Mercurial > p > roundup > code
view .github/workflows/ossf-scorecard.yml @ 7719:3071db43bfb6
feat: issue2550852 - support using a specified PostgreSQL db schema
Finally after 7 years this is closed.
roundup/backends/back_postgresql.py:
Support use of schema when specified in RDBMS_NAME. Stuart McGraws
code is finally merged 8-).
test/test_postgresql.py, test/conftest.py:
Run all postgresql tests in the schema db as well.
Also make sure that db_nuke raises an error when trying to delete
the schema test database. Conftest defines pg_schema mark that can
be used to exclude schema tests with pytest -m "not pg_schema".
roundup/configuration.py:
change doc on RDBMS_NAME to include db.schema form.
.travis.yml, .github/workflows/ci-test.yml:
create schema test db; add user for testing with schema; grant new
user create privs for schema.
doc/installation.txt:
Reference to roundup-admin init deleting schema added.
doc/mysql.txt doc/postgresql.txt:
New documentation on psql/mysql commands to set up a production db.
doc/upgrading.txt:
mention schema support, also document service setting for
selecting connection from pg_service.conf.
doc/reference.txt:
update config.ini documentation for RDBMS_NAME.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Wed, 27 Dec 2023 22:52:14 -0500 |
| parents | 6ed521352d22 |
| children | edd93fa4a5ec |
line wrap: on
line source
# This workflow uses actions that are not certified by GitHub. They are provided # by a third-party and are governed by separate terms of service, privacy # policy, and support documentation. name: Scorecard supply-chain security on: # For Branch-Protection check. Only the default branch is supported. See # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection branch_protection_rule: # To guarantee Maintained check is occasionally updated. See # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained schedule: - cron: '25 21 * * 5' push: branches: [ "master" ] # Declare default permissions as read only. permissions: read-all jobs: analysis: name: Scorecard analysis runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'no-github-ci')" permissions: # Needed to upload the results to code-scanning dashboard. security-events: write # Needed to publish results and get a badge (see publish_results below). id-token: write # Uncomment the permissions below if installing in a private repository. # contents: read # actions: read steps: - name: "Checkout code" uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: persist-credentials: false - name: "Run analysis" uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0 with: results_file: results.sarif results_format: sarif # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: # - you want to enable the Branch-Protection check on a *public* repository, or # - you are installing Scorecard on a *private* repository # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. # repo_token: ${{ secrets.SCORECARD_TOKEN }} # Public repositories: # - Publish results to OpenSSF REST API for easy access by consumers # - Allows the repository to include the Scorecard badge. # - See https://github.com/ossf/scorecard-action#publishing-results. # For private repositories: # - `publish_results` will always be set to `false`, regardless # of the value entered here. publish_results: true # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: SARIF file path: results.sarif retention-days: 5 # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.1.27 with: sarif_file: results.sarif