procurement-pattern-detection./.github/workflows/ci.yml at main · Effinchang/procurement-pattern-detection. · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
name: ci
on:
  push: {branches: [ main ]}
  pull_request: {branches: [ main ]}
jobs:
  build-test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with: {python-version: '3.11'}
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
          pip install pytest bandit safety
      - name: Lint & Security (Bandit)
        run: bandit -r . || true
      - name: Dependency Vulnerability Check (Safety)
        run: safety check --full-report || true
      - name: Run tests
        run: pytest -q || true