Bump dotenv from 16.4.5 to 16.4.6 #4472
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: push | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| COOKIE_SECRET: somethingverysecrethere | |
| GOOGLE_ANALYTICS_PROPERTY_ID: ga-test | |
| NOTIFY_CALLBACK_TOKEN: some-token | |
| ENABLE_SYSTEM_LICENCE_VIEW: true | |
| steps: | |
| # Downloads a copy of the code in your repository before running CI tests | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of sonarcloud analysis | |
| # Before we do anything, check we haven't accidentally left any `experiment.only()` or `test.only(` statements in | |
| # the tests | |
| # | |
| # Reworking of https://stackoverflow.com/a/21788642/6117745 | |
| - name: Temporary tag check | |
| run: | | |
| ! grep -R 'experiment.only(\|test.only(' test | |
| - name: Install Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: ".nvmrc" | |
| # Speeds up workflows by reading the node modules from cache. Obviously you need to run it at least once, and the | |
| # cache will be updated should the package-lock.json file change | |
| - name: Cache Node modules | |
| uses: actions/cache@v4 | |
| with: | |
| # npm cache files are stored in `~/.npm` on Linux/macOS | |
| path: ~/.npm | |
| key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.OS }}-node- | |
| ${{ runner.OS }}- | |
| # Performs a clean installation of all dependencies in the `package.json` file | |
| # For more information, see https://docs.npmjs.com/cli/ci.html | |
| - name: Install dependencies | |
| run: npm ci | |
| # Run linting first. No point running the tests if there is a linting issue | |
| - name: Run lint check | |
| run: | | |
| npm run lint | |
| # This includes an extra run step. The sonarcloud analysis will be run in a docker container with the current | |
| # folder mounted as `/github/workspace`. The problem is when the lcov.info file is generated it will reference the | |
| # code in the current folder. So to enable sonarcloud to matchup code coverage with the files we use sed to update | |
| # the references in lcov.info | |
| # https://community.sonarsource.com/t/code-coverage-doesnt-work-with-github-action/16747/6 | |
| - name: Run unit tests | |
| run: | | |
| npm test | |
| sed -i 's@'$GITHUB_WORKSPACE'@/github/workspace/@g' coverage/lcov.info | |
| - name: Analyze with SonarCloud | |
| if: github.actor != 'dependabot[bot]' | |
| uses: sonarsource/sonarcloud-github-action@master | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This is provided automatically by GitHub | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # This needs to be set in your repo; settings -> secrets |