Skip to content

[Snyk] Fix for 9 vulnerabilities #344

[Snyk] Fix for 9 vulnerabilities

[Snyk] Fix for 9 vulnerabilities #344

Workflow file for this run

---
# https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions
# https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions
# https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token
# https://hynek.me/articles/python-github-actions/
# https://medium.com/swlh/fast-docker-build-in-kubernetes-f52088854f45
name: CI
on: [push, pull_request]
# env:
# DOCKER_BUILDKIT: 1
# COMPOSE_DOCKER_CLI_BUILD: 1
jobs:
code-checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup Python
uses: actions/setup-python@v1
with:
python-version: 3.7
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install .[dev]
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
flake8 backend qaboard --count --select=E9,F63,F7,F82 --show-source --statistics
# --exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
# flake8 backend qaboard --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Type Checks with MyPy
run: mypy -p qaboard --ignore-missing-imports
- name: Unit Tests
run: |
# git is needed in the tests and setup to fail if not setup
git config --global user.name "Arthur Flam"
git config --global user.email "[email protected]"
green -vvv --quiet-stdout
build-webapp:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: 16.x
- uses: actions/cache@v2
with:
path: ~/.npm
key: node-${{ hashFiles('webapp/npm-shrinkwrap.json') }}
restore-keys: ${{ runner.os }}-node-
- run: cd webapp && npm ci
- run: cd webapp && npm run build --if-present
# - run: cd webapp && npm test
test-docker-images:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Build the docker-compose stack
run: docker-compose build # --build-arg BUILDKIT_INLINE_CACHE=1
- name: Up the docker-compose stack
run: docker-compose up -d
- name: Check running containers
run: docker ps -a
- name: Check logs
run: sleep 10 && docker-compose logs
- name: Smoke Test @app
run: curl -s --retry 10 --retry-connrefused http://localhost:5151/
- name: sleep 10 && Smoke Test @api
run: sleep 10 && curl -s --retry 10 --retry-connrefused http://localhost:5151/api/v1/projects
publish-docker-images:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
needs:
- code-checks
- build-webapp
- test-docker-images
steps:
- uses: actions/checkout@v2
- name: Build the docker-compose stack
run: docker-compose build # --build-arg BUILDKIT_INLINE_CACHE=1
- name: Publish images
run: |
echo ${{ secrets.DOCKERHUB_ACCESS_TOKEN }} | docker login --username arthurflam --password-stdin
docker-compose push