1
0
Fork 0
mirror of https://github.com/qurator-spk/dinglehopper.git synced 2025-06-09 20:00:01 +02:00

Introduce version pinning and license checcking

Introduces version pinning via pip-tools for reproducible builds.
Introduces license checking via pip-licenses and CircleCI.

Licenses are only checked for new builds and when requirements.txt changes.

The list of allowed licenses is kept in a separate file to be able to
distinguish changes in CI-Configuration/Tools and license list changes.
This commit is contained in:
Benjamin Rosemann 2021-05-05 15:20:35 +02:00
parent 1778b36a9a
commit 15e584f0ab
6 changed files with 296 additions and 19 deletions

View file

@ -9,10 +9,41 @@ jobs:
- image: circleci/python:<< parameters.python-version >>
steps:
- checkout
- run: pip3 install --upgrade pip
- run: pip3 install -r requirements.txt
- run: pip3 install pytest
- &install
run:
name: Install packages
command: |
pip3 install --upgrade pip
pip3 install -r requirements.txt
- run:
name: Install specific packages
command: pip3 install pytest
- run: pytest
license-scan:
docker:
- image: circleci/python:3.9
steps:
- checkout
- run: # Only run license checks if we have changes in requirements.txt
name: Check for changes
command: |
if [ -z "<< pipeline.git.base_revision >>" ]; then
echo "No previous build, run license check by default."
elif git diff-tree --no-commit-id --name-only -r << pipeline.git.revision >> << pipeline.git.base_revision >> | grep requirements.txt ; then
echo "Changes in requirements.txt, run license check."
else
echo "No relevant changes found, skip running license check."
circleci-agent step halt
fi
- *install
- run:
name: Install specific packages
command: pip3 install pip-licenses
- run: # Read allowed licenses from file to ";"-separated string while removing empty lines and comments
name: License check
command: |
ALLOWED=$(sed -e '/^#.*$/d' -e '/^\s*$/d' .allowed-licenses | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/;/g'); echo $ALLOWED
pip-licenses --from=mixed --allow-only="${ALLOWED}" --summary
workflows:
all-tests:
@ -21,3 +52,9 @@ workflows:
matrix:
parameters:
python-version: ["3.5", "3.6", "3.7", "3.8", "3.9"]
license-scan:
jobs:
- license-scan:
filters:
branches:
only: master