From e7ee21d816c11de7e6b4258a5d320789dfcbced1 Mon Sep 17 00:00:00 2001 From: harshcasper Date: Thu, 12 Aug 2021 23:45:36 +0530 Subject: [PATCH] CI: rip off DeepSource and add CodeQL analysis --- .deepsource.toml | 10 --------- .github/workflows/codeql-analysis.yml | 30 +++++++++++++++++++++++++++ README.md | 2 +- 3 files changed, 31 insertions(+), 11 deletions(-) delete mode 100644 .deepsource.toml create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.deepsource.toml b/.deepsource.toml deleted file mode 100644 index 3ea082b..0000000 --- a/.deepsource.toml +++ /dev/null @@ -1,10 +0,0 @@ -version = 1 - -test_patterns = ["*/tests/**"] - -[[analyzers]] -name = "python" -enabled = true - - [analyzers.meta] - runtime_version = "3.x.x" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..a5688f7 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,30 @@ +name: "CodeQL Analysis - Python" + +on: + push: + branches: [main] + pull_request: + branches: [main] + +jobs: + CodeQL-Build: + + strategy: + fail-fast: false + matrix: + language: ['python'] + + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: python + setup-python-dependencies: false + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 diff --git a/README.md b/README.md index c5fe308..4d7b9e9 100644 --- a/README.md +++ b/README.md @@ -108,7 +108,7 @@ docker run app:webedge The Python Files have been linted using [flake8](https://flake8.pycqa.org/) which automatically suggests linting errors and issues with formatting and styling. You can run the `flake8` command with the given configuration in the Project 🍀 -We are also making use of DeepSource Analysis, which can be viewed [here](http://deepsource.io/gh/HarshCasper/webEdge). This allows us to identify potential bugs and anti-patterns with each push to the repository, and potentially fix it 🐛 +We are also making use of CodeQL Analysis, which can be viewed [here](.github/workflows/codeql-analysis.yml). This allows us to identify potential bugs and anti-patterns with each push to the repository, and potentially fix it 🐛 For setting up CI/CD, we are making use of [GitHub Actions](https://github.com/features/actions). With a simple configuration set-up, we were able to test each build for specific issues, which can be viewed [here](.github/workflows/ci.yml) 🌱