Skip to content

Address Issues Found on Hacker News #669

Address Issues Found on Hacker News

Address Issues Found on Hacker News #669

---
name: Build Pipeline
on:
workflow_dispatch:
pull_request:
branches:
- main
- develop
jobs:
lint-yml:
name: Yaml Lint
runs-on: ubuntu-latest
steps:
# Checkout Code
- name: Checkout Code
uses: actions/checkout@v4
# Lint Yaml Code
- name: YAML Lint
uses: ibiqlik/[email protected]
with:
file_or_dir: ${{ github.workspace }}/
.github/workflows/build-pipeline.yml
compliance:
needs: lint-yml
name: NPM Audit Report
runs-on: ubuntu-latest
steps:
# Checkout Code
- name: Checkout Code
uses: actions/checkout@v4
# Audit Package.json
- name: NPM Audit Action
uses: oke-py/npm-audit-action@main
with:
issue_assignees: thkruz
issue_labels: Security
dedupe_issues: true
github_token: ${{ secrets.GITHUB_TOKEN }}
continue-on-error: true
eslint:
needs: compliance
name: Lint
runs-on: ubuntu-latest
steps:
# Checkout code
- name: Checkout Code
uses: actions/checkout@v4
# Setup Node
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'
# Get Node Modules from Cache
- name: Cache node modules
uses: actions/cache@v3
env:
cache-name: cache-node-modules
with:
path: ~/.npm
key: ${{ runner.os }}-build- ${{ env.cache-name }}-
${{hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
# Ensure Node Modules Setup
- name: Install Dependencies
run: npm ci --ignore-scripts
# Run ESLint
- name: ESLint
run: npx eslint . --ignore-path .gitignore --ext js,ts,tsx
unit-tests:
needs: compliance
name: Unit Tests
runs-on: ubuntu-latest
steps:
# Checkout code
- name: Checkout Code
uses: actions/checkout@v4
# Setup Node
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'
# Get Node Modules from Cache
- name: Cache node modules
uses: actions/cache@v3
env:
cache-name: cache-node-modules
with:
path: ~/.npm
key: ${{ runner.os }}-build- ${{ env.cache-name }}-
${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
# Ensure Node Modules Setup
- name: Install Dependencies
run: npm ci --ignore-scripts
# Set Timezone to match snapshots
- name: Set Timezone
uses: szenius/[email protected]
with:
timezoneLinux: 'America/New_York'
# Unit Tests
- name: Test
run: npm test
build:
needs: [eslint, unit-tests]
name: Build
runs-on: ubuntu-latest
steps:
# Checkout code
- name: Checkout Code
uses: actions/checkout@v4
# Setup Node
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'
# Get Node Modules from Cache
- name: Cache node modules
uses: actions/cache@v3
env:
cache-name: cache-node-modules
with:
path: ~/.npm
key: ${{ runner.os }}-build- ${{ env.cache-name }}-
${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
# Ensure Node Modules Setup
- name: Install Dependencies
run: npm ci --ignore-scripts
# Build
- name: Build
run: npm run build
# - name: Save build folder
# uses: actions/[email protected]
# with:
# name: build
# if-no-files-found: error
# path: dist
trufflehog:
needs: build
name: TruffleHog
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: TruffleHog OSS
uses: trufflesecurity/[email protected]
codeQl:
needs: build
name: CodeQL
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
# CodeQL
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: javascript
- name: Autobuild
uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2