Skip to content
Code Quality Analysis

Code Quality Analysis #49

Sign in to view logs

Code Quality Analysis

Code Quality Analysis #49

Workflow file for this run

.github/workflows/code-quality.yml at dd4984b
name: Code Quality Analysis
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
schedule:
# Run daily analysis
- cron: '0 2 * * *'
jobs:
complexity:
name: Code Complexity Analysis
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install tools
run: |
pip install --no-cache-dir radon pylint
- name: Check cyclomatic complexity
run: |
radon cc -a -s . | tee complexity-report.txt
continue-on-error: true
- name: Check maintainability index
run: |
radon mi -s . | tee maintainability-report.txt
continue-on-error: true
- name: Lint with pylint
run: |
pylint --exit-zero --reports=y . > pylint-report.txt 2>&1 || true
continue-on-error: true
- name: Upload reports
uses: actions/upload-artifact@v3
with:
name: code-quality-reports
path: |
complexity-report.txt
maintainability-report.txt
pylint-report.txt
if: always()
dependency-check:
name: Dependency Security Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install uv
run: pip install --no-cache-dir uv
- name: Install dependencies
run: uv sync
- name: Check for known vulnerabilities
run: uv run pip-audit --format json --output audit-report.json || true
continue-on-error: true
- name: Upload audit report
uses: actions/upload-artifact@v3
with:
name: dependency-audit
path: audit-report.json
if: always()
code-coverage:
name: Code Coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install uv
run: pip install --no-cache-dir uv
- name: Install dependencies
run: uv sync
- name: Install test dependencies
run: uv pip install pytest pytest-cov
continue-on-error: true
- name: Generate coverage report
run: |
uv run pytest --cov=. --cov-report=xml --cov-report=html . 2>/dev/null || true
continue-on-error: true
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
files: ./coverage.xml
flags: unittests
fail_ci_if_error: false
continue-on-error: true
- name: Upload coverage report
uses: actions/upload-artifact@v3
with:
name: coverage-report
path: htmlcov
if: always()
sast:
name: SAST Analysis
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install security tools
run: |
pip install --no-cache-dir semgrep bandit
- name: Run semgrep
run: |
semgrep --config=p/security-audit --json --output=semgrep-report.json . || true
continue-on-error: true
- name: Run bandit
run: |
bandit -r . -f json -o bandit-report.json || true
continue-on-error: true
- name: Upload SAST reports
uses: actions/upload-artifact@v3
with:
name: sast-reports
path: |
semgrep-report.json
bandit-report.json
if: always()
summary:
name: Quality Summary
runs-on: ubuntu-latest
needs: [ complexity, dependency-check, code-coverage, sast ]
if: always()
steps:
- name: Download all reports
uses: actions/download-artifact@v3
- name: Print summary
run: |
echo "## Code Quality Summary"
echo ""
echo "✅ All quality checks completed"
echo ""
echo "### Reports Generated:"
echo "- Complexity Analysis"
echo "- Dependency Audit"
echo "- Code Coverage"
echo "- SAST Analysis"
echo ""
echo "Check the artifacts tab for detailed reports."