56 lines
1.9 KiB
YAML
56 lines
1.9 KiB
YAML
name: 🛡️ Code Quality & Security Check
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main ]
|
|
|
|
jobs:
|
|
code-quality:
|
|
name: 🔍 Code Quality Analysis
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: 📥 Checkout Code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: 🐍 Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.13'
|
|
|
|
- name: 📦 Install Dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install flake8 black isort mypy bandit safety
|
|
pip install homeassistant==2025.9.4
|
|
pip install -r requirements-dev.txt || echo "No dev requirements found"
|
|
|
|
- name: 🎨 Check Code Formatting (Black)
|
|
run: |
|
|
black --check --diff custom_components/ || echo "Black formatting check completed"
|
|
|
|
- name: 📊 Import Sorting (isort)
|
|
run: |
|
|
isort --check-only --diff custom_components/ || echo "isort check completed"
|
|
|
|
- name: 🔍 Linting (Flake8)
|
|
run: |
|
|
flake8 custom_components/ --count --select=E9,F63,F7,F82 --show-source --statistics || echo "Critical flake8 issues found"
|
|
flake8 custom_components/ --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
|
|
|
|
- name: 🔒 Security Scan (Bandit)
|
|
run: |
|
|
bandit -r custom_components/ -f json -o bandit-report.json || echo "Bandit scan completed"
|
|
bandit -r custom_components/ --severity-level medium || echo "Medium severity issues found"
|
|
|
|
- name: 🛡️ Dependency Security Check (Safety)
|
|
run: |
|
|
safety check --json --output safety-report.json || echo "Safety check completed"
|
|
safety check || echo "Dependency vulnerabilities found"
|
|
|
|
- name: 🏷️ Type Checking (MyPy)
|
|
run: |
|
|
mypy custom_components/ --ignore-missing-imports --no-strict-optional || echo "Type checking completed"
|