pipenv in gh actions

2026-02-05 19:03:30 -05:00 · 2022-11-08 09:44:41 -05:00
parent e44fe2eb11
commit a0e4e184a9
5 changed files with 18 additions and 9 deletions
--- a/.github/actions/setup-project/action.yml
+++ b/.github/actions/setup-project/action.yml
@@ -13,6 +13,9 @@ runs:
      uses: actions/setup-python@v3
      with:
        python-version: "3.9"
+    - name: Install pipenv  
+      shell: bash
+      run: pip install --upgrade pipenv
    - name: Install application dependencies
      shell: bash
      run: make bootstrap
--- a/.github/workflows/checks.yml
+++ b/.github/workflows/checks.yml
@@ -21,21 +21,23 @@ jobs:
      - uses: actions/checkout@v3
      - uses: ./.github/actions/setup-project
      - name: Run style checks
-        run: flake8 .
+        run: pipenv run flake8 .
      - name: Check imports alphabetized
-        run: isort --check-only ./app ./tests
+        run: pipenv run isort --check-only ./app ./tests
      - name: Run js lint
        run: npm run lint
      - name: Run js tests
        run: npm test
      - name: Run py tests
-        run: pytest -n4 --maxfail=10
+        run: pipenv run pytest -n4 --maxfail=10

  dependency-audits:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: ./.github/actions/setup-project
+      - name: Create requirements.txt
+        run: pipenv requirements > requirements.txt
      - uses: trailofbits/gh-action-pip-audit@v1.0.0
        with:
          inputs: requirements.txt
@@ -48,10 +50,8 @@ jobs:
    steps:
      - uses: actions/checkout@v3
      - uses: ./.github/actions/setup-project
-      - name: Install bandit
-        run: pip install bandit
      - name: Run scan
-        run: bandit -r app/ --confidence-level medium
+        run: pipenv run bandit -r app/ --confidence-level medium

  dynamic-scan:
    runs-on: ubuntu-latest
--- a/.github/workflows/daily_checks.yml
+++ b/.github/workflows/daily_checks.yml
@@ -24,6 +24,8 @@ jobs:
    steps:
    - uses: actions/checkout@v3
    - uses: ./.github/actions/setup-project
+    - name: Create requirements.txt
+      run: pipenv requirements > requirements.txt
    - uses: trailofbits/gh-action-pip-audit@v1.0.0
      with:
        inputs: requirements.txt
@@ -36,10 +38,8 @@ jobs:
    steps:
      - uses: actions/checkout@v3
      - uses: ./.github/actions/setup-project
-      - name: Install bandit
-        run: pip install bandit
      - name: Run scan
-        run: bandit -r app/ --confidence-level medium
+        run: pipenv run bandit -r app/ --confidence-level medium

  dynamic-scan:
    runs-on: ubuntu-latest
--- a/.github/workflows/deploy-demo.yml
+++ b/.github/workflows/deploy-demo.yml
@@ -40,6 +40,9 @@ jobs:

      - uses: ./.github/actions/setup-project

+      - name: Create requirements.txt because Cloud Foundry does a weird pipenv thing
+        run: pipenv requirements > requirements.txt
+
      - name: Deploy to cloud.gov
        uses: 18f/cg-deploy-action@main
        env:
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -45,6 +45,9 @@ jobs:

      - uses: ./.github/actions/setup-project

+      - name: Create requirements.txt because Cloud Foundry does a weird pipenv thing
+        run: pipenv requirements > requirements.txt
+
      - name: Deploy to cloud.gov
        uses: 18f/cg-deploy-action@main
        env: