From 6f6fb56706b9057ba1f961c5f3e21f7f1b59f075 Mon Sep 17 00:00:00 2001 From: Arpit Jain Date: Wed, 26 Apr 2023 12:04:00 +0900 Subject: [PATCH 1/4] Added CodeQL code --- .github/workflows/codeql.yml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..307c5862 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,30 @@ +jobs: + analyze: + name: Analyze + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + queries: security-and-quality + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + strategy: + fail-fast: false + matrix: + language: + - python +name: CodeQL +'on': + push: + branches: + - master From 15c298206768f9b78abd9ada24d8a1430c1123b4 Mon Sep 17 00:00:00 2001 From: Arpit Jain Date: Wed, 26 Apr 2023 17:52:32 +0900 Subject: [PATCH 2/4] Added CodeQL code --- .github/workflows/tests.yml | 114 ------------------------------------ 1 file changed, 114 deletions(-) delete mode 100644 .github/workflows/tests.yml diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml deleted file mode 100644 index 0190cb88..00000000 --- a/.github/workflows/tests.yml +++ /dev/null @@ -1,114 +0,0 @@ -name: tests - -on: - push: - branches: - - main - tags: - - v* - pull_request: - schedule: - - cron: '14 7 * * 0' # run once a week on Sunday - workflow_dispatch: - -jobs: - run-tests: - strategy: - matrix: - config: - # [Python version, tox env] - - ["3.7", "py37"] - - ["3.8", "py38"] - - ["3.9", "py39"] - - ["3.10", "py310"] - - ["pypy-3.9", "pypy3"] - - ["3.10", "docs"] - - ["3.10", "plone"] - - ["3.11.0-rc.1", "py311"] - - runs-on: ubuntu-latest - name: ${{ matrix.config[1] }} - steps: - - uses: actions/checkout@v2 - - name: Set up Python - uses: actions/setup-python@v2 - with: - python-version: ${{ matrix.config[0] }} - - name: Pip cache - uses: actions/cache@v2 - with: - path: ~/.cache/pip - key: ${{ runner.os }}-pip-${{ matrix.config[0] }}-${{ hashFiles('setup.*', 'tox.ini') }} - restore-keys: | - ${{ runner.os }}-pip-${{ matrix.config[0] }}- - ${{ runner.os }}-pip- - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install tox - - name: Test - run: tox -e ${{ matrix.config[1] }} - - name: Coverage - run: | - pip install coveralls coverage-python-version - coveralls --service=github - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - deploy-tag-to-pypi: - # only deploy on tags, see https://stackoverflow.com/a/58478262/1320237 - if: startsWith(github.ref, 'refs/tags/v') - needs: - - run-tests - runs-on: ubuntu-latest - # This environment stores the TWINE_USERNAME and TWINE_PASSWORD - # see https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment - environment: - name: PyPI - url: https://pypi.org/project/icalendar/ - # after using the environment, we need to make the secrets available - # see https://docs.github.com/en/actions/security-guides/encrypted-secrets#example-using-bash - env: - TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} - TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} - steps: - - uses: actions/checkout@v2 - - name: Set up Python - uses: actions/setup-python@v2 - with: - python-version: "3.9" - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install wheel twine - - name: Check the tag - run: | - PACKAGE_VERSION=`python setup.py --version` - TAG_NAME=v$PACKAGE_VERSION - echo "Package version $PACKAGE_VERSION with possible tag name $TAG_NAME on $GITHUB_REF_NAME" - # test that the tag represents the version - # see https://docs.github.com/en/actions/learn-github-actions/environment-variables - if [ "$TAG_NAME" != "$GITHUB_REF_NAME" ]; then - echo "ERROR: This tag is for the wrong version. Got \"$GITHUB_REF_NAME\" expected \"$TAG_NAME\"." - exit 1 - fi - - name: remove old files - run: rm -rf dist/* - - name: build distribution files - run: python setup.py bdist_wheel sdist - - name: deploy to pypi - run: | - # You will have to set the variables TWINE_USERNAME and TWINE_PASSWORD - # You can use a token specific to your project by setting the user name to - # __token__ and the password to the token given to you by the PyPI project. - # sources: - # - https://shambu2k.hashnode.dev/gitlab-to-pypi - # - http://blog.octomy.org/2020/11/deploying-python-pacakges-to-pypi-using.html?m=1 - if [ -z "$TWINE_USERNAME" ]; then - echo "WARNING: TWINE_USERNAME not set!" - fi - if [ -z "$TWINE_PASSWORD" ]; then - echo "WARNING: TWINE_PASSWORD not set!" - fi - twine check dist/* - twine upload dist/* From d34d8dcc504aca2728ead8b5e618b16f31a5dd23 Mon Sep 17 00:00:00 2001 From: Arpit Jain <40381412+arpitjain799@users.noreply.github.com> Date: Fri, 28 Apr 2023 03:48:38 +0900 Subject: [PATCH 3/4] Delete .github/workflows/codeql.yml --- .github/workflows/codeql.yml | 30 ------------------------------ 1 file changed, 30 deletions(-) delete mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml deleted file mode 100644 index 307c5862..00000000 --- a/.github/workflows/codeql.yml +++ /dev/null @@ -1,30 +0,0 @@ -jobs: - analyze: - name: Analyze - permissions: - actions: read - contents: read - security-events: write - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - queries: security-and-quality - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - strategy: - fail-fast: false - matrix: - language: - - python -name: CodeQL -'on': - push: - branches: - - master From ecf9dc526f6617b1ef8656b3f9c6733754ebbaa0 Mon Sep 17 00:00:00 2001 From: Arpit Jain <40381412+arpitjain799@users.noreply.github.com> Date: Fri, 28 Apr 2023 03:48:39 +0900 Subject: [PATCH 4/4] Add new file --- .github/workflows/codeql.yml | 37 ++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..94d110b3 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,37 @@ +name: "CodeQL" +on: + workflow_dispatch: + #push: + # branches: [master] + #pull_request: + # branches: [master] + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ["python"] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + queries: security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 \ No newline at end of file