox]
envlist = test,
black,
yamllint,
bandit,
pip-audit,
pdm-lock-check,
mypy,
pylint,
hadolint,
ansible-lint
skipsdist = True
[testenv]
extras = dev
[testenv:test]
groups = operatorcert-dev
commands = pytest -v \
--cov {[vars]OPERATOR_MODULE} \
--cov-report term-missing \
--cov-fail-under 100 \
--cov-report json \
{posargs}
[testenv:black]
groups = operatorcert-dev
commands = black --check --diff .
[testenv:black-format]
groups = operatorcert-dev
commands = black .
[testenv:mypy]
groups = operatorcert-dev
commands = mypy {[vars]MYPY_SOURCE_ARGS} {[vars]OPERATOR_MODULE}
mypy {[vars]MYPY_TEST_ARGS} {[vars]OPERATOR_TESTS}
[testenv:pylint]
groups =
operatorcert-dev
commands = pylint {[vars]OPERATOR_MODULE} \
--min-similarity-lines 9 \
-d fixme
[testenv:yamllint]
basepython = python3.12
groups = operatorcert-dev
files =
.
commands =
yamllint {[testenv:yamllint]files}
[testenv:bandit]
groups = operatorcert-dev
commands = bandit -r operator-pipeline-images/operatorcert -ll
[testenv:pip-audit]
groups = operatorcert-dev
allowlist_externals = bash,python
commands = pdm export \
--without-hashes \
-G ":all" \
-f requirements \
-o /tmp/requirements.txt
# run pip audit in a way it can't exit with non-zero status
bash ./local-dev/pip-audit.sh
# pip-audit does not support not failing on unfixable vulnerabilities, this hacks around that
python ./local-dev/pip-audit-parse.py /tmp/audit-output.json
[testenv:pdm-lock-check]
allowlist_externals = pdm
commands = pdm lock --check
[testenv:hadolint]
allowlist_externals = hadolint
groups = dev
commands = hadolint --failure-threshold warning \
--info DL3013 --info DL3041 \
operator-pipeline-images/Dockerfile
[testenv:pymarkdownlnt]
groups = dev
commands = pymarkdown scan .
pymarkdown scan -r ansible docs
[testenv:ansible-lint]
allowlist_externals = ansible-lint, ansible-galaxy
groups = dev
commands = ansible-galaxy collection install -r ansible/playbooks/requirements.yml
ansible-lint ansible/roles \
--exclude ansible/roles/config_ocp_cluster/files \
ansible/roles/index_signature_verification/files