add bandit

Signed-off-by: BAStos525 <jungle.vas@yandex.ru>
hyperledger-iroha · Nov 18, 2024 · 5bcede4 · 5bcede4
1 parent d08c4c0
commit 5bcede4
Showing 1 changed file with 26 additions and 24 deletions.
diff --git a/.github/workflows/pr-pytests.yml b/.github/workflows/pr-pytests.yml
@@ -21,31 +21,33 @@ jobs:
           python-version: ${{ matrix.python-version }}
       - name: Checkout code
         uses: actions/checkout@v4
-      - name: Install dependencies
-        run: pip install poetry tomli-w
-      - name: Checkout irohad repo code
-        run: git clone --depth 1 https://github.com/hyperledger-iroha/iroha.git -b 2.0.0-rc.1 iroha_daemon
-      - name: Install correct rust version
-        run: rustup install nightly-2024-09-09 && rustup component add rust-src --toolchain nightly-2024-09-09
-      - name: Set toolchain
-        run: rustup default nightly-2024-09-09
-      - name: Build irohad
-        run: cd iroha_daemon && cargo build --release && mkdir target/debug -p && cp target/release/irohad target/debug/irohad && cp target/release/iroha target/debug/iroha
-      - name: Build kagami
-        run: cd iroha_daemon && cargo build --bin kagami
-      - name: Build default executor
-        run: cd iroha_daemon && cargo run --release --bin iroha_wasm_builder -- build ./wasm_samples/default_executor --optimize --out-file ./defaults/executor.wasm
-      - name: Maturin build and Run tests
-        run: bash -c "  pip install maturin &&
-                        maturin build &&
-                        cd iroha_daemon && scripts/test_env.py setup && cd .. &&
-                        python -m venv .venv &&
-                        source .venv/bin/activate &&
-                        pip install pytest faker allure-pytest pytest-cov bandit pylint &&
-                        pip install --break-system-packages target/wheels/iroha-*.whl &&
-                        python -m pytest --cov=. --cov-report xml:coverage-reports/coverage-iroha-python.xml tests/"
+      # - name: Install dependencies
+      #   run: pip install poetry tomli-w
+      # - name: Checkout irohad repo code
+      #   run: git clone --depth 1 https://github.com/hyperledger-iroha/iroha.git -b 2.0.0-rc.1 iroha_daemon
+      # - name: Install correct rust version
+      #   run: rustup install nightly-2024-09-09 && rustup component add rust-src --toolchain nightly-2024-09-09
+      # - name: Set toolchain
+      #   run: rustup default nightly-2024-09-09
+      # - name: Build irohad
+      #   run: cd iroha_daemon && cargo build --release && mkdir target/debug -p && cp target/release/irohad target/debug/irohad && cp target/release/iroha target/debug/iroha
+      # - name: Build kagami
+      #   run: cd iroha_daemon && cargo build --bin kagami
+      # - name: Build default executor
+      #   run: cd iroha_daemon && cargo run --release --bin iroha_wasm_builder -- build ./wasm_samples/default_executor --optimize --out-file ./defaults/executor.wasm
+      # - name: Maturin build and Run tests
+      #   run: bash -c "  pip install maturin &&
+      #                   maturin build &&
+      #                   cd iroha_daemon && scripts/test_env.py setup && cd .. &&
+      #                   python -m venv .venv &&
+      #                   source .venv/bin/activate &&
+      #                   pip install pytest faker allure-pytest pytest-cov bandit pylint &&
+      #                   pip install --break-system-packages target/wheels/iroha-*.whl &&
+      #                   python -m pytest --cov=. --cov-report xml:coverage-reports/coverage-iroha-python.xml tests/"
       - name: Run Bandit
-        run: bandit --format json --output bandit-report.json --recursive tests/
+        run: |
+          pip install bandit
+          bandit --format json --output bandit-report.json --recursive tests/
       - name: SonarQube
         uses: sonarsource/sonarqube-scan-action@master
         env: