[wf] some workflows

Author: grindsa

.github/pylintrc

@@ -0,0 +1,19 @@
+# plyintrc for acme2certifier CI pipeline
+[MESSAGES CONTROL]
+# c0301 - line to long
+# r0205 - useless-object-inheritance
+# r0801 - Similar lines in 2 files
+# r0902 - too-many-instance-attributes
+# r0903 - too-few-public methods
+# r0913 - too-many-arguments
+# r1702 - too many nested blocks
+# w0703 - too general exception
+# W1202 - logging-format-interpolation
+disable=C0301, R0205, R0801, R0902, R0903, R0913, R1702, W0703, W1202
+
+[DESIGN]
+# Maximum number of locals for function / method
+max-locals=20
+max-branches=20
+max-public-methods=30
+max-statements=100

.github/workflows/blank.yml

@@ -0,0 +1,60 @@
+name: "CodeQL"
+
+on:
+  push:
+  pull_request:
+    branches: [ master ]
+  schedule:
+    - cron:  '0 2 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        # Override automatic language detection by changing the below list
+        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
+        language: ['python']
+        # Learn more...
+        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # If this run was triggered by a pull request event, then checkout
+    # the head of the pull request instead of the merge commit.
+    - run: git checkout HEAD^2
+      if: ${{ github.event_name == 'pull_request' }}
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,21 @@
+# workflow to run the acme2certifier unittest suite
+
+name: Markdown Link check
+
+on:
+  push:
+  pull_request:
+    branches: [ devel ]
+  schedule:
+    - cron:  '0 2 * * 6'
+
+jobs:
+  markdown-link-check:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@master
+    - uses: gaurav-nelson/github-action-markdown-link-check@v1
+    - name: Lint changelog file root
+      uses: avto-dev/markdown-lint@v1
+      with:
+        args: '*.md'

.github/workflows/markdown_check.yml

@@ -0,0 +1,52 @@
+# This workflow integrates a collection of open source static analysis tools
+# with GitHub code scanning. For documentation, or to provide feedback, visit
+# https://github.com/github/ossar-action
+name: OSSAR
+
+on:
+  push:
+  pull_request:
+    branches: [ master ]
+  schedule:
+    - cron:  '0 2 * * 6'
+
+jobs:
+  OSSAR-Scan:
+    # OSSAR runs on windows-latest.
+    # ubuntu-latest and macos-latest support coming soon
+    runs-on: windows-latest
+
+    steps:
+      # Checkout your code repository to scan
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # If this run was triggered by a pull request event, then checkout
+    # the head of the pull request instead of the merge commit.
+    - run: git checkout HEAD^2
+      if: ${{ github.event_name == 'pull_request' }}
+
+    # Ensure a compatible version of dotnet is installed.
+    # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201.
+    # A version greater than or equal to v3.1.201 of dotnet must be installed on the agent in order to run this action.
+    # Remote agents already have a compatible version of dotnet installed and this step may be skipped.
+    # For local agents, ensure dotnet version 3.1.201 or later is installed by including this action:
+    # - name: Install .NET
+    #   uses: actions/setup-dotnet@v1
+    #   with:
+    #     dotnet-version: '3.1.x'
+
+      # Run open source static analysis tools
+    - name: Run OSSAR
+      uses: github/ossar-action@v1
+      id: ossar
+
+      # Upload results to the Security tab
+    - name: Upload OSSAR results
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: ${{ steps.ossar.outputs.sarifFile }}

.github/workflows/ossar-analysis.yml

@@ -0,0 +1,32 @@
+# workflow to run the dkb-robo unittest suite
+
+name: Python Tests
+
+on:
+  push:
+  pull_request:
+    branches: [ devel ]
+  schedule:
+    - cron:  '0 2 * * 6'
+
+jobs:
+  pylint:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python_version: [3.x, 3.8]
+    name: Pylint test (${{ matrix.python_version }})
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Python ${{ matrix.python_version }}
+        uses: actions/setup-python@v2
+        with:
+          python-version: ${{ matrix.python_version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install pylint pylint-exit
+
+      - name: "Pylint folder: dkb_robo"
+        run: |
+          pylint --rcfile=".github/pylintrc" xca_template_parser.py || pylint-exit $?