[Snyk] Upgrade: react, react-dom #30
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Main pipeline | |
on: | |
push: | |
branches: [ "main" ] | |
pull_request: | |
branches: [ "main" ] | |
jobs: | |
test: | |
name: Test solution | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Use Node.js 21 | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '21' | |
- name: Install dependencies | |
run: npm ci | |
- name: Install Playwright Browsers | |
run: npx playwright install --with-deps | |
- name: Run Playwright tests | |
run: npx playwright test | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
if: ${{ !cancelled() }} | |
with: | |
name: Playwright results | |
path: test-results/ | |
retention-days: 30 | |
analyze: | |
name: Static code analysis | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: SonarCloud Scan | |
uses: sonarsource/[email protected] | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
vulnerability-scan: | |
name: Vulnerability scan | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@master | |
- name: Run Snyk to check for vulnerabilities | |
uses: snyk/actions/node@master | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
deploy: | |
name: Deployment | |
needs: [test, analyze, vulnerability-scan] | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
shell: bash | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Login to Azure Container Registry | |
uses: azure/docker-login@v2 | |
with: | |
login-server: respotify.azurecr.io | |
username: ${{ secrets.ACR_REGISTRY_USERNAME }} | |
password: ${{ secrets.ACR_REGISTRY_PASSWORD }} | |
- name: Build docker image | |
run: docker build . -t respotify.azurecr.io/frontend | |
- name: Deploy | |
run: docker push respotify.azurecr.io/frontend | |
restart-deployment: | |
name: Restart service | |
needs: deploy | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Azure Login | |
uses: Azure/[email protected] | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
- name: Get AKS credentials | |
run: az aks get-credentials --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} --name ${{ secrets.AZURE_CLUSTER_NAME }} --overwrite-existing | |
- name: Restart deployment | |
run: kubectl rollout restart deployment/frontend -n ingress-nginx | |
continue-on-error: true #If aks cluster is not available, the pipeline should not fail | |