python-test/.github/workflows/python-app.yml at main · nofarb/python-test · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python

name: Python application

on:
  push:
    branches: [ "sss" ]


jobs:
  build:

    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - name: Set up Python 3.10
      uses: actions/setup-python@v3
      with:
        python-version: "3.10"
    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
        pip install -r requirements.txt
        pip install coverage
        pip install -U ddtrace
      env:
        DD_TAG: step-test-tag

    - name: Test with pytest
      run: |
        export DD_CIVISIBILITY_AGENTLESS_ENABLED=true
        export DD_API_KEY=${{ secrets.DD_API_KEY }}
        export DD_SITE=datadoghq.com
        export DD_ENV=ci
        export DD_SERVICE=my-python-app
        pytest --ddtrace

    - name: add datadog tags
      run: |
        export DD_API_KEY=${{ secrets.DD_API_KEY }}
        export DD_SITE=$DD_SITE
        export DD_ENV=ci
        export DD_SERVICE=my-python-app
        export DD_TAGS=team:ci

        npm install -g @datadog/datadog-ci
        datadog-ci tag --level pipeline

  static-analysis:
    runs-on: ubuntu-latest
    name: Datadog Static Analyzer
    steps:
    - name: Checkout
      uses: actions/checkout@v3
    - name: Check code meets quality and security standards
      id: datadog-static-analysis
      uses: DataDog/datadog-static-analyzer-github-action@v1
      with:
        dd_api_key: ${{ secrets.DD_API_KEY }}
        dd_app_key: ${{ secrets.DD_APP_KEY }}
        dd_service: my-python-app
        dd_env: ci
        dd_site: datadoghq.com
        cpu_count: 2


  software-composition-analysis:
    runs-on: ubuntu-latest
    name: Datadog SBOM Generation and Upload
    steps:
    - name: Checkout
      uses: actions/checkout@v3
    - name: Check imported libraries are secure and compliant
      id: datadog-software-composition-analysis
      uses: DataDog/datadog-sca-github-action@main
      with:
        dd_api_key: ${{ secrets.DD_API_KEY }}
        dd_app_key: ${{ secrets.DD_APP_KEY }}
        dd_service: my-python-app
        dd_env: ci
        dd_site: datadoghq.com


  deploy-qa:
    runs-on: 'ubuntu-latest'
    environment: 'QA'
    steps:
      - name: deploy to QA
        run: |
          echo "deploy to QA"