deploy dev #1209

Workflow file for this run

	name: Build

	on:
	push:
	branches:
	- trunk
	- feature/*
	paths-ignore:
	- 'ide_extension/**'
	- '.github/workflows/intellij-build.yml'
	- '.github/workflows/intellij-release.yml'
	- '.github/workflows/intellij-updater.yml'

	pull_request:
	branches:
	- trunk
	paths-ignore:
	- 'ide_extension/**'
	- '.github/workflows/intellij-build.yml'
	- '.github/workflows/intellij-release.yml'
	- '.github/workflows/intellij-updater.yml'

	jobs:
	build:
	if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
	runs-on: ubuntu-latest
	environment: release
	permissions:
	id-token: write
	pull-requests: write
	issues: write
	steps:
	- uses: actions/checkout@v4

	- name: Verify Conventional Commits
	uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3
	if: github.event_name == 'pull_request' \|\| github.event_name == 'pull_request_target'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: "3.12"

	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	python -m pip install virtualenv
	sudo apt-get update
	sudo apt-get install openssh-client -y

	- name: Run Unit Test
	run: \|
	cd tools/
	python -m virtualenv _venv
	source _venv/bin/activate
	python -m pip install --upgrade pip
	python -m pip install -r requirements_test.txt
	python -m pip install -r requirements.txt
	python -m pytest -x --cov=devsecops_engine_tools --cov-config=.coveragerc
	python -m coverage report -m
	python -m coverage xml

	- name: Run analysis on SonarQube
	uses: SonarSource/sonarqube-scan-action@v2
	env:
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
	with:
	projectBaseDir: tools
	args: >
	-Dsonar.organization=grupo-bancolombia
	-Dsonar.projectKey=bancolombia_devsecops-engine-tools
	-Dsonar.python.coverage.reportPaths=coverage.xml
	-Dsonar.language=py
	-Dsonar.verbose=true
	-Dsonar.exclusions=test_integrations_defect_dojo.py,/test/,/example/,setup.py,hello_world,Dockerfile,/coverage/
	-Dsonar.coverage.exclusions=test_integrations_defect_dojo.py,/test/,/example/,setup.py,hello_world,Dockerfile/,/coverage/

	- name: Build
	if: contains(github.event.head_commit.message, 'deploy dev')
	run: \|
	cd tools/
	source _venv/bin/activate
	python -m pip install setuptools virtualenv wheel
	python setup.py sdist bdist_wheel

	- name: Publish a Python distribution to PyPI Test
	if: contains(github.event.head_commit.message, 'deploy dev')
	uses: pypa/gh-action-pypi-publish@release/v1
	with:
	packages-dir: tools/dist/
	repository-url: https://test.pypi.org/legacy/

	releaseDraft:
	name: Release draft
	if: github.event_name != 'pull_request' && github.ref == 'refs/heads/trunk'
	needs: build
	runs-on: ubuntu-latest
	permissions:
	contents: write
	steps:
	# Generate a token of Github APP only for the truk branch
	- name: Generate a token of Github APP
	id: generate_token
	uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
	with:
	app_id: ${{ secrets.APP_ID_ADMIN_GITHUB }}
	private_key: ${{ secrets.APP_PRIVATE_KEY_ADMIN_GITHUB }}

	# Check out the current repository
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
	with:
	token: ${{ steps.generate_token.outputs.token }}

	- name: Set up NodeJS
	uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
	with:
	node-version: "lts/*"

	- name: Set up Semantic Release
	run: npm -g install @semantic-release/git [email protected]

	- name: Semantic Release
	run: npx [email protected]
	env:
	GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deploy dev #1209

Workflow file

deploy dev #1209

Jobs

Run details

Workflow file for this run