[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #979
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | Test | Analyze | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| - graphql | |
| pull_request: | |
| branches: | |
| - develop | |
| jobs: | |
| #----------------------------------------- | |
| # Build | |
| #----------------------------------------- | |
| build: | |
| runs-on: ubuntu-latest | |
| name: Build | |
| strategy: | |
| matrix: | |
| node-version: [ 10.x, 12.x, 14.x] | |
| steps: | |
| - uses: actions/checkout@v2 | |
| # Set up Node | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/[email protected] | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'yarn' | |
| # Restore cache | |
| - name: Restore frontend cache Node.js modules | |
| uses: actions/cache@v2 | |
| with: | |
| path: 'node_modules' | |
| key: ${{ runner.os }}-${{ matrix.node-version }}-fe-modules-${{ hashFiles('**/yarn.lock') }} | |
| - name: Restore backend cache Node.js modules | |
| uses: actions/cache@v2 | |
| with: | |
| path: 'server/node_modules' | |
| key: ${{ runner.os }}-${{ matrix.node-version }}-be-modules-${{ hashFiles('**/yarn.lock') }} | |
| # Build client | |
| - name: Build client | |
| run: chmod +x cli/cli.sh && ./cli/cli.sh build --frontend --analyze | |
| # Build server | |
| - name: Build server | |
| run: ./cli/cli.sh build --backend | |
| # Save build for later | |
| - name: Upload build | |
| uses: actions/[email protected] | |
| with: | |
| name: build-${{ matrix.node-version }}-frontend | |
| path: build | |
| - name: Upload build | |
| uses: actions/[email protected] | |
| with: | |
| name: build-${{ matrix.node-version }}-backend | |
| path: server/build | |
| # Save Eslint Analysis fron Sonar | |
| - name: Upload analysis | |
| uses: actions/[email protected] | |
| with: | |
| name: analysis-${{ matrix.node-version }} | |
| path: analysis | |
| #----------------------------------------- | |
| # Unit Test | |
| # Frontend | |
| unit-test-frontend: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| name: Unit tests frontend | |
| steps: | |
| - uses: actions/checkout@v2 | |
| # Set up Node | |
| - name: Use Node.js 14 | |
| uses: actions/[email protected] | |
| with: | |
| node-version: 14 | |
| cache: 'yarn' | |
| # Restore cache | |
| - name: Restore frontend cache Node.js modules | |
| uses: actions/cache@v2 | |
| with: | |
| path: 'node_modules' | |
| key: ${{ runner.os }}-12-fe-modules-${{ hashFiles('yarn.lock') }} | |
| # Install dependencies | |
| - name: Install dependencies | |
| if: steps.node-cache.outputs.cache-hit != 'true' | |
| run: yarn install --frozen-lockfile | |
| # unit test | |
| - name: Unit Tests Frontend | |
| run: yarn run CRA:test:coverage | |
| # Save coverage for sonar | |
| - name: Upload build | |
| uses: actions/[email protected] | |
| with: | |
| name: coverage-frontend | |
| path: coverage | |
| # Backend | |
| unit-test-backend: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| name: Unit tests backend | |
| if: ${{ 1==2 }} | |
| steps: | |
| - uses: actions/checkout@v2 | |
| # Set up Node | |
| - name: Use Node.js 14 | |
| uses: actions/[email protected] | |
| with: | |
| node-version: 14 | |
| cache: 'yarn' | |
| # Restore cache | |
| - name: Restore backend cache Node.js modules | |
| uses: actions/cache@v2 | |
| with: | |
| path: 'server/node_modules' | |
| key: ${{ runner.os }}-12-be-modules-${{ hashFiles('server/yarn.lock') }} | |
| # Install dependencies | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile && cd server && yarn install | |
| # unit test | |
| - name: Unit Tests Backend | |
| run: cd server && yarn run test:unit:coverage | |
| env: | |
| SERVER_PORT: 5001 | |
| ORIGIN_WHITE_LIST: 'http://localhost:5000;http://localhost:5001' | |
| SERVER_FORCE: true | |
| SERVER_TOKEN_EXPIRES_IN: 2h | |
| SERVER_SECRET: 'This_Is_Not_The_Real_Secret' | |
| SERVER_HASH: 'This_Is_Not_The_Real_Hash' | |
| STATIC_CONTENTS_CACHE: 10000 | |
| DATABASE_URL: ${{ secrets.DATABASE_URL }} | |
| DATABASE_SCHEMA: test | |
| REDISCLOUD_URL: ${{ secrets.REDISCLOUD_URL }} | |
| REDISCLOUD_PASSWORD: ${{ secrets.REDISCLOUD_PASSWORD }} | |
| REDISCLOUD_DB: ${{ secrets.REDISCLOUD_DB }} | |
| MONGODB_URI: ${{ secrets.MONGODB_URI }} | |
| # Save coverage for sonar | |
| - name: Upload build | |
| uses: actions/[email protected] | |
| with: | |
| name: coverage-backend | |
| path: server/coverage | |
| #----------------------------------------- | |
| # Code Quality ( Sonarcloud ) | |
| #----------------------------------------- | |
| analyze: | |
| runs-on: ubuntu-latest | |
| # needs: [build, unit-test-frontend, unit-test-backend] | |
| needs: [build, unit-test-frontend] | |
| name: Code Quality | |
| continue-on-error: true | |
| steps: | |
| # Download Analysis, Coverage Frontend and Backend | |
| - name: Download analysis | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: analysis-14.x | |
| path: analysis | |
| - name: Download coverage frontend | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: coverage-frontend | |
| path: coverage | |
| # - name: Download coverage backend | |
| # uses: actions/download-artifact@v2 | |
| # with: | |
| # name: coverage-backend | |
| # path: server/coverage | |
| # https://github.com/marketplace/actions/sonarcloud-scan | |
| - name: SonarCloud Scan | |
| uses: sonarsource/sonarcloud-github-action@master | |
| with: | |
| projectBaseDir: /home/runner/work/calcetto/calcetto | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |