diff --git a/.github/workflows/integration-tests-v1.yaml b/.github/workflows/integration-tests-v1.yaml index 55084264..d58f424f 100644 --- a/.github/workflows/integration-tests-v1.yaml +++ b/.github/workflows/integration-tests-v1.yaml @@ -46,4 +46,4 @@ jobs: FIREBOLT_CLIENT_ID: ${{ secrets.SERVICE_ID_STG }} FIREBOLT_CLIENT_SECRET: ${{ secrets.SERVICE_SECRET_STG }} run: | - npm run test:ci integration/v1 + npm run test:ci integration/v1 \ No newline at end of file diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index 28da9885..3838365a 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -8,29 +8,32 @@ on: jobs: code-checks: + runs-on: ubuntu-latest steps: - - name: Check out code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - - name: Set up node.js - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 - with: - node-version: '16' - - - name: Install dependencies - run: npm install - - - name: Type check with typescript - run: npm run type-check - - - name: Test with jest - run: npm test -- --coverage test/unit - - - name: Upload coverage report - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: coverage - path: coverage/ - retention-days: 1 + - name: Check out code + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Set up node.js + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 + with: + node-version: '16' + + - name: Install dependencies + run: npm install + + - name: Type check with typescript + run: | + npm run type-check + + - name: Test with jest + run: | + npm test -- --coverage test/unit + + - name: "Security Scan" + if: github.event.repository.fork == false + uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 # v7.0.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }} diff --git a/.github/workflows/release-workflow.yaml b/.github/workflows/release-workflow.yaml index e376d090..cd784de4 100644 --- a/.github/workflows/release-workflow.yaml +++ b/.github/workflows/release-workflow.yaml @@ -23,18 +23,18 @@ jobs: publish: runs-on: ubuntu-latest needs: integration-tests - steps: + steps: - name: Check out code uses: actions/checkout@v6 with: fetch-depth: 0 token: ${{ secrets.RELEASE_PAT }} - + - name: Set up node.js uses: actions/setup-node@v6 with: node-version: '16' - + - name: Install dependencies run: | npm install @@ -43,7 +43,7 @@ jobs: run: | git config user.name "GitHub Actions Bot" git config user.email "<>" - + - name: Build run: | npm run build diff --git a/.github/workflows/sonar.yaml b/.github/workflows/sonar.yaml deleted file mode 100644 index a1418862..00000000 --- a/.github/workflows/sonar.yaml +++ /dev/null @@ -1,36 +0,0 @@ -name: Sonar scan - -on: - workflow_run: - workflows: [ "PR checks" ] - types: [ completed ] - -jobs: - sonar: - runs-on: ubuntu-latest - # Only run if the triggering workflow succeeded - if: ${{ github.event.workflow_run.conclusion == 'success' }} - - steps: - - name: Check out code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - # Check out the exact commit that was tested, not the base branch - ref: ${{ github.event.workflow_run.head_sha }} - fetch-depth: 0 - - - name: Download coverage report - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 - with: - name: coverage - path: coverage/ - # Pull the artifact from the run that triggered this workflow, - # not from this (sonar) run which has no artifacts of its own - run-id: ${{ github.event.workflow_run.id }} - github-token: ${{ secrets.GITHUB_TOKEN }} - - - name: Security scan - uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 # v7.0.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}