From 8c6b1a9a3fd4e2722ca314bf4aa1cad26d5ee332 Mon Sep 17 00:00:00 2001 From: akarkode Date: Mon, 27 Apr 2026 16:49:57 +0700 Subject: [PATCH] initial: dummy fastapi for SCA testing --- .gitea/workflows/sca.yml | 36 ++++++++++++++++++++++ Pipfile | 22 ++++++++++++++ Pipfile.lock | 66 ++++++++++++++++++++++++++++++++++++++++ main.py | 11 +++++++ 4 files changed, 135 insertions(+) create mode 100644 .gitea/workflows/sca.yml create mode 100644 Pipfile create mode 100644 Pipfile.lock create mode 100644 main.py diff --git a/.gitea/workflows/sca.yml b/.gitea/workflows/sca.yml new file mode 100644 index 0000000..77f4d2a --- /dev/null +++ b/.gitea/workflows/sca.yml @@ -0,0 +1,36 @@ +name: SCA - pip-audit + +on: + push: + branches: [main, develop] + pull_request: + branches: [main] + +jobs: + pip-audit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-python@v5 + with: + python-version: '3.11' + + - name: Install tools + run: pip install pipenv pip-audit + + - name: Install dependencies + run: pipenv install --deploy + + - name: Run pip-audit scan + run: pipenv run pip-audit --format json -o pip-audit-report.json || true + + - name: Fail on HIGH/CRITICAL + run: pipenv run pip-audit --fail-on-severity high + + - name: Upload report + uses: actions/upload-artifact@v4 + if: always() + with: + name: pip-audit-report + path: pip-audit-report.json \ No newline at end of file diff --git a/Pipfile b/Pipfile new file mode 100644 index 0000000..0474dba --- /dev/null +++ b/Pipfile @@ -0,0 +1,22 @@ +[[source]] +url = "https://pypi.org/simple" +verify_ssl = true +name = "pypi" + +[packages] +fastapi = "==0.95.0" +uvicorn = "==0.20.0" +requests = "==2.28.0" +pydantic = "==1.10.0" +python-jose = "==3.3.0" +passlib = "==1.7.4" +sqlalchemy = "==1.4.40" +aiohttp = "==3.8.1" +cryptography = "==38.0.0" +pillow = "==9.3.0" + +[dev-packages] +pytest = "==7.2.0" + +[requires] +python_version = "3.11" diff --git a/Pipfile.lock b/Pipfile.lock new file mode 100644 index 0000000..300dc62 --- /dev/null +++ b/Pipfile.lock @@ -0,0 +1,66 @@ +{ + "_meta": { + "hash": { + "sha256": "dummy" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.11" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "fastapi": { + "hashes": [], + "version": "==0.95.0" + }, + "uvicorn": { + "hashes": [], + "version": "==0.20.0" + }, + "requests": { + "hashes": [], + "version": "==2.28.0" + }, + "pydantic": { + "hashes": [], + "version": "==1.10.0" + }, + "python-jose": { + "hashes": [], + "version": "==3.3.0" + }, + "passlib": { + "hashes": [], + "version": "==1.7.4" + }, + "sqlalchemy": { + "hashes": [], + "version": "==1.4.40" + }, + "aiohttp": { + "hashes": [], + "version": "==3.8.1" + }, + "cryptography": { + "hashes": [], + "version": "==38.0.0" + }, + "pillow": { + "hashes": [], + "version": "==9.3.0" + } + }, + "develop": { + "pytest": { + "hashes": [], + "version": "==7.2.0" + } + } +} diff --git a/main.py b/main.py new file mode 100644 index 0000000..3024b92 --- /dev/null +++ b/main.py @@ -0,0 +1,11 @@ +from fastapi import FastAPI + +app = FastAPI(title="DSF Dummy API") + +@app.get("/") +def root(): + return {"message": "AppSec - SCA Test Project"} + +@app.get("/health") +def health(): + return {"status": "ok"}