Merge pull request #8 from soda480/0.3.1

build: add ability to build against all targeted Python versions
soda480 · Jul 10, 2022 · 41448db · 41448db
2 parents aaa6c32 + cf11f43
commit 41448db
Show file tree

Hide file tree

Showing 6 changed files with 71 additions and 33 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,33 +1,56 @@
 name: build
 on:
+  schedule:
+  - cron: "0 8 * * *"
   push:
     branches:
       - '**'
   pull_request:
     branches:
       - main
 jobs:
-  build:
+  build-images:
+    strategy:
+      matrix:
+        version: ['3.7', '3.8', '3.9', '3.10']
+    name: Build Python Docker images
     runs-on: ubuntu-20.04
-    container: python:3.9-slim
-
     steps:
-    - uses: actions/checkout@v2
-
-    - name: Install pybuilder
-      run: pip install pybuilder
-
-    - name: Execute build
-      run: pyb
-
-    - name: Install Codecov requirements
-      run: |
-        apt-get update
-        apt-get install -y bash curl
-        sed -e 's,filename="pybuilder-bandit/,filename="src/main/python/pybuilder_bandit/,g' target/reports/pybuilder-bandit_coverage.xml > coverage.xml
-
-    - name: Upload coverage to Codecov
-      uses: codecov/codecov-action@v1
-      with:
-        token: ${{ secrets.CODECOV_TOKEN }}
-        file: coverage.xml
+      - uses: actions/checkout@v3
+      - name: build pybbandit ${{ matrix.version }} image
+        run:
+          docker image build --build-arg PYTHON_VERSION=${{ matrix.version }} -t pybbandit:${{ matrix.version }} .
+      - name: save pybbandit ${{ matrix.version }} image
+        if: ${{ matrix.version == '3.9' }}
+        run: |
+          mkdir -p images
+          docker save --output images/pybbandit-${{ matrix.version }}.tar pybbandit:${{ matrix.version }}
+      - name: upload pybbandit ${{ matrix.version }} image artifact
+        if: ${{ matrix.version == '3.9' }}
+        uses: actions/upload-artifact@v2
+        with:
+          name: image
+          path: images/pybbandit-${{ matrix.version }}.tar
+  coverage:
+    name: Publish Code Coverage Report
+    needs: build-images
+    runs-on: ubuntu-20.04
+    steps:
+      - name: download image artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: image
+          path: images/
+      - name: load image
+        run:
+          docker load --input images/pybbandit-3.9.tar
+      - name: prepare report
+        run: |
+          ID=$(docker create pybbandit:3.9)
+          docker cp $ID:/code/target/reports/pybuilder-bandit_coverage.xml pybbandit_coverage.xml
+          sed -i -e 's,filename="pybbandit/,filename="src/main/python/pybbandit/,g' pybbandit_coverage.xml
+      - name: upload report
+        uses: codecov/codecov-action@v1
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          file: pybbandit_coverage.xml
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,7 @@
-FROM python:3.9-slim
+ARG PYTHON_VERSION=3.9
+FROM python:${PYTHON_VERSION}-slim
 ENV PYTHONDONTWRITEBYTECODE 1
 WORKDIR /code
 COPY . /code/
-RUN pip install pybuilder
-RUN pyb
+RUN pip install --upgrade pip && pip install pybuilder
+RUN pyb -X
diff --git a/README.md b/README.md
@@ -1,9 +1,9 @@
-# pybuilder-bandit #
+# pybuilder-bandit
 [![GitHub Workflow Status](/~https://github.com/soda480/pybuilder-bandit/workflows/build/badge.svg)](/~https://github.com/soda480/pybuilder-bandit/actions)
 [![Code Coverage](https://codecov.io/gh/soda480/pybuilder-bandit/branch/main/graph/badge.svg)](https://codecov.io/gh/soda480/pybuilder-bandit)
 [![Code Grade](https://api.codiga.io/project/19893/status/svg)](https://app.codiga.io/public/project/19893/pybuilder-bandit/dashboard)
 [![PyPI version](https://badge.fury.io/py/pybuilder-bandit.svg)](https://badge.fury.io/py/pybuilder-bandit)
-[![python](https://img.shields.io/badge/python-3.9-teal)](https://www.python.org/downloads/)
+[![python](https://img.shields.io/badge/python-3.7%20%7C%203.8%20%7C%203.9%20%7C%203.10-teal)](https://www.python.org/downloads/)
 
 A pybuilder plugin that analyzes your project for common security issues using `bandit`. Bandit is a security linter for Python code, for more information refer to the [bandit pypi page](https://pypi.org/project/bandit/).
 
@@ -17,7 +17,7 @@ use_plugin('pypi:pybuilder_bandit')
 use_plugin('pypi:pybuilder_bandit', '~=0.1.3')
 ```
 
-### Pybuilder bandit properties ###
+### Pybuilder bandit properties
 
 The pybuilder task `pyb bandit` will use bandit to scan your project to find common security issues, verbose mode will display to the screen any issues found. The following plugin properties are available to further configure the scan.
 
@@ -41,7 +41,7 @@ project.set_property('bandit_include_testsources', True)
 project.set_property('bandit_include_scripts', True)
 ```
 
-### Development ###
+### Development
 
 Clone the repository and ensure the latest version of Docker is installed on your development server.
 
@@ -59,7 +59,7 @@ docker container run \
 -it \
 -v $PWD:/code \
 pybbandit:latest \
-/bin/bash
+bash
 ```
 
 Execute the build:

diff --git a/build.py b/build.py
@@ -11,16 +11,21 @@
 use_plugin("python.flake8")
 use_plugin("python.coverage")
 use_plugin("python.distutils")
+use_plugin('pypi:pybuilder_radon')
+use_plugin('pypi:pybuilder_anybadge')
 
 
 name = 'pybuilder-bandit'
 authors = [Author('Emilio Reyes', 'soda480@gmail.com')]
 summary = 'Pybuilder plugin for bandit security linter'
 url = '/~https://github.com/soda480/pybuilder-bandit'
-version = '0.3.0'
+version = '0.3.1'
 default_task = [
     'clean',
-    'publish'
+    'analyze',
+    'publish',
+    'radon',
+    'anybadge'
 ]
 license = 'Apache License, Version 2.0'
 description = summary
@@ -50,11 +55,12 @@ def set_properties(project):
         'License :: OSI Approved :: Apache Software License',
         'Operating System :: POSIX :: Linux',
         'Programming Language :: Python',
-        'Programming Language :: Python :: 3.6',
         'Programming Language :: Python :: 3.7',
         'Programming Language :: Python :: 3.8',
         'Programming Language :: Python :: 3.9',
+        'Programming Language :: Python :: 3.10',
         'Topic :: Software Development :: Build Tools'])
+    project.set_property('anybadge_exclude', 'complexity, coverage')
     # only for functional testing plugin
     # project.set_property('bandit_break_build', True)
     # project.set_property('bandit_confidence_level', 'LOW')

diff --git a/build.sh b/build.sh
@@ -0,0 +1,5 @@
+versions=( '3.7' '3.8' '3.9' '3.10' )
+for version in "${versions[@]}";
+do
+    docker image build --build-arg PYTHON_VERSION=$version -t pybbandit:$version .
+done
diff --git a/pyproject.toml b/pyproject.toml
@@ -0,0 +1,3 @@
+[build-system]
+requires = ["pybuilder>=0.12.0"]
+build-backend = "pybuilder.pep517"