Add OSSF Scorecard #525
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
jobs: | |
security-audit: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout source | |
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 | |
- name: Set up Node.js | |
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 | |
with: | |
node-version: 18 | |
- name: Report known vulnerabilities | |
run: npm audit | |
test-with-node: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout source | |
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 | |
- name: Set up Node.js | |
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 | |
with: | |
node-version: 18 | |
registry-url: https://registry.npmjs.org/ | |
- name: Install latest npm | |
run: npm install -g npm@latest | |
- name: Install dependencies | |
run: npm ci | |
- name: Build all workspace packages | |
run: npm run build | |
- name: Run linter for all packages | |
run: npm run lint --ws | |
- name: Start dwn-server container | |
run: cd packages/dev-env && docker-compose up -d | |
- name: Wait for dwn-server to be ready | |
run: until curl -sf http://localhost:3000/health; do echo -n .; sleep .1; done | |
- name: Run tests for all packages | |
run: npm run test:node --ws -- --color | |
env: | |
TEST_DWN_URL: http://localhost:3000 | |
- name: Upload test coverage to Codecov | |
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
test-with-browsers: | |
# Run browser tests using macOS so that WebKit tests don't fail under a Linux environment | |
runs-on: macos-latest | |
steps: | |
- name: Checkout source | |
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 | |
- name: Set up Node.js | |
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 | |
with: | |
node-version: 18 | |
registry-url: https://registry.npmjs.org/ | |
- name: Install latest npm | |
run: npm install -g npm@latest | |
- name: Install dependencies | |
run: npm ci | |
- name: Install Playwright Browsers | |
run: npx playwright install --with-deps | |
- name: Build all workspace packages | |
run: npm run build | |
- name: Install docker | |
run: brew install docker && brew install docker-compose # && colima start | |
- name: Start docker | |
run: colima start | |
- name: Start dwn-server container | |
run: cd packages/dev-env && docker-compose up -d | |
- name: Wait for dwn-server to be ready | |
run: until curl -sf http://localhost:3000/health; do echo -n .; sleep .1; done | |
- name: Run tests for all packages | |
run: npm run test:browser --ws -- --color | |
env: | |
TEST_DWN_URL: http://localhost:3000 |