chore(deps): lock file maintenance (#87) #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Validate codebase and image | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
workflow_call: | |
jobs: | |
lint-format-test: | |
timeout-minutes: 5 | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
- name: Install dependencies and lint files | |
run: | | |
npm ci | |
npm run lint | |
npm run format | |
npm run test | |
- name: Save code coverage to artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: code-coverage | |
path: "coverage/clover.xml" | |
retention-days: 5 | |
upload-coverage: | |
timeout-minutes: 5 | |
runs-on: ubuntu-latest | |
needs: | |
- lint-format-test | |
steps: | |
- name: Fetch code coverage artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: code-coverage | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
fail_ci_if_error: true | |
docker-test: | |
timeout-minutes: 5 | |
runs-on: ubuntu-latest | |
needs: | |
- lint-format-test | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
install: true | |
# This repository's Dockerfile uses $CACHE_BUST to invalidate Docker layer caching. The | |
# variable is passed to the Docker build action below. | |
- name: Export $CACHE_BUST environment variable | |
run: echo "CACHE_BUST=$(date +%FT%T%z)" >> $GITHUB_ENV | |
# Docker Compose builds an image with a default name of 'tracktime-tracktime'. Building an | |
# image with that name here and then using Docker Compose to start it in the next step. This | |
# is a workaround because Compose does not support BuildKit/buildx, which is required for | |
# GHA caching. | |
- name: Build Docker image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
tags: idrc-cms-authenticator | |
build-args: CACHE_BUST=${{ env.CACHE_BUST }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
load: true | |
- name: Run Docker Compose using built image | |
run: docker compose up --detach | |
- name: Run Docker integration tests | |
run: | | |
curl --location --remote-name https://github.com/Orange-OpenSource/hurl/releases/download/4.0.0/hurl_4.0.0_amd64.deb | |
sudo dpkg -i hurl_4.0.0_amd64.deb | |
bin/integration.sh http://localhost:3000/auth | |
- name: Scan image | |
uses: anchore/scan-action@v6 | |
with: | |
image: "idrc-cms-authenticator" | |
only-fixed: true | |
cache-db: true | |
output-format: table |