fix(deps): update npm dependencies (major) #1809
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continous Integration | |
| on: | |
| pull_request: | |
| branches: [develop, main] | |
| workflow_dispatch: | |
| jobs: | |
| eslint: | |
| name: "Run ESLint" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 | |
| with: | |
| node-version: 20 | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Run ESLint | |
| run: npm run lint | |
| playwright: | |
| name: "Playwright Tests" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - name: Get changed files | |
| id: changed-files | |
| uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf # v45 | |
| with: | |
| files: | | |
| package.json | |
| package-lock.json | |
| src/** | |
| tests/** | |
| **.js | |
| **.ts | |
| - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 | |
| if: steps.changed-files.outputs.any_modified == 'true' | |
| with: | |
| node-version: 18 | |
| - name: Install dependencies | |
| if: steps.changed-files.outputs.any_modified == 'true' | |
| run: npm ci | |
| - name: Install Playwright Browsers | |
| if: steps.changed-files.outputs.any_modified == 'true' | |
| run: npx playwright install --with-deps | |
| - name: Build standalone nextjs server for testing | |
| if: steps.changed-files.outputs.any_modified == 'true' | |
| run: npm run build | |
| - name: Run Playwright tests | |
| if: steps.changed-files.outputs.any_modified == 'true' | |
| run: npm run test:e2e --debug | |
| - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 | |
| if: steps.changed-files.outputs.any_modified == 'true' | |
| with: | |
| name: playwright-report | |
| path: playwright-report/ | |
| retention-days: 30 | |
| scan: | |
| name: Vulnerability scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - name: Build an image from Dockerfile | |
| run: | | |
| docker build -t ghcr.io/bl4ko/netbox-ssot:${{ github.sha }} . | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| env: | |
| TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db | |
| TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db | |
| with: | |
| image-ref: "ghcr.io/bl4ko/netbox-ssot:${{ github.sha }}" | |
| format: "table" | |
| exit-code: "1" | |
| ignore-unfixed: true | |
| vuln-type: "os,library" | |
| severity: "CRITICAL,HIGH" |