Add OWASP's checklist for LLM governance #2388
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Backend code coverage | |
on: | |
pull_request: | |
branches: ["main"] | |
paths: | |
- "backend/**" | |
env: | |
GITHUB_WORKFLOW: github_actions | |
POSTGRES_VERSION: "16" | |
UBUNTU_VERSION: "ubuntu-24.04" | |
PYTHON_VERSION: "3.12" | |
jobs: | |
build: | |
runs-on: ubuntu-24.04 | |
env: | |
backend-directory: ./backend | |
services: | |
postgres: | |
image: postgres:16 | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres # test credential | |
POSTGRES_DB: postgres | |
ports: ["5432:5432"] | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
strategy: | |
max-parallel: 4 | |
matrix: | |
python-version: ["3.12"] | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up python ${{ matrix.python-version }} | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python-version }} | |
cache: "pip" | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
virtualenvs-create: false | |
installer-parallel: true | |
- name: Install backend requirements | |
working-directory: ${{ env.backend-directory }} | |
run: poetry install | |
- name: Create environment variables file | |
working-directory: ${{env.backend-directory}} | |
run: | | |
touch .env | |
echo DJANGO_DEBUG='True' >> .env | |
echo POSTGRES_NAME=postgres >> .env | |
echo POSTGRES_USER=postgres >> .env | |
echo POSTGRES_PASSWORD=postgres >> .env | |
echo DB_HOST=localhost >> .env | |
echo EMAIL_HOST=localhost >> .env | |
echo EMAIL_PORT=1025 >> .env | |
echo EMAIL_HOST_USER='' >> .env | |
echo EMAIL_HOST_PASSWORD='' >> .env | |
#echo EMAIL_USE_TLS=False >> .env | |
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env | |
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env | |
echo CISO_ASSISTANT_URL=http://127.0.0.1:5173 >> .env | |
- name: Run migrations | |
working-directory: ${{env.backend-directory}} | |
run: | | |
export $(grep -v '^#' .env | xargs) | |
poetry run python manage.py migrate | |
- name: Run coverage | |
working-directory: ${{env.backend-directory}} | |
env: | |
DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres" | |
run: | | |
export $(grep -v '^#' .env | xargs) | |
find . -path '*/tests/*' -and -name 'test*.py' -and -not -path "./venv/*" | xargs coverage run -m pytest | |
- name: Display coverage report | |
working-directory: ${{env.backend-directory}} | |
env: | |
DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres" | |
run: coverage report |