-
Notifications
You must be signed in to change notification settings - Fork 61
/
Copy pathtox.ini
112 lines (95 loc) · 3.09 KB
/
tox.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
[vars]
OPERATOR_MODULE = operator-pipeline-images/operatorcert
OPERATOR_TESTS = operator-pipeline-images/tests
MYPY_SOURCE_ARGS = --strict --ignore-missing-imports
MYPY_TEST_ARGS = {[vars]MYPY_SOURCE_ARGS}
[tox]
envlist = test,
black,
yamllint,
bandit,
pip-audit,
pdm-lock-check,
mypy,
pylint,
hadolint,
ansible-lint
skipsdist = True
[testenv]
extras = dev
[testenv:test]
groups = operatorcert-dev
commands = pytest -v \
--cov {[vars]OPERATOR_MODULE} \
--cov-report term-missing \
--cov-fail-under 100 \
--cov-report json \
{posargs}
[testenv:black]
groups = operatorcert-dev
commands = black --check --diff .
[testenv:black-format]
groups = operatorcert-dev
commands = black .
[testenv:mypy]
groups = operatorcert-dev
commands = mypy {[vars]MYPY_SOURCE_ARGS} {[vars]OPERATOR_MODULE}
mypy {[vars]MYPY_TEST_ARGS} {[vars]OPERATOR_TESTS}
[testenv:pylint]
groups =
operatorcert-dev
commands = pylint {[vars]OPERATOR_MODULE} \
--min-similarity-lines 9 \
-d fixme
[testenv:yamllint]
basepython = python3.12
groups = operatorcert-dev
files =
.
commands =
yamllint {[testenv:yamllint]files}
[testenv:bandit]
groups = operatorcert-dev
commands = bandit -r operator-pipeline-images/operatorcert -ll
[testenv:pip-audit]
groups = operatorcert-dev
allowlist_externals = bash,python
commands = pdm export \
--without-hashes \
-G ":all" \
-f requirements \
-o /tmp/requirements.txt
# run pip audit in a way it can't exit with non-zero status
bash ./local-dev/pip-audit.sh
# pip-audit does not support not failing on unfixable vulnerabilities, this hacks around that
python ./local-dev/pip-audit-parse.py /tmp/audit-output.json
[testenv:pdm-lock-check]
allowlist_externals = pdm
commands = pdm lock --check
[testenv:hadolint]
allowlist_externals = hadolint
groups = dev
commands = hadolint --failure-threshold warning \
--info DL3013 --info DL3041 \
operator-pipeline-images/Dockerfile
[testenv:pymarkdownlnt]
groups = dev
commands = pymarkdown scan .
pymarkdown scan -r ansible docs
[testenv:ansible-lint]
allowlist_externals = ansible-lint, ansible-galaxy
groups = dev
commands = ansible-galaxy collection install -r ansible/playbooks/requirements.yml
ansible-lint ansible/roles \
--exclude ansible/roles/config_ocp_cluster/files \
ansible/roles/index_signature_verification/files
# Tekton lint is experimental and may not be supported in the future.
# However, it is useful to have it here for now for manual testing.
# It is not included in the default testenv and is not triggered by the
# default tox command or Github Actions.
# To run it, use `tox -e tekton-lint`
# The linter doesn't support the tekton bundle yet, so it raises few false positives.
# The issue is tracked here: https://github.com/IBM/tekton-lint/issues/118
[testenv:tekton-lint]
allowlist_externals = npx
commands = npx @ibm/tekton-lint@latest