Skip to content
Build

chore(deps): update reviewdog/action-eslint action to v1.33.0 #2207

Sign in to view logs

chore(deps): update reviewdog/action-eslint action to v1.33.0

chore(deps): update reviewdog/action-eslint action to v1.33.0 #2207

Workflow file for this run

.github/workflows/nodejs.yml at 6abe2c7
name: Build
on: [push]
jobs:
# -- TESTS ------------------------------------------------------------------
tests:
name: Tests
runs-on: ubuntu-latest
strategy:
matrix:
node: ['16']
steps:
- name: Harden GitHub Actions Runner
uses: step-security/harden-runner@0327a39356be0e062df2bb0bd2a3e036b72a8393
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Setup Node.js ${{ matrix.node }}
uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
with:
node-version: ${{ matrix.node }}
check-latest: true
- name: Install dependencies
run: npm install
- name: Run unit-tests + Code Coverage
run: npm run test:coverage
- name: Save Code Coverage
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: code-coverage
path: coverage
# -- SONARCLOUD -------------------------------------------------------------
code-quality:
name: Code Quality
runs-on: ubuntu-latest
needs: tests
steps:
- name: Harden GitHub Actions Runner
uses: step-security/harden-runner@0327a39356be0e062df2bb0bd2a3e036b72a8393
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Download Code Coverage
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: code-coverage
path: coverage
- name: Get App Version
run: ./scripts/version.sh
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# -- SAST SCAN --------------------------------------------------------------
code-security:
name: Code Security
runs-on: ubuntu-latest
needs: tests
# Skip any PR created by dependabot to avoid permission issues
if: (github.actor != 'dependabot[bot]')
steps:
- name: Harden GitHub Actions Runner
uses: step-security/harden-runner@0327a39356be0e062df2bb0bd2a3e036b72a8393
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Perform Scan
uses: ShiftLeftSecurity/scan-action@master
env:
WORKSPACE: https://github.com/${{ github.repository }}/blob/${{ github.sha }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SCAN_ANNOTATE_PR: true
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: reports
path: reports
# -- RELEASE ----------------------------------------------------------------
pre-release:
name: Prepare Release
runs-on: ubuntu-latest
needs:
- code-quality
- code-security
if: github.ref == 'refs/heads/master'
steps:
- name: Harden GitHub Actions Runner
uses: step-security/harden-runner@0327a39356be0e062df2bb0bd2a3e036b72a8393
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Semantic Release
uses: cycjimmy/semantic-release-action@8e58d20d0f6c8773181f43eb74d6a05e3099571d # v3.4.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# -- BUILD ------------------------------------------------------------------
build:
name: Build & Release
runs-on: ubuntu-latest
needs: pre-release
strategy:
matrix:
node: ['16']
steps:
- name: Harden GitHub Actions Runner
uses: step-security/harden-runner@0327a39356be0e062df2bb0bd2a3e036b72a8393
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Setup Node.js ${{ matrix.node }}
uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
with:
node-version: ${{ matrix.node }}
check-latest: true
- name: Install dependencies
run: npm install