We perform quality assurance through Continuous Integration (CI) pipelines on GitLab. This way, we make sure that COSSAS products that are released into the open source community are not broken, outdated or insecure. For every iteration, every contribution from the community, these pipelines are run again. Proposed changes are only merged if the code still adheres to our quality standards and the pipelines succeed. There are essentially four kinds of jobs that we run in our standard Python continuous integration pipelines.
Artefacts are built, versioned and delivered to the appropriate software registries automatically. Automating
this process greatly reduces the error
surface and it makes the process less opinionated.
We test our source code and our open source dependencies for security vulnerabilities. If we build a container image, we inspect its layers too.
We test our code for style, formality and complexity. For example,
pylint score above 6 is required. And we enforce Python type checking with
To ensure the integrity of our software, we enforce Python unit tests with a code coverage of at least 25%.