Add Website Oracle Actions #36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Site | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
run-super-linter: | |
name: Run GitHub Super Linter | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: "18.12.1" | |
- name: Install Dependencies | |
run: npm ci | |
- name: Build NextJS types | |
run: npm run build | |
- name: Lint Code Base | |
uses: github/super-linter@v4 | |
env: | |
DEFAULT_BRANCH: main | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
LINTER_RULES_PATH: . | |
VALIDATE_ALL_CODEBASE: "true" | |
VALIDATE_CSS: "false" | |
VALIDATE_HTML: "false" | |
TYPESCRIPT_ES_CONFIG_FILE: .eslintrc.json | |
TYPESCRIPT_DEFAULT_STYLE: prettier | |
JAVASCRIPT_DEFAULT_STYLE: prettier | |
run-codeql-analysis: | |
name: Run CodeQL Analysis | |
runs-on: ubuntu-latest | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: javascript | |
- name: Autobuild | |
uses: github/codeql-action/autobuild@v2 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 | |
run-vulnerability-analysis: | |
name: Run Vulnerability Analysis | |
runs-on: ubuntu-20.04 | |
permissions: | |
security-events: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Run Trivy vulnerability scanner | |
uses: aquasecurity/trivy-action@master | |
with: | |
scan-type: fs | |
vuln-type: library | |
exit-code: 1 | |
format: sarif | |
output: trivy-results.sarif | |
- name: Upload Trivy scan results to GitHub Security tab | |
uses: github/codeql-action/upload-sarif@v2 | |
if: always() | |
with: | |
sarif_file: trivy-results.sarif | |
run-unit-tests: | |
name: Run Unit Tests | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: "18.12.1" | |
- name: Install Dependencies | |
run: npm ci | |
- name: Running Unit Tests | |
run: npm run test:ci | |
- name: Upload Code Coverage to CodeCov | |
if: ${{ github.event_name == 'push' }} | |
uses: codecov/codecov-action@v3 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
name: coverage-reports | |
flags: unit-tests | |
fail_ci_if_error: true | |
verbose: true | |
- name: Upload Code Coverage Report Artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: unit-tests-coverage | |
path: coverage/ | |
build-site: | |
name: Build Site | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: "18.12.1" | |
- name: Install Dependencies | |
run: npm ci | |
- name: Build Site | |
run: | | |
npm run build | |
touch ./out/.nojekyll | |
env: | |
PUBLIC_URL: https://cadmus-labs.github.io | |
- name: Upload Site | |
uses: actions/upload-artifact@v3 | |
with: | |
name: site | |
path: out/ | |
- name: Upload Unit Tests Code Coverage Report | |
uses: actions/upload-artifact@v3 | |
with: | |
name: unit-tests-coverage | |
path: coverage/ | |
check-links: | |
name: Check Links in Website | |
runs-on: ubuntu-20.04 | |
needs: build-site | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: "18.12.1" | |
- name: Install Dependencies | |
run: npm ci | |
- name: Download Site | |
uses: actions/download-artifact@v3 | |
with: | |
name: site | |
path: _site/ | |
- name: Start Server | |
run: | | |
source ./.github/scripts/start-server.sh | |
env: | |
WEBSITE_BUILD_DIR: _site | |
- name: Link Checker | |
id: lychee | |
uses: lycheeverse/lychee-action@v1.5.4 | |
with: | |
args: --verbose --no-progress https://cadmus-labs.github.io/ | |
fail: true | |
- name: Stop Server | |
run: | | |
source ./.github/scripts/stop-server.sh | |
env: | |
WEBSITE_BUILD_DIR: _site | |
- name: Upload Link Checker Report | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: Link Checker Report | |
path: ./lychee/out.md | |
# run-website-audit: | |
# name: Run Website Audit | |
# runs-on: ubuntu-20.04 | |
# needs: build-site | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@v3 | |
# - name: Download Site | |
# uses: actions/download-artifact@v3 | |
# with: | |
# name: site | |
# path: _site/ | |
# - name: Setup Node.js | |
# uses: actions/setup-node@v3 | |
# with: | |
# node-version: "18.12.1" | |
# - name: Run Lighthouse Audit | |
# run: | | |
# npm install -g @lhci/cli@0.10.x | |
# source ./.github/scripts/start-server.sh | |
# lhci autorun | |
# source ./.github/scripts/stop-server.sh | |
# env: | |
# LHCI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# - name: Upload artifacts | |
# if: always() | |
# uses: actions/upload-artifact@v3 | |
# with: | |
# name: website-audit | |
# path: ./lhci-out | |
deploy-site: | |
name: Deploy Site | |
runs-on: ubuntu-20.04 | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
permissions: | |
contents: write | |
needs: | |
- run-super-linter | |
- run-codeql-analysis | |
- run-vulnerability-analysis | |
- run-unit-tests | |
- build-site | |
- check-links | |
# - run-website-audit | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Download Site | |
uses: actions/download-artifact@v3 | |
with: | |
name: site | |
path: _site/ | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: "18.12.1" | |
- name: Deploy | |
uses: JamesIves/github-pages-deploy-action@v4 | |
with: | |
dry-run: ${{ github.event_name != 'push' }} | |
branch: gh-pages | |
folder: _site | |
commit-message: "[Automated] Update Site (Source Commit: ${{ github.sha }})" |