fix(deps): update dependency vite to v5.2.14 [security] (#4381) #2411
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pipeline development and production | |
| on: | |
| push: | |
| branches: | |
| - master | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| uses: ./.github/workflows/reusable-test.yml | |
| with: | |
| environment-name: Development | |
| secrets: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| CRN_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.CRN_INTEGRATION_TESTS_ACCESS_TOKEN }} | |
| CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.CRN_INTEGRATION_TESTS_PREVIEW_ACCESS_TOKEN }} | |
| build-images: | |
| uses: ./.github/workflows/reusable-build-images.yml | |
| build-development: | |
| uses: ./.github/workflows/reusable-build.yml | |
| with: | |
| environment-name: Development | |
| crn-contentful-env: Development | |
| gp2-contentful-env: Development | |
| secrets: | |
| ACTIVE_CAMPAIGN_TOKEN: ${{ secrets.ACTIVE_CAMPAIGN_TOKEN }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| CRN_AUTH0_SHARED_SECRET: ${{ secrets.CRN_AUTH0_SHARED_SECRET }} | |
| CRN_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_ACCESS_TOKEN }} | |
| CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN }} | |
| CRN_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN: ${{ secrets.CRN_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN }} | |
| CRN_OPENAI_API_KEY: ${{ secrets.CRN_OPENAI_API_KEY }} | |
| GP2_AUTH0_SHARED_SECRET: ${{ secrets.GP2_AUTH0_SHARED_SECRET }} | |
| GP2_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_ACCESS_TOKEN }} | |
| GP2_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_PREVIEW_ACCESS_TOKEN }} | |
| GP2_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN: ${{ secrets.GP2_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN }} | |
| GP2_OPENAI_API_KEY: ${{ secrets.GP2_OPENAI_API_KEY }} | |
| SLACK_WEBHOOK: 'n-a' | |
| build-analysis-development: | |
| needs: [build-development] | |
| uses: ./.github/workflows/reusable-build-analysis.yml | |
| with: | |
| environment-name: Development | |
| secrets: | |
| BUNDLEWATCH_GITHUB_TOKEN: ${{ secrets.BUNDLEWATCH_GITHUB_TOKEN }} | |
| build-production: | |
| uses: ./.github/workflows/reusable-build.yml | |
| with: | |
| environment-name: Production | |
| crn-contentful-env: Production | |
| gp2-contentful-env: Production | |
| secrets: | |
| ACTIVE_CAMPAIGN_TOKEN: ${{ secrets.ACTIVE_CAMPAIGN_TOKEN }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN}} | |
| CRN_AUTH0_SHARED_SECRET: ${{ secrets.CRN_AUTH0_SHARED_SECRET }} | |
| CRN_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_ACCESS_TOKEN }} | |
| CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN }} | |
| CRN_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN: ${{ secrets.CRN_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN }} | |
| CRN_OPENAI_API_KEY: ${{ secrets.CRN_OPENAI_API_KEY }} | |
| GP2_AUTH0_SHARED_SECRET: ${{ secrets.GP2_AUTH0_SHARED_SECRET }} | |
| GP2_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_ACCESS_TOKEN }} | |
| GP2_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_PREVIEW_ACCESS_TOKEN }} | |
| GP2_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN: ${{ secrets.GP2_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN }} | |
| GP2_OPENAI_API_KEY: ${{ secrets.GP2_OPENAI_API_KEY }} | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
| build-analysis-production: | |
| needs: [build-production] | |
| uses: ./.github/workflows/reusable-build-analysis.yml | |
| with: | |
| environment-name: Production | |
| secrets: | |
| BUNDLEWATCH_GITHUB_TOKEN: ${{ secrets.BUNDLEWATCH_GITHUB_TOKEN }} | |
| deployment-development: | |
| needs: [test, build-analysis-development] | |
| uses: ./.github/workflows/reusable-deployment.yml | |
| with: | |
| environment-name: Development | |
| crn-contentful-env: Development | |
| gp2-contentful-env: Development | |
| secrets: | |
| ACTIVE_CAMPAIGN_TOKEN: ${{ secrets.ACTIVE_CAMPAIGN_TOKEN }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN }} | |
| CRN_AUTH0_SHARED_SECRET: ${{ secrets.CRN_AUTH0_SHARED_SECRET }} | |
| CRN_CI_AUTH0_CLIENT_SECRET: ${{ secrets.CRN_CI_AUTH0_CLIENT_SECRET }} | |
| CRN_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_ACCESS_TOKEN }} | |
| CRN_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN: ${{ secrets.CRN_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN }} | |
| CRN_OPENAI_API_KEY: ${{ secrets.CRN_OPENAI_API_KEY }} | |
| GP2_AUTH0_SHARED_SECRET: ${{ secrets.GP2_AUTH0_SHARED_SECRET }} | |
| GP2_CI_AUTH0_CLIENT_SECRET: ${{ secrets.GP2_CI_AUTH0_CLIENT_SECRET }} | |
| GP2_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_ACCESS_TOKEN }} | |
| GP2_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_PREVIEW_ACCESS_TOKEN }} | |
| GP2_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN: ${{ secrets.GP2_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN }} | |
| GP2_OPENAI_API_KEY: ${{ secrets.GP2_OPENAI_API_KEY }} | |
| SLACK_WEBHOOK: 'n-a' | |
| crn-contentful-migrate-empty: | |
| needs: [deployment-development] | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/yldio/asap-hub/node-python-sq:7b77d99657ab3718ed548ba366ffbcbb15315fd8 | |
| credentials: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setup | |
| id: setup | |
| uses: ./.github/actions/setup-environment | |
| with: | |
| environment-name: Development | |
| - name: Run Contentful migrations | |
| run: | | |
| yarn contentful:migration:run:crn | |
| env: | |
| CONTENTFUL_ENV_ID: Empty | |
| CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| CONTENTFUL_SPACE_ID: ${{ steps.setup.outputs.crn-contentful-space-id }} | |
| algolia-sync-development-crn: | |
| needs: [deployment-development] | |
| uses: ./.github/workflows/reusable-crn-algolia-sync.yml | |
| with: | |
| environment-name: Development | |
| contentful-environment-id: Development | |
| entity: all | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| CRN_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_ACCESS_TOKEN }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| algolia-sync-development-gp2: | |
| needs: [deployment-development] | |
| uses: ./.github/workflows/reusable-gp2-algolia-sync.yml | |
| with: | |
| environment-name: Development | |
| contentful-environment-id: Development | |
| entity: all | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| GP2_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_ACCESS_TOKEN }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| verify-development: | |
| needs: | |
| [ | |
| deployment-development, | |
| algolia-sync-development-crn, | |
| algolia-sync-development-gp2, | |
| ] | |
| uses: ./.github/workflows/reusable-verify.yml | |
| with: | |
| environment-name: Development | |
| secrets: | |
| FRONTEND_SENTRY_RELEASE_AUTH_TOKEN: ${{ secrets.FRONTEND_SENTRY_RELEASE_AUTH_TOKEN }} | |
| deployment-production: | |
| needs: [build-analysis-production, verify-development] | |
| uses: ./.github/workflows/reusable-deployment.yml | |
| with: | |
| environment-name: Production | |
| crn-contentful-env: Production | |
| gp2-contentful-env: Production | |
| secrets: | |
| ACTIVE_CAMPAIGN_TOKEN: ${{ secrets.ACTIVE_CAMPAIGN_TOKEN }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| CRN_AUTH0_SHARED_SECRET: ${{ secrets.CRN_AUTH0_SHARED_SECRET }} | |
| CRN_CI_AUTH0_CLIENT_SECRET: ${{ secrets.CRN_CI_AUTH0_CLIENT_SECRET }} | |
| CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_PREVIEW_ACCESS_TOKEN }} | |
| CRN_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_ACCESS_TOKEN }} | |
| CRN_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN: ${{ secrets.CRN_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN }} | |
| CRN_OPENAI_API_KEY: ${{ secrets.CRN_OPENAI_API_KEY }} | |
| GP2_AUTH0_SHARED_SECRET: ${{ secrets.GP2_AUTH0_SHARED_SECRET }} | |
| GP2_CI_AUTH0_CLIENT_SECRET: ${{ secrets.GP2_CI_AUTH0_CLIENT_SECRET }} | |
| GP2_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_ACCESS_TOKEN }} | |
| GP2_CONTENTFUL_PREVIEW_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_PREVIEW_ACCESS_TOKEN }} | |
| GP2_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN: ${{ secrets.GP2_CONTENTFUL_WEBHOOK_AUTHENTICATION_TOKEN }} | |
| GP2_OPENAI_API_KEY: ${{ secrets.GP2_OPENAI_API_KEY }} | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
| algolia-sync-production-crn: | |
| needs: [deployment-production] | |
| uses: ./.github/workflows/reusable-crn-algolia-sync.yml | |
| with: | |
| environment-name: Production | |
| entity: all | |
| contentful-environment-id: Production | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| CRN_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.CRN_CONTENTFUL_ACCESS_TOKEN }} | |
| algolia-sync-production-gp2: | |
| needs: [deployment-production] | |
| uses: ./.github/workflows/reusable-gp2-algolia-sync.yml | |
| with: | |
| environment-name: Production | |
| entity: all | |
| contentful-environment-id: Production | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| CONTENTFUL_MANAGEMENT_TOKEN: ${{ secrets.CONTENTFUL_MANAGEMENT_TOKEN }} | |
| GP2_CONTENTFUL_ACCESS_TOKEN: ${{ secrets.GP2_CONTENTFUL_ACCESS_TOKEN }} | |
| verify-production: | |
| needs: | |
| [ | |
| deployment-production, | |
| algolia-sync-production-crn, | |
| algolia-sync-production-gp2, | |
| ] | |
| uses: ./.github/workflows/reusable-verify.yml | |
| with: | |
| environment-name: Production | |
| secrets: | |
| FRONTEND_SENTRY_RELEASE_AUTH_TOKEN: ${{ secrets.FRONTEND_SENTRY_RELEASE_AUTH_TOKEN }} | |
| notify_failure: | |
| runs-on: ubuntu-latest | |
| needs: | |
| [ | |
| test, | |
| build-images, | |
| build-development, | |
| build-analysis-development, | |
| build-production, | |
| build-analysis-production, | |
| deployment-development, | |
| verify-development, | |
| deployment-production, | |
| verify-production, | |
| ] | |
| if: failure() | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - uses: ./.github/actions/slack/ | |
| with: | |
| message: 'Build failed on master branch!' | |
| webhook: ${{ secrets.SLACK_WEBHOOK }} | |
| status: failure | |
| master-pipeline-success: | |
| runs-on: ubuntu-latest | |
| needs: [verify-production, build-images] | |
| if: success() | |
| environment: | |
| name: Development | |
| url: ${{ steps.setup.outputs.crn-app-url }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setup | |
| id: setup | |
| uses: ./.github/actions/setup-environment | |
| with: | |
| environment-name: Production | |
| - name: Print success | |
| run: | | |
| echo "Pipeline development and production successful." |