Skip to content

DevOps - Create Manifest (69) #17

DevOps - Create Manifest (69)

DevOps - Create Manifest (69) #17

Workflow file for this run

# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
name: PR-checks
on:
push:
branches: ["develop", "feature/VTMDEV-1"]
pull_request:
branches: ["develop", "feature/VTMDEV-1"]
jobs:
build-test:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18.x]
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/
steps:
- uses: actions/checkout@v3
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
cache: "npm"
- name: Install dependencies
run: npm ci
- name: Setup local dynamo
run: npm run tools-setup
- name: Build and test
run: npm run prepush
env:
AWS_ACCESS_KEY_ID: foo
AWS_SECRET_ACCESS_KEY: bar
- name: Run linter
run: npm run lint
scanner:
permissions:
id-token: write
runs-on: X64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.CVS_MGMT_AWS_ROLE }}
aws-region: ${{ secrets.DVSA_AWS_REGION }}
role-session-name: "cvs-tsk-cert-gen-init"
- uses: aws-actions/aws-secretsmanager-get-secrets@v1
with:
secret-ids: sonarqube-gha
parse-json-secrets: true
- name: Install dependencies
run: npm ci
- name: Run SonarQube scanner
run: |
npm run test && \
npm run sonar-scanner -- \
-Dsonar.host.url=${{ env.SONARQUBE_GHA_URL }} \
-Dsonar.token=${{ env.SONARQUBE_GHA_TOKEN }} \
-Dsonar.login=${{ env.SONARQUBE_GHA_TOKEN }} \
-Dsonar.projectName=${{ github.repository }} \
-Dsonar.projectVersion=1.0.${{ github.run_id }}