Address Issues Found on Hacker News #669
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build Pipeline | |
on: | |
workflow_dispatch: | |
pull_request: | |
branches: | |
- main | |
- develop | |
jobs: | |
lint-yml: | |
name: Yaml Lint | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout Code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Lint Yaml Code | |
- name: YAML Lint | |
uses: ibiqlik/[email protected] | |
with: | |
file_or_dir: ${{ github.workspace }}/ | |
.github/workflows/build-pipeline.yml | |
compliance: | |
needs: lint-yml | |
name: NPM Audit Report | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout Code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Audit Package.json | |
- name: NPM Audit Action | |
uses: oke-py/npm-audit-action@main | |
with: | |
issue_assignees: thkruz | |
issue_labels: Security | |
dedupe_issues: true | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
continue-on-error: true | |
eslint: | |
needs: compliance | |
name: Lint | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Setup Node | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '18' | |
# Get Node Modules from Cache | |
- name: Cache node modules | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-node-modules | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-build- ${{ env.cache-name }}- | |
${{hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ env.cache-name }}- | |
${{ runner.os }}-build- | |
${{ runner.os }}- | |
# Ensure Node Modules Setup | |
- name: Install Dependencies | |
run: npm ci --ignore-scripts | |
# Run ESLint | |
- name: ESLint | |
run: npx eslint . --ignore-path .gitignore --ext js,ts,tsx | |
unit-tests: | |
needs: compliance | |
name: Unit Tests | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Setup Node | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '18' | |
# Get Node Modules from Cache | |
- name: Cache node modules | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-node-modules | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-build- ${{ env.cache-name }}- | |
${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ env.cache-name }}- | |
${{ runner.os }}-build- | |
${{ runner.os }}- | |
# Ensure Node Modules Setup | |
- name: Install Dependencies | |
run: npm ci --ignore-scripts | |
# Set Timezone to match snapshots | |
- name: Set Timezone | |
uses: szenius/[email protected] | |
with: | |
timezoneLinux: 'America/New_York' | |
# Unit Tests | |
- name: Test | |
run: npm test | |
build: | |
needs: [eslint, unit-tests] | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Setup Node | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '18' | |
# Get Node Modules from Cache | |
- name: Cache node modules | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-node-modules | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-build- ${{ env.cache-name }}- | |
${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ env.cache-name }}- | |
${{ runner.os }}-build- | |
${{ runner.os }}- | |
# Ensure Node Modules Setup | |
- name: Install Dependencies | |
run: npm ci --ignore-scripts | |
# Build | |
- name: Build | |
run: npm run build | |
# - name: Save build folder | |
# uses: actions/[email protected] | |
# with: | |
# name: build | |
# if-no-files-found: error | |
# path: dist | |
trufflehog: | |
needs: build | |
name: TruffleHog | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: TruffleHog OSS | |
uses: trufflesecurity/[email protected] | |
codeQl: | |
needs: build | |
name: CodeQL | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
# CodeQL | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: javascript | |
- name: Autobuild | |
uses: github/codeql-action/autobuild@v2 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 |