CE-4-Refactor Loader to prevent infinite spinner #1400

	name: Unit Tests and Analysis

	on:
	pull_request:
	types:
	- opened
	- reopened
	- synchronize
	- ready_for_review
	push:
	branches:
	- main
	workflow_dispatch:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	tests:
	name: Unit Tests
	if: github.event_name != 'pull_request' \|\| !github.event.pull_request.draft
	runs-on: ubuntu-22.04
	strategy:
	matrix:
	dir: [backend, frontend]
	include:
	- dir: backend
	sonar_projectKey: bcgov_nr-compliance-enforcement_backend
	token: SONAR_TOKEN_BACKEND
	- dir: frontend
	sonar_projectKey: bcgov_nr-compliance-enforcement_frontend
	token: SONAR_TOKEN_FRONTEND
	steps:
	- uses: bcgov-nr/[email protected]
	with:
	commands: \|
	npm ci
	npm run test:cov
	dir: ${{ matrix.dir }}
	sonar_args: >
	-Dsonar.exclusions=/coverage/,/node_modules/
	-Dsonar.organization=bcgov-sonarcloud
	-Dsonar.project.monorepo.enabled=true
	-Dsonar.projectKey=${{ matrix.sonar_projectKey }}
	sonar_project_token: ${{ secrets[matrix.token] }}
	trivy:
	name: Trivy Security Scan
	if: github.event_name != 'pull_request' \|\| !github.event.pull_request.draft
	runs-on: ubuntu-22.04
	timeout-minutes: 1
	steps:
	- uses: actions/checkout@v4
	- name: Run Trivy vulnerability scanner in repo mode
	uses: aquasecurity/[email protected]
	with:
	format: "sarif"
	output: "trivy-results.sarif"
	ignore-unfixed: true
	scan-type: "fs"
	scanners: "vuln,secret,config"
	severity: "CRITICAL,HIGH"

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: "trivy-results.sarif"

Provide feedback