Skip to content

🚨 [security] Update express 4.21.1 → 4.21.2 (patch) #679

🚨 [security] Update express 4.21.1 → 4.21.2 (patch)

🚨 [security] Update express 4.21.1 → 4.21.2 (patch) #679

Workflow file for this run

name: Test & Release
on:
push:
branches-ignore:
- 'gh-pages'
- 'depfu/**'
- 'dependabot/**'
- 'template-updater/**'
pull_request: null
jobs:
tests:
name: Unit Tests
runs-on: ubuntu-latest
if: github.repository != 'sebbo2002/js-template' && (contains(toJson(github.event.commits.*.message), '[skip ci]') == false || github.ref == 'refs/heads/main')
strategy:
matrix:
node: [18.x, 20.x, 22.x, current]
steps:
- name: ☁️ Checkout Project
uses: actions/checkout@v4
- name: 🔧 Setup node.js
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
cache: 'npm'
- name: 📦 Install dependencies
run: npm ci
- name: ⏳ Run tests
run: npm run test
coverage:
name: Code Coverage / Lint
runs-on: ubuntu-latest
if: github.repository != 'sebbo2002/js-template' && (contains(toJson(github.event.commits.*.message), '[skip ci]') == false || github.ref == 'refs/heads/main')
steps:
- name: ☁️ Checkout Project
uses: actions/checkout@v4
- name: 🔧 Setup node.js
uses: actions/setup-node@v4
with:
node-version: 22.x
cache: 'npm'
- name: 📦 Install dependencies
run: npm ci
- name: 🔍 Run linter
run: npm run lint
- name: ⚙️ Build project
run: npm run build-all
license-checker:
name: License Checker
runs-on: ubuntu-latest
if: contains(toJson(github.event.commits.*.message), '[skip ci]') == false || github.ref == 'refs/heads/main'
steps:
- name: ☁️ Checkout Project
uses: actions/checkout@v4
- name: 🔧 Setup node.js
uses: actions/setup-node@v4
with:
cache: 'npm'
- name: 📦 Install dependencies
run: npm ci
- name: 🕵️‍♀️ Run license checker
run: npm run license-check
docker-image:
name: Build Docker Image
runs-on: ubuntu-latest
env:
PUSH_TO_DOCKERHUB: ${{ (github.repository != 'sebbo2002/js-template') && (secrets.DOCKERHUB_TOKEN != null) }}
steps:
- name: ☁️ Checkout
uses: actions/checkout@v4
- name: 🔧 Set up QEMU
uses: docker/setup-qemu-action@v3
- name: 🔧 Set up Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: 🔐 Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: 🔐 Login to DockerHub
uses: docker/login-action@v3
if: ${{ env.PUSH_TO_DOCKERHUB == 'true' }}
with:
username: ${{ github.repository_owner }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: ℹ️ Set Build Variables
id: buildVars
run: echo "date=$(date +'%Y-%m-%d %H:%M:%S')" >> $GITHUB_OUTPUT
- name: 🔧 Setup node.js
uses: actions/setup-node@v4
with:
cache: 'npm'
- name: 📦 Install dependencies
run: npm ci
- name: ⚙️ Build project
run: npm run build
- name: 🪄 Build and push
uses: docker/build-push-action@v6
continue-on-error: true
id: docker-build-1
with:
context: .
github-token: ${{ secrets.GITHUB_TOKEN }}
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
pull: true
push: true
tags: |
ghcr.io/${{ github.repository }}:${{ github.sha }}
ghcr.io/${{ github.repository }}:cache-${{ hashFiles('package*.json') }}
labels: |
org.opencontainers.image.authors=${{ github.repository_owner }}
org.opencontainers.image.created=${{ steps.buildVars.outputs.date }}
org.opencontainers.image.ref.name=${{ github.ref }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}
cache-from: |
ghcr.io/${{ github.repository }}:cache-${{ hashFiles('package*.json') }}
ghcr.io/${{ github.repository }}:next
- name: 🪄 Build and push (second try)
uses: docker/build-push-action@v6
continue-on-error: true
if: steps.docker-build-1.outcome=='failure'
id: docker-build-2
with:
context: .
github-token: ${{ secrets.GITHUB_TOKEN }}
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
pull: true
push: true
tags: |
ghcr.io/${{ github.repository }}:${{ github.sha }}
ghcr.io/${{ github.repository }}:cache-${{ hashFiles('package*.json') }}
labels: |
org.opencontainers.image.authors=${{ github.repository_owner }}
org.opencontainers.image.created=${{ steps.buildVars.outputs.date }}
org.opencontainers.image.ref.name=${{ github.ref }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}
cache-from: |
ghcr.io/${{ github.repository }}:cache-${{ hashFiles('package*.json') }}
ghcr.io/${{ github.repository }}:next
- name: 🪄 Build and push (third try)
uses: docker/build-push-action@v6
if: steps.docker-build-2.outcome=='failure'
continue-on-error: true
id: docker-build-3
with:
context: .
github-token: ${{ secrets.GITHUB_TOKEN }}
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
pull: true
push: true
tags: |
ghcr.io/${{ github.repository }}:${{ github.sha }}
ghcr.io/${{ github.repository }}:cache-${{ hashFiles('package*.json') }}
labels: |
org.opencontainers.image.authors=${{ github.repository_owner }}
org.opencontainers.image.created=${{ steps.buildVars.outputs.date }}
org.opencontainers.image.ref.name=${{ github.ref }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}
cache-from: |
ghcr.io/${{ github.repository }}:cache-${{ hashFiles('package*.json') }}
ghcr.io/${{ github.repository }}:next
cache-to: type=inline
- name: 🪄 Build and push (Summary)
if: always()
id: docker-build
run: |
if ${{ steps.docker-build-1.outcome=='success' }}; then
echo "🎉 Whoop whoop, that worked (first try)"
echo "digest=${{ steps.docker-build-1.outputs.digest }}" >> $GITHUB_OUTPUT
elif ${{ steps.docker-build-2.outcome=='success' }}; then
echo "🎉 Whoop whoop, that worked (second try)"
echo "digest=${{ steps.docker-build-2.outputs.digest }}" >> $GITHUB_OUTPUT
elif ${{ steps.docker-build-3.outcome=='success' }}; then
echo "🎉 Whoop whoop, that worked (third try)"
echo "digest=${{ steps.docker-build-3.outputs.digest }}" >> $GITHUB_OUTPUT
else
exit 1
fi
- name: 🔄 Push container to DockerHub
id: docker-build-dh
if: ${{ env.PUSH_TO_DOCKERHUB == 'true' }}
uses: docker/build-push-action@v6
with:
context: .
github-token: ${{ secrets.GITHUB_TOKEN }}
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
push: true
tags: |
${{ github.repository }}:${{ github.sha }}
labels: |
org.opencontainers.image.authors=${{ github.repository_owner }}
org.opencontainers.image.created=${{ steps.buildVars.outputs.date }}
org.opencontainers.image.ref.name=${{ github.ref }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}
cache-from: |
ghcr.io/${{ github.repository }}:${{ github.sha }}
ghcr.io/${{ github.repository }}:cache-${{ hashFiles('package*.json') }}
cache-to: type=inline
- name: 🏁 Boot-up Check
if: github.repository != 'sebbo2002/js-template'
run: |
docker run --name "app" -d $IMAGE
sleep 5
docker logs app
docker exec app echo "Ok."
docker stop app
docker rm app
env:
IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }}
outputs:
digest-gh: ${{ steps.docker-build.outputs.digest }}
digest-dh: ${{ steps.docker-build-dh.outputs.digest }}
release:
name: Release
runs-on: ubuntu-latest
concurrency: release
env:
PUSH_TO_DOCKERHUB: ${{ (github.repository != 'sebbo2002/js-template') && (secrets.DOCKERHUB_TOKEN != null) }}
permissions:
contents: write
issues: write
packages: write
pull-requests: write
id-token: write
needs:
- coverage
- tests
- license-checker
- docker-image
if: ${{ github.repository != 'sebbo2002/js-template' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop') }}
steps:
- name: ☁️ Checkout Project
uses: actions/checkout@v4
- name: 🔧 Setup node.js
uses: actions/setup-node@v4
with:
node-version: 22.x
cache: 'npm'
- name: 🔧 Setup regclient
run: |
mkdir -p "$HOME/.local/bin"
curl -L https://github.com/regclient/regclient/releases/latest/download/regctl-linux-amd64 > "$HOME/.local/bin/regctl"
chmod +x "$HOME/.local/bin/regctl"
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: 📦 Install dependencies
run: npm ci
- name: 📂 Create docs folder
run: mkdir ./docs
- name: 🔐 Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: 🔐 Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ github.repository_owner }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: 🪄 Run semantic-release
run: BRANCH=${GITHUB_REF#refs/heads/} npx semantic-release
env:
GH_REPO: ${{ github.repository }}
GH_TOKEN: ${{ secrets.GH_TOKEN }}
GH_OWNER: ${{ github.repository_owner }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_CONFIG_PROVENANCE: true
DOCKER_LOCAL_IMAGE_GH: ghcr.io/${{ github.repository }}:${{ github.sha }}
DOCKER_LOCAL_IMAGE_DH: ${{ github.repository }}:${{ github.sha }}
- name: 🔃 Merge main back into develop
if: ${{ github.ref == 'refs/heads/main' }}
uses: everlytic/[email protected]
with:
github_token: ${{ secrets.GH_TOKEN }}
source_ref: 'main'
target_branch: 'develop'
commit_message_template: 'Merge branch {source_ref} into {target_branch} [skip ci]'