Refactor GitHub Actions workflow: separate linting and building jobs for improved clarity and maintainability

gsaini · gsaini · commit 6fce6d567c7b · 2025-07-01T17:44:45.000-04:00
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -11,33 +11,46 @@ permissions:
   security-events: write
 
 jobs:
-  build:
+  lint:
     runs-on: ubuntu-latest
-
     steps:
-    - uses: actions/checkout@v4
-    - name: Log in to Docker Hub
-      uses: docker/login-action@v3
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-    - name: Build the Docker image
-      run: docker build . --file Dockerfile --tag gopalsaini/wsi-slides-dzi-processor:latest
-
-    - name: Scan Docker image for vulnerabilities
-      uses: docker/scout-action@v1
-      with:
-        command: cves
-        image: gopalsaini/wsi-slides-dzi-processor:latest
-        only-severities: critical,high
-        sarif-file: scout-report.sarif
-      continue-on-error: true
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install pylint
+      - name: Run Pylint
+        run: |
+          pylint $(git ls-files '*.py')
 
-    - name: Upload SARIF report
-      uses: github/codeql-action/upload-sarif@v3
-      with:
-        sarif_file: scout-report.sarif
-
-    - name: Push the Docker image
-      run: docker push gopalsaini/wsi-slides-dzi-processor:latest
+  build:
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Build the Docker image
+        run: docker build . --file Dockerfile --tag gopalsaini/wsi-slides-dzi-processor:latest
+      - name: Scan Docker image for vulnerabilities
+        uses: docker/scout-action@v1
+        with:
+          command: cves
+          image: gopalsaini/wsi-slides-dzi-processor:latest
+          only-severities: critical,high
+          sarif-file: scout-report.sarif
+        continue-on-error: true
+      - name: Upload SARIF report
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: scout-report.sarif
+      - name: Push the Docker image
+        run: docker push gopalsaini/wsi-slides-dzi-processor:latest
