-
Notifications
You must be signed in to change notification settings - Fork 36
144 lines (127 loc) · 4.93 KB
/
pre-merge-checks-apigw.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
# Pre-merge Checks (for Nodejs/Typescript projects)
# 1. Unit tests with code coverage (jest)
# 2. Code quality analysis (lint)
# 3. Dependency analysis (vulnerabilities)
# 4. Dependency analysis (undesirable licenses)
# 5. Deploy reports generated from the above to GitHub Pages
name: Pre-Merge Checks (ai-verify-apigw)
on:
# Runs when a pull request to main is being assigned
pull_request:
types: [ assigned, synchronize ]
branches:
- 'main'
paths:
- 'ai-verify-apigw/**'
# Run this workflow manually from Actions tab
workflow_dispatch:
# Allow one concurrent deployment
concurrency:
group: ${{ github.repository }}-${{ github.workflow }}
cancel-in-progress: true
jobs:
pre-merge-checks:
# Run only when PR is assigned, even on subsequent commits (i.e. synchronize)
if: (github.event_name == 'pull_request' && github.event.pull_request.assignee != null) || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
timeout-minutes: 40
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
sparse-checkout: |
ai-verify-apigw
# Install dependencies
- name: Setup npm cache/install
uses: actions/setup-node@v3
with:
node-version: 18
cache: 'npm'
cache-dependency-path: ai-verify-apigw
- name: Install dependencies
working-directory: ${{ github.workspace }}/ai-verify-apigw
if: always()
run: |
npm install
npm i -D jest jest-html-reporter jest-json-reporter ts-jest @jest/globals badge-maker
npm i -D eslint eslint-formatter-html @typescript-eslint/eslint-plugin @typescript-eslint/parser
# Unit Tests & Coverage
- name: Unit tests with coverage
working-directory: ${{ github.workspace }}/ai-verify-apigw
if: ${{ ! cancelled() }}
timeout-minutes: 30
run: |
set +e
npm run coverage
exit_code_jest=$?
node ci/createBadges.mjs test
node ci/createBadges.mjs coverage
set -e
if [ $exit_code_jest -ne 0 ]; then
echo "jest failed, exiting..."
exit $exit_code_jest
fi
# eslint
- name: Code quality analysis - lint
working-directory: ${{ github.workspace }}/ai-verify-apigw
if: ${{ ! cancelled() }}
run: |
set +e
npx eslint .
exit_code_lint=$?
npx eslint -f html -o eslint-report.html .
npx eslint -f json -o eslint-report.json .
node ci/createBadges.mjs lint
set -e
if [ $exit_code_lint -ne 0 ]; then
echo "lint failed, exiting..."
exit $exit_code_lint
fi
# npm audit
- name: Dependency analysis - vulnerabilities & licenses
working-directory: ${{ github.workspace }}/ai-verify-apigw
if: ${{ ! cancelled() }}
run: |
set +e
npm audit
exit_code_audit=$?
npm audit --json | npx npm-audit-markdown --output npm-audit-report.md
npx markdown-to-html-cli --source npm-audit-report.md --output npm-audit-report.html -y
npx license-checker --summary --out licenses-found.txt -y
cat licenses-found.txt
node ci/createBadges.mjs dependency
echo -e "License Check Summary for apigw\n" | cat - licenses-found.txt > license-report.txt
node ci/createBadges.mjs license
set -e
if [ $exit_code_audit -ne 0 ]; then
echo "npm audit failed, exiting..."
exit $exit_code_audit
fi
### Publish reports to ci dashboard ###
- name: Checkout dashboard
if: ${{ github.event.pull_request.head.repo.full_name == github.repository && always() }}
uses: actions/checkout@v3
with:
repository: IMDA-BTG/ci-dashboard
token: ${{ secrets.CHECKOUT_TOKEN }}
ref: main
path: check-results
- name: Push results to dashboard
if: ${{ github.event.pull_request.head.repo.full_name == github.repository && always() }}
working-directory: ${{ github.workspace }}/check-results
run: |
set +e
find ../ -type f -name ".gitignore" -exec rm {} +
[ -d "docs/pre-merge/apigw" ] && rm -rf docs/pre-merge/apigw
mkdir -p docs/pre-merge/apigw
mv ../ai-verify-apigw/coverage docs/pre-merge/apigw/
mv ../ai-verify-apigw/*.svg docs/pre-merge/apigw/
mv ../ai-verify-apigw/*.html docs/pre-merge/apigw/
mv ../ai-verify-apigw/*.md docs/pre-merge/apigw/
mv ../ai-verify-apigw/*.txt docs/pre-merge/apigw/
git add docs/pre-merge/apigw
git config user.name "imda-btg"
git config user.email "[email protected]"
git commit -m "feat(apigw) actions publish apigw reports to dashboard"
git push
set -e