Skip to content

pySCG: add testing framework for code examples and docs #1011

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 13 commits into
base: main
Choose a base branch
from
Open

pySCG: add testing framework for code examples and docs #1011

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
bea804d
feat(pySCG): add comprehensive testing framework for code examples an…
tommcd Nov 18, 2025
32ebdf7
pySCG: resolve markdown linting errors caught in CI
tommcd Nov 18, 2025
f9f91ab
pySCG: fix pyproject.toml readme path for build
tommcd Nov 18, 2025
493f4e6
pySCG: fix pytest filter generation in CI workflow
tommcd Nov 18, 2025
c92f0c8
pySCG: add EXPECTED_TIMEOUT markers to CWE-390 files
tommcd Nov 18, 2025
487e8fd
pySCG: fix typo in CWE-330 README link
tommcd Nov 18, 2025
c0dfba9
pySCG: add EXPECTED_FAILURE marker to CWE-798 compliant file
tommcd Nov 18, 2025
a820d0d
pySCG: fix invalid Path() kwarg in CWE-798 compliant example
tommcd Nov 18, 2025
34447b3
pySCG: add test to validate inlined code matches actual files
tommcd Nov 18, 2025
6b41557
pySCG: update KNOWN_ISSUES with inlined code mismatches
tommcd Nov 18, 2025
d5a2f4c
pySCG: add trailing newline to KNOWN_ISSUES.md
tommcd Nov 18, 2025
8dd666d
pySCG: fix multiple blank lines in KNOWN_ISSUES.md
tommcd Nov 18, 2025
d1c2b30
pySCG: ensure KNOWN_ISSUES.md has proper trailing newline
tommcd Nov 18, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
136 changes: 136 additions & 0 deletions .github/workflows/python-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,136 @@
---
###############################################
###############################################
## Python Testing Framework GitHub Actions ##
###############################################
###############################################
name: Python Tests

#############################
# Start the job on all push #
#############################
on:
push:
branches: [main]
paths:
- 'docs/Secure-Coding-Guide-for-Python/**'
- '.github/workflows/python-tests.yml'
pull_request:
branches: [main]
paths:
- 'docs/Secure-Coding-Guide-for-Python/**'
- '.github/workflows/python-tests.yml'
workflow_dispatch: # Allow manual trigger for full test suite

###############
# Set the Job #
###############
jobs:
test:
# Name the Job
name: Run Python Tests (Python ${{ matrix.python-version }})
# Set the agent to run on
runs-on: ubuntu-latest

# Matrix strategy for multiple Python versions
strategy:
matrix:
python-version: ['3.9', '3.10', '3.11', '3.12', '3.13', '3.14']
fail-fast: false

##################
# Load all steps #
##################
steps:
##########################
# Checkout the code base #
##########################
- name: Checkout Code
uses: actions/checkout@v4

######################
# Install uv package #
######################
- name: Install uv
uses: astral-sh/setup-uv@v3
with:
enable-cache: true
cache-dependency-glob: "docs/Secure-Coding-Guide-for-Python/pyproject.toml"

########################
# Set up Python version #
########################
- name: Set up Python ${{ matrix.python-version }}
run: uv python install ${{ matrix.python-version }}

##########################
# Install dependencies #
##########################
- name: Install Dependencies
working-directory: docs/Secure-Coding-Guide-for-Python
run: uv sync --group test

##########################
# Get changed files #
##########################
- name: Get Changed Files
id: changed-files
uses: tj-actions/changed-files@v44
with:
files: |
docs/Secure-Coding-Guide-for-Python/CWE-*/**
docs/Secure-Coding-Guide-for-Python/Intro_*/**

##########################
# Run pytest tests #
##########################
- name: Run Tests on Changed Files (PR)
if: github.event_name == 'pull_request' && steps.changed-files.outputs.any_changed == 'true'
working-directory: docs/Secure-Coding-Guide-for-Python
env:
CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
run: |
# Extract unique CWE directories from changed files
CHANGED_DIRS=$(echo "$CHANGED_FILES" | tr ' ' '\n' | grep -E 'CWE-|Intro_' | sed 's|docs/Secure-Coding-Guide-for-Python/||' | sed 's|/.*||' | sort -u)

if [ -n "$CHANGED_DIRS" ]; then
echo "::notice::Testing changed directories: $CHANGED_DIRS"
# Build pytest -k filter for changed directories (trim spaces and join with ' or ')
FILTER=$(echo "$CHANGED_DIRS" | tr '\n' ' ' | sed 's/^ *//;s/ *$//' | sed 's/ / or /g')
uv run pytest tests/ --tb=line -q -k "$FILTER" || {
echo "::error::Tests failed. See details above."
exit 1
}
else
echo "::notice::No CWE directories changed, skipping tests"
fi

- name: Run Full Test Suite (Push to main or manual trigger)
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
working-directory: docs/Secure-Coding-Guide-for-Python
run: |
uv run pytest tests/ --tb=line -q || {
echo "::error::Tests failed. Review the output above for specific issues."
exit 1
}

##########################
# Link checking #
##########################
- name: Link Checking with Lychee
if: matrix.python-version == '3.12'
uses: lycheeverse/lychee-action@v2
with:
args: --offline --verbose --no-progress 'docs/Secure-Coding-Guide-for-Python/**/*.md'
fail: true

##########################
# Upload coverage report #
##########################
- name: Upload Coverage
if: matrix.python-version == '3.12'
uses: codecov/codecov-action@v4
with:
files: ./docs/Secure-Coding-Guide-for-Python/reports/coverage/coverage.xml
flags: python-tests
token: ${{ secrets.CODECOV_TOKEN }}
Loading
Loading