Merge pull request #222 from mozilla-it/more-lint-66

More linting adjustments
mozilla-it · May 19, 2021 · 2f88444 · 2f88444
2 parents 230954d + 3f899a1
commit 2f88444
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 10 deletions.
diff --git a/Makefile b/Makefile
@@ -42,8 +42,8 @@ build: .env
 
 .PHONY: lint
 lint: .env
-	docker-compose -f ./docker-compose.lint.yaml build \
-		--build-arg userid=${CTMS_UID} --build-arg groupid=${CTMS_GID}
+	docker-compose -f ./docker-compose.yaml -f ./tests/docker-compose.lint.yaml build \
+		--build-arg userid=${CTMS_UID} --build-arg groupid=${CTMS_GID} lint
 
 .PHONY: db-only
 db-only: .env

diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -78,14 +78,15 @@ ENTRYPOINT ["/docker-entrypoint.sh"]
 CMD uvicorn ctms.app:app --reload --host=0.0.0.0 --port=$PORT
 
 
-# 'lint' stage runs black and isort
+# 'lint' stage runs similar checks to pre-commit / scripts/lint.sh
 # running in check mode means build will fail if any linting errors occur
 FROM development AS lint
-RUN isort --settings-path ./pyproject.toml --recursive --check-only
-RUN black --config ./pyproject.toml --check ctms tests
-RUN mypy --no-strict-optional --ignore-missing-imports ctms
 RUN bandit -lll --recursive ctms --exclude "ctms/poetry.lock,ctms/.venv,ctms/.mypy,ctms/build"
-CMD ["tail", "-f", "/dev/null"]
+RUN mypy ctms
+RUN black --config ./pyproject.toml --check ctms tests
+RUN isort --recursive --settings-path ./pyproject.toml --check-only ctms
+RUN pylint ctms tests/unit
+CMD ./scripts/lint.sh
 
 
 # 'test' stage runs our unit tests with pytest and

diff --git a/scripts/lint.sh b/scripts/lint.sh
@@ -4,12 +4,16 @@ set -e
 
 CURRENT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd)
 BASE_DIR="$(dirname "$CURRENT_DIR")"
+HAS_GIT="$(command -v git || echo '')"
+echo $HAS_GIT
 
 bandit -lll --recursive "${BASE_DIR}" --exclude "${BASE_DIR}/poetry.lock,${BASE_DIR}/.venv,${BASE_DIR}/.mypy,${BASE_DIR}/build"
 
-# Scan only files checked into the repo, omit poetry.lock
-SECRETS_TO_SCAN=`git ls-tree --full-tree -r --name-only HEAD | grep -v poetry.lock`
-detect-secrets-hook $SECRETS_TO_SCAN --baseline .secrets.baseline
+if [ -n "$HAS_GIT" ]; then
+    # Scan only files checked into the repo, omit poetry.lock
+    SECRETS_TO_SCAN=`git ls-tree --full-tree -r --name-only HEAD | grep -v poetry.lock`
+    detect-secrets-hook $SECRETS_TO_SCAN --baseline .secrets.baseline
+fi
 
 mypy "${BASE_DIR}"
 black --config "${BASE_DIR}/pyproject.toml" "${BASE_DIR}"

diff --git a/docker-compose.lint.yaml → tests/docker-compose.lint.yaml b/docker-compose.lint.yaml → tests/docker-compose.lint.yaml