Merge pull request #168 from noctua84/dependabot/npm_and_yarn/develop… #159
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Development workflow for this repository. | |
| # It runs the following Jobs: | |
| # 1. Linting (ESLint) | |
| # 2. Formatting (Prettier) | |
| # 3. Unit Tests | |
| # 4. Integration Tests | |
| name: CI Development Pipeline | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| - feature/* | |
| jobs: | |
| # This job will run the linting (ESLint). | |
| # Any linting errors will be attempted to be fixed by the formatting job. | |
| # If there are any changes, they will be committed and pushed to the repository. | |
| linting: | |
| name: Linting (ESLint) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 18 | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: linting | |
| run: npm run lint | |
| - name: Check if code has changed | |
| id: check_lint_changes | |
| run: git diff --quiet HEAD -- || echo "::set-output name=changed::true" | |
| - name: Persist changes in code | |
| if: steps.check_lint_changes.outputs.changed == 'true' | |
| run: | | |
| git add . | |
| git config user.name "GitHub Actions" | |
| git config user.email "[email protected]" | |
| git commit -m "chore(eslint): Fix linting errors" | |
| git push | |
| # This job will run the formatting (Prettier). | |
| # Any formatting errors will be attempted to be fixed by the formatting job. | |
| # If there are any changes, they will be committed and pushed to the repository. | |
| formatting: | |
| name: Formatting (Prettier) | |
| runs-on: ubuntu-latest | |
| needs: linting | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Pull latest changes | |
| run: git pull | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 18 | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: formatting | |
| run: npm run format | |
| - name: Check if code has changed | |
| id: check_formatting_changes | |
| run: git diff --quiet HEAD -- || echo "::set-output name=changed::true" | |
| - name: Persist changes in code | |
| if: steps.check_formatting_changes.outputs.changed == 'true' | |
| run: | | |
| git add . | |
| git config user.name "GitHub Actions" | |
| git config user.email "[email protected]" | |
| git commit -m "chore(prettier): Fix linting errors" | |
| git push | |
| # This job will run the unit tests. | |
| unit_tests: | |
| name: Unit Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 18 | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: unit testing | |
| run: npm test | |
| # This job will run the integration tests. | |
| # These tests do not require a separate running instance of the application. | |
| e2e_tests: | |
| name: End to End Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 18 | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: End to End Tests | |
| env: | |
| ENABLE_METRICS: true | |
| ENABLE_HEALTH_CHECK: true | |
| DATABASE_URL: "postgresql://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=public" | |
| run: | | |
| npm run prisma:generate | |
| npm run test:e2e | |
| # This job will run the SonarCloud analysis. | |
| sonarcloud: | |
| name: SonarCloud | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 18 | |
| - name: Install Dependencies | |
| run: npm ci | |
| - name: SonarCloud Scan | |
| uses: sonarsource/sonarcloud-github-action@master | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| # This job will test the Dockerfile for errors | |
| # It uses hadolint to lint the Dockerfile and trivy plus docker scan to scan the image for vulnerabilities. | |
| docker: | |
| name: Docker Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Lint Dockerfile | |
| uses: hadolint/[email protected] | |
| with: | |
| dockerfile: docker/Dockerfile | |
| - name: Build Docker Image | |
| run: docker build --no-cache --file docker/Dockerfile --target production --tag nestjs-sandbox:${GITHUB_SHA} . | |
| - name: Scan Docker Image with Trivy | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| image-ref: "nestjs-sandbox:${{ github.sha }}" | |
| exit-code: 1 | |
| vuln-type: "os,library" | |
| format: "table" | |
| ignore-unfixed: true | |
| severity: "CRITICAL,HIGH" | |
| # This job will generate and persist the ERD diagram. | |
| erd: | |
| name: ERD Diagram | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 18 | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Generate ERD Diagram | |
| run: npm run prisma:generate | |
| - name: Check if ERD file has changed | |
| id: check_erd_changes | |
| run: git diff --quiet HEAD -- || echo "::set-output name=changed::true" | |
| - name: Persist changes in code | |
| if: steps.check_erd_changes.outputs.changed == 'true' | |
| run: | | |
| git add . | |
| git config user.name "GitHub Actions" | |
| git config user.email "[email protected]" | |
| git commit -m "chore(eslint): Update ERD diagram" | |
| git push |