Skip to content

pci_device: make subprocess logging a debugging message and not error #1610

pci_device: make subprocess logging a debugging message and not error

pci_device: make subprocess logging a debugging message and not error #1610

name: python static analysis
# https://github.com/ossf/scorecard/blob/9ff40de429d0c7710076070387c8755494a9f187/docs/checks.md#token-permissions
permissions:
contents: read
on:
pull_request:
branches:
- master
- feature/**
paths:
- '**.py'
- '.github/workflows/python-static-analysis.yml'
jobs:
analyze:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.8', '3.9', '3.10', '3.11']
steps:
- uses: actions/checkout@v3
- name: Update
run: sudo apt-get update -y
- name: Setup python${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install pylint flake8 bandit
- name: Pylint lint
run: |
pylint $(find ${{ github.workspace }} -name "*.py") \
-E -f parseable --disable=E0401 --ignore=__init__.py \
--ignore-patterns="test_.*.py" \
| tee ${{ github.workspace }}/pylint.log
- name: Flake8 lint
run: |
flake8 $(find ${{ github.workspace }} -name "*.py") \
--count --show-source --statistics \
| tee ${{ github.workspace }}/flake8.log
continue-on-error: true
- name: Bandit scan
run: |
bandit -r $(find ${{ github.workspace }} -name "*.py") \
--format txt \
| tee ${{ github.workspace }}/bandit.log
bandit -r $(find ${{ github.workspace }} -name "*.py") \
--format csv \
| tee ${{ github.workspace }}/bandit.log.csv
- name: Archive results
uses: actions/upload-artifact@v3
with:
name: static-analysis
path: |
${{ github.workspace }}/pylint.log
${{ github.workspace }}/flake8.log
${{ github.workspace }}/bandit.log
${{ github.workspace }}/bandit.log.csv