name: Code Security Audit

on: [push, pull_request]

jobs:
  build:

    runs-on: ubuntu-20.04

    steps:
    - uses: actions/checkout@v3

    - name: Set up Python 3.9
      uses: actions/setup-python@v4
      with:
        python-version: 3.9

    - name: Install poetry
      uses: abatilo/actions-poetry@v2
      with:
        poetry-version: 1.4.2

    - name: Install dependencies
      run: |
        poetry install --with dev

    - name: Run bandit against code base
      run: |
        poetry run bandit -r hm_pyhelper -c pyproject.toml