Skip to content

feat: security ci to check vulnerability in superset added for superset #24491

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
+69 −0
Open

feat: security ci to check vulnerability in superset added for superset #24491

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 69 additions & 0 deletions .github/workflows/security-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
on:
push:
branches:
- "master"
pull_request:
branches:
- "*"
workflow_dispatch:
inputs:
logLevel:
description: "Log level"
required: true
default: "warning"

jobs:
bandit-analysis:
name: Bandit Analysis
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install dependencies
run: pip install bandit
- name: Run Bandit security scanner
run: |
bandit -r ./ --severity high
pip-audit:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Create virtual environment for pip-audit
run: python3 -m venv audit-env
- name: Activate virtual environment for pip-audit
run: source audit-env/bin/activate
- name: Install pip-audit and dependencies
run: |
sudo apt-get update
pip install --upgrade configobj
pip install --upgrade twisted
pip install --upgrade wheel
pip install --upgrade oauthlib
sudo apt-get install -y libsasl2-dev
pip install -r requirements/local.txt pip-audit
- name: Run pip-audit
run: pip-audit
- name: Deactivate virtual environment for pip-audit
run: deactivate
safety:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Create virtual environment for safety
run: python3 -m venv safety-env
- name: Activate virtual environment for safety
run: source safety-env/bin/activate
- name: Install dependencies
run: |
sudo apt-get update
pip install --upgrade twisted
pip install --upgrade wheel
pip install --upgrade oauthlib
sudo apt-get install -y libsasl2-dev
pip install -r requirements/local.txt safety
- name: Run safety check
run: safety check --full-report
- name: Deactivate virtual environment for safety
run: deactivate
Loading