initial: dummy fastapi for SCA testing

2026-04-27 16:49:57 +07:00 · 2026-04-27 16:49:57 +07:00 · 8c6b1a9a3f
commit 8c6b1a9a3f
parent 730ba478c9
4 changed files with 135 additions and 0 deletions
--- a/.gitea/workflows/sca.yml
+++ b/.gitea/workflows/sca.yml
@ -0,0 +1,36 @@
 name: SCA - pip-audit
 on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main]
 jobs:
  pip-audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: '3.11'
      - name: Install tools
        run: pip install pipenv pip-audit
      - name: Install dependencies
        run: pipenv install --deploy
      - name: Run pip-audit scan
        run: pipenv run pip-audit --format json -o pip-audit-report.json || true
      - name: Fail on HIGH/CRITICAL
        run: pipenv run pip-audit --fail-on-severity high
      - name: Upload report
        uses: actions/upload-artifact@v4
        if: always()
        with:
          name: pip-audit-report
          path: pip-audit-report.json
--- a/22
+++ b/22
@ -0,0 +1,22 @@
 [[source]]
 url = "https://pypi.org/simple"
 verify_ssl = true
 name = "pypi"
 [packages]
 fastapi = "==0.95.0"
 uvicorn = "==0.20.0"
 requests = "==2.28.0"
 pydantic = "==1.10.0"
 python-jose = "==3.3.0"
 passlib = "==1.7.4"
 sqlalchemy = "==1.4.40"
 aiohttp = "==3.8.1"
 cryptography = "==38.0.0"
 pillow = "==9.3.0"
 [dev-packages]
 pytest = "==7.2.0"
 [requires]
 python_version = "3.11"
--- a/Pipfile.lock
+++ b/Pipfile.lock
@ -0,0 +1,66 @@
 {
    "_meta": {
        "hash": {
            "sha256": "dummy"
        },
        "pipfile-spec": 6,
        "requires": {
            "python_version": "3.11"
        },
        "sources": [
            {
                "name": "pypi",
                "url": "https://pypi.org/simple",
                "verify_ssl": true
            }
        ]
    },
    "default": {
        "fastapi": {
            "hashes": [],
            "version": "==0.95.0"
        },
        "uvicorn": {
            "hashes": [],
            "version": "==0.20.0"
        },
        "requests": {
            "hashes": [],
            "version": "==2.28.0"
        },
        "pydantic": {
            "hashes": [],
            "version": "==1.10.0"
        },
        "python-jose": {
            "hashes": [],
            "version": "==3.3.0"
        },
        "passlib": {
            "hashes": [],
            "version": "==1.7.4"
        },
        "sqlalchemy": {
            "hashes": [],
            "version": "==1.4.40"
        },
        "aiohttp": {
            "hashes": [],
            "version": "==3.8.1"
        },
        "cryptography": {
            "hashes": [],
            "version": "==38.0.0"
        },
        "pillow": {
            "hashes": [],
            "version": "==9.3.0"
        }
    },
    "develop": {
        "pytest": {
            "hashes": [],
            "version": "==7.2.0"
        }
    }
 }
--- a/main.py
+++ b/main.py
@ -0,0 +1,11 @@
 from fastapi import FastAPI
 app = FastAPI(title="DSF Dummy API")
@app.get("/")
 def root():
    return {"message": "AppSec - SCA Test Project"}
@app.get("/health")
 def health():
    return {"status": "ok"}