Merge pull request #3 from eduardocerqueira/dev

CI improvements
eduardocerqueira · Oct 5, 2024 · eeb9db9 · eeb9db9
2 parents 469387f + 8d52cef
commit eeb9db9
Show file tree

Hide file tree

Showing 8 changed files with 1,064 additions and 71 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,87 @@
+name: CI PR Check
+
+on:
+  push:
+    branches:
+      - main
+      - dev
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # setup node env
+      - name: Set up Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: npm install
+
+        # run tests
+      - name: Run tests
+        run: npm test
+
+  security-scan:
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # setup node env
+      - name: Set up Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run security audit
+        run: npm audit --production --json > audit.json || true
+
+      - name: report code vulnerabilities
+        run: |
+          if [ -s audit.json ]; then
+            echo "Vulnerabilities found:"
+            cat audit.json
+          fi
+
+  build-container:
+    needs: [build, security-scan]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      # Step 3: Log in to Docker Hub (Optional)
+      # Uncomment this section if you're pushing the image to Docker Hub. 
+      # Replace DOCKER_USERNAME and DOCKER_PASSWORD with your Docker credentials as GitHub secrets.
+      # - name: Log in to Docker Hub
+      #   uses: docker/login-action@v3
+      #   with:
+      #     username: ${{ secrets.DOCKER_USERNAME }}
+      #     password: ${{ secrets.DOCKER_PASSWORD }}
+
+      # Step 4: Build the Docker image
+      - name: Build Docker image
+        run: |
+          docker build -t node-login-app .
+
+      # Step 5: (Optional) Push the Docker image to Docker Hub
+      # Uncomment if you want to push the image to Docker Hub
+      # - name: Push Docker image to Docker Hub
+      #   run: |
+      #     docker tag node-login-app:latest your-docker-username/node-login-app:latest
+      #     docker push your-docker-username/node-login-app:latest
diff --git a/.github/workflows/docker-image-build.yml b/.github/workflows/docker-image-build.yml
diff --git a/audit.json b/audit.json
@@ -0,0 +1,95 @@
+{
+  "auditReportVersion": 2,
+  "vulnerabilities": {
+    "cookie": {
+      "name": "cookie",
+      "severity": "low",
+      "isDirect": false,
+      "via": [
+        {
+          "source": 1099846,
+          "name": "cookie",
+          "dependency": "cookie",
+          "title": "cookie accepts cookie name, path, and domain with out of bounds characters",
+          "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x",
+          "severity": "low",
+          "cwe": [
+            "CWE-74"
+          ],
+          "cvss": {
+            "score": 0,
+            "vectorString": null
+          },
+          "range": "<0.7.0"
+        }
+      ],
+      "effects": [
+        "express",
+        "express-session"
+      ],
+      "range": "<0.7.0",
+      "nodes": [
+        "node_modules/cookie"
+      ],
+      "fixAvailable": {
+        "name": "express-session",
+        "version": "1.0.0",
+        "isSemVerMajor": true
+      }
+    },
+    "express": {
+      "name": "express",
+      "severity": "low",
+      "isDirect": true,
+      "via": [
+        "cookie"
+      ],
+      "effects": [],
+      "range": ">=3.0.0-alpha1",
+      "nodes": [
+        "node_modules/express"
+      ],
+      "fixAvailable": {
+        "name": "express",
+        "version": "2.5.11",
+        "isSemVerMajor": true
+      }
+    },
+    "express-session": {
+      "name": "express-session",
+      "severity": "low",
+      "isDirect": true,
+      "via": [
+        "cookie"
+      ],
+      "effects": [],
+      "range": ">=1.0.1",
+      "nodes": [
+        "node_modules/express-session"
+      ],
+      "fixAvailable": {
+        "name": "express-session",
+        "version": "1.0.0",
+        "isSemVerMajor": true
+      }
+    }
+  },
+  "metadata": {
+    "vulnerabilities": {
+      "info": 0,
+      "low": 3,
+      "moderate": 0,
+      "high": 0,
+      "critical": 0,
+      "total": 3
+    },
+    "dependencies": {
+      "prod": 89,
+      "dev": 303,
+      "optional": 1,
+      "peer": 1,
+      "peerOptional": 0,
+      "total": 392
+    }
+  }
+}
diff --git a/coverage/clover.xml b/coverage/clover.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<coverage generated="1728106324568" clover="3.2.0">
-  <project timestamp="1728106324568" name="All files">
+<coverage generated="1728108710895" clover="3.2.0">
+  <project timestamp="1728108710895" name="All files">
     <metrics statements="46" coveredstatements="26" conditionals="12" coveredconditionals="3" methods="8" coveredmethods="2" elements="66" coveredelements="31" complexity="0" loc="46" ncloc="46" packages="1" files="1" classes="1"/>
     <file name="app.js" path="/Users/ecerquei/git/bootstrap-express-app/app.js">
       <metrics statements="46" coveredstatements="26" conditionals="12" coveredconditionals="3" methods="8" coveredmethods="2"/>

diff --git a/coverage/lcov-report/app.js.html b/coverage/lcov-report/app.js.html
@@ -373,7 +373,7 @@ <h1><a href="index.html">All files</a> app.js</h1>
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank" rel="noopener noreferrer">istanbul</a>
-                at 2024-10-05T05:32:04.558Z
+                at 2024-10-05T06:11:50.888Z
             </div>
         <script src="prettify.js"></script>
         <script>

diff --git a/coverage/lcov-report/index.html b/coverage/lcov-report/index.html
@@ -101,7 +101,7 @@ <h1>All files</h1>
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank" rel="noopener noreferrer">istanbul</a>
-                at 2024-10-05T05:32:04.558Z
+                at 2024-10-05T06:11:50.888Z
             </div>
         <script src="prettify.js"></script>
         <script>