GROUP-79 Bottom of Mobile Dialog Cutoff (#15) #53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Commit Stage | |
on: push | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: grouphq/grouphq-ui | |
VERSION: ${{ github.sha }} | |
jobs: | |
build: | |
name: Build and Test | |
runs-on: ubuntu-22.04 | |
permissions: | |
contents: read | |
security-events: write | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
- name: Set up Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Cache Node modules | |
uses: actions/cache@v2 | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-node- | |
- name: Install Dependencies | |
run: npm install | |
- name: Dependency vulnerability scanning | |
run: npm audit --audit-level high | |
- name: Checking code style | |
run: npx prettier . --check | |
- name: Checking code quality | |
run: | | |
npx ng lint | |
npx stylelint "**/*.css" | |
npx stylelint "**/*.scss" | |
- name: Build Angular App | |
run: npm run build | |
- name: Run Tests | |
run: npm run ci:test | |
- name: Code vulnerability scanning | |
uses: anchore/scan-action@v3 | |
id: scan | |
with: | |
path: "${{ github.workspace }}" | |
fail-build: false | |
severity-cutoff: high | |
# - name: Upload vulnerability report | |
# uses: github/codeql-action/upload-sarif@v2 | |
# if: success() || failure() | |
# with: | |
# sarif_file: ${{ steps.scan.outputs.sarif }} | |
- name: Setup arkade | |
uses: alexellis/setup-arkade@v3 | |
- name: Validate Kubernetes manifests | |
run: | | |
arkade get kubeconform | |
kustomize build k8s | kubeconform -strict -summary -output json | |
package: | |
name: Package and Publish | |
if: ${{ github.ref == 'refs/heads/main' }} | |
needs: [build] | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
node-version: [18.x] | |
permissions: | |
contents: read | |
packages: write | |
security-events: write | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v3 | |
- name: Set up Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Cache Node modules | |
uses: actions/cache@v2 | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-node- | |
- name: Install Dependencies | |
run: npm install | |
- name: Build Angular App | |
run: npm run build | |
- name: Set up Pack CLI | |
uses: buildpacks/github-actions/[email protected] | |
- name: Package SPA | |
run: | | |
pack build ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} \ | |
--buildpack gcr.io/paketo-buildpacks/nginx \ | |
--builder paketobuildpacks/builder:base \ | |
-p dist | |
- name: OCI image vulnerability scanning | |
uses: anchore/scan-action@v3 | |
id: scan | |
with: | |
image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} | |
fail-build: false | |
severity-cutoff: high | |
acs-report-enable: true | |
# - name: Upload vulnerability report | |
# uses: github/codeql-action/upload-sarif@v2 | |
# if: success() || failure() | |
# with: | |
# sarif_file: ${{ steps.scan.outputs.sarif }} | |
- name: Log into container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Publish container image | |
run: docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} | |
- name: Publish container image (latest) | |
run: | | |
docker tag \ | |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} \ | |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | |
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest |