New workflows

[ali-hosseini-deriv]

Changes:

Please provide a summary of the change.

Screenshots:

Please provide some screenshots of the change.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated (UTC)
deriv-app	✅ Ready (Inspect)	Visit Preview	Aug 19, 2023 0:03am

[github-actions]

A production App ID was automatically generated for this PR. (log)

• PR: New workflows #9753
• URLs:
  • w/ App ID + Server: https://deriv-app-git-fork-ali-hosseini-deriv-new-workflows.binary.sx?qa_server=red.binaryws.com&app_id=31524
  • Original: https://deriv-app-git-fork-ali-hosseini-deriv-new-workflows.binary.sx
• App ID: 31524

Click here to copy & paste above information.

- **PR**: [https://github.com/binary-com/deriv-app/pull/9753](https://github.com/binary-com/deriv-app/pull/9753)
- **URLs**:
    - **w/ App ID + Server**: https://deriv-app-git-fork-ali-hosseini-deriv-new-workflows.binary.sx?qa_server=red.binaryws.com&app_id=31524
    - **Original**: https://deriv-app-git-fork-ali-hosseini-deriv-new-workflows.binary.sx
- **App ID**: `31524`

[github-actions]

🚨 Lighthouse report for the changes in this PR:

Category	Score
🔺 Performance	20
🟧 Accessibility	75
🟢 Best practices	92
🟧 SEO	85
🟢 PWA	90

Lighthouse ran with https://deriv-app-git-fork-ali-hosseini-deriv-new-workflows.binary.sx/

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
4.4% Duplication

[coveralls]

coverage: 10.135%. remained the same when pulling a187c92 on ali-hosseini-deriv:new-workflows into 6ad6607 on binary-com:master.

[review-deriv]

AI Review (AI review can be wrong. Do not use it as the only source of feedback)

The code follows best practices for building and deploying applications using Github Actions and Docker. However, the code lacks error handling in case of unsuccessful steps. In terms of security, although sensitive data such as Docker Hub credentials are stored as secrets, it's important to ensure that secrets are not accidentally logged, printed, or leaked through other ways. There's also a potential logic error in the condition checking whether a cache hit is true and executing the script if not in the build-and-test action.

Security:

1. Docker credentials (DOCKERHUB_USERNAME and DOCKERHUB_PASSWORD) and Kubernetes CA_CRT certificate are stored securely as secrets, which is good practice.

Error Handling:

2. In the 'build-and-deploy-staging' workflow, error handling for each step is missing. For example, measures should be put in place in case the 'Build and Test' step or 'Build and Push image to docker hub' does not complete successfully.

3. Similarly, in 'build-and-test' workflow, error handling for each step is missing.

Logic:

4. In the build-and-test GitHub action, npm commands npm ci and npm run bootstrap should not be executed every time the cache is missed. These commands should be executed beforehand, and their results should be cached.

Minor:

5. The "Check tests" sections in 'action.yml' are repeating and can be optimized in terms of loops or grouped as functions to avoid redundancy.

6. runs-on: ubuntu-latest declares a latest version as a runner. But according to best practices, it's better to use specific version of runner to avoid any forthcoming changes to 'latest' version that may cause issues.

7. Missing newline at the end of some files. Although it's a minor issue, having a newline at the end of each file is a common convention.

Overall, the code follows good practices in terms of continuous integration/continuous delivery (CI/CD) and security, but it should improve on error handling and implement some logic corrections to ensure a more robust system.

[github-actions]

This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[github-actions]

This PR was closed because it has been stalled for 5 days with no activity. Please reopen it if needed.