-
Notifications
You must be signed in to change notification settings - Fork 0
168 lines (140 loc) · 5.41 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
name: Node.js CI
on: ['push', 'workflow_dispatch']
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Use Node.js 20
uses: actions/setup-node@v4
with:
node-version: 20.9.0
cache: 'npm'
- name: Cache node modules
uses: actions/cache@v4
env:
cache-name: cache-node-modules
with:
path: ~/.npm
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Install dependencies
run: npm ci
- name: Lint
run: |
npm run eslint
npm run lint:styles
- name: Build
run: |
npm run build -- --base-href=https://arnaudflaesch.github.io/CashManager/
cp public/index.html public/404.html
- name: Test
id: application-tests
run: npm run test
- name: Login to Github Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Start database image
run: |
docker run -p 5432:5432 -d -e POSTGRES_PASSWORD=postgres -e POSTGRES_DB=dash postgres:13.2-alpine
- name: Start backend image
run: |
[[ "$(git ls-remote --heads https://github.com/ArnaudFlaesch/Dash-WebServices ${{github.ref_name}} | wc -l)" == 1 && ${{github.ref_name}} != 'main' ]] && tagName=${{github.ref_name}} || tagName=latest
docker run -p 8080:8080 -d --network="host" -e OPENWEATHERMAP_KEY=test -e STRAVA_CLIENT_ID=test -e STRAVA_CLIENT_SECRET=test -e STEAM_API_KEY=test -e AIRPARIF_API_TOKEN=test ghcr.io/arnaudflaesch/dash-webservices:$tagName
- name: E2E Tests
uses: cypress-io/github-action@v6
id: e2e-tests
with:
browser: firefox
config-file: cypress-test.config.ts
start: npm start
wait-on: 'http://localhost:4200'
- name: Generate test report
id: generate-e2e-report
if: always() && steps.e2e-tests.outcome == 'failure'
run: |
mkdir cypress/screenshots || true
npm run report:merge
npm run report:generate
npm run report:copyScreenshots
- name: Upload Cypress report
uses: actions/upload-artifact@v4
if: always() && steps.generate-e2e-report.outcome == 'success'
with:
name: Cypress report
path: cypress/reports/html
- name: Report coverage for Codecov
uses: codecov/codecov-action@v4
if: always() && steps.application-tests.outcome == 'success'
with:
directory: coverage-jest
token: ${{ secrets.CODECOV_TOKEN }}
- name: Report coverage for Codacy
if: always() && steps.application-tests.outcome == 'success'
run: |
bash <(curl -Ls https://coverage.codacy.com/get.sh)
env:
CODACY_PROJECT_TOKEN: ${{ secrets.CODACY_PROJECT_TOKEN }}
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@v2.2.0
if: always() && steps.application-tests.outcome == 'success'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Upload pages artifact
uses: actions/upload-pages-artifact@v3
if: success() && github.ref_name == 'main'
with:
path: ./public
deploy:
# Grant GITHUB_TOKEN the permissions required to make a Pages deployment
permissions:
pages: write # to deploy to Pages
id-token: write # to verify the deployment originates from an appropriate source
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: test
if: success() && github.ref_name == 'main'
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
codacy-security-scan:
permissions:
contents: read
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
# Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@v4.4
with:
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
verbose: true
output: results.sarif
format: sarif
# Adjust severity of non-security issues
gh-code-scanning-compat: true
# Force 0 exit code to allow SARIF file generation
# This will handover control about PR rejection to the GitHub side
max-allowed-issues: 2147483647
# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif