Skip to content
This repository has been archived by the owner on Jun 28, 2024. It is now read-only.

[Snyk] Fix for 6 vulnerabilities #1503

[Snyk] Fix for 6 vulnerabilities

[Snyk] Fix for 6 vulnerabilities #1503

Workflow file for this run

name: Continuous Integration
on:
push:
branches: [master, staging]
pull_request:
branches: [master, staging]
jobs:
#----main job for teaspoon tests-------
build:
name: Build-and-Test
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
tests: [admin_views, cqm_specs, helper_specs, integration, models, patient_builder_tests/input_views, patient_builder_tests/measure, patient_builder_tests/patient, patient_builder_tests/criteria, production_tests, calc, spec/javascripts/patient_builder_tests/cql/cql_logic_view_spec.js.coffee, spec/javascripts/patient_builder_tests/cql/cql_truncated_statement_view_spec.js.coffee, spec/javascripts/patient_builder_tests/cql/cql_coloring_spec.js.coffee, spec/javascripts/cql_calculator_spec.js.coffee]
services:
mongodb:
image: mongo:3.6.22
ports:
- 27017:27017
steps:
- uses: actions/checkout@v2
- name: Set up Ruby 2.7.2
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.7.2
bundler-cache: true
- name: Use Node.js 16.x
uses: actions/setup-node@v2
with:
node-version: 16.x
- name: Install bundler & bundle-audit
run: |
gem install bundler -v 2.1.4
gem install bundle-audit
- name: Install ruby gems
run: bundle install --jobs 4 --retry 3
- name: Set and run up overcommit
run: |
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions CI"
bundle exec overcommit --sign
bundle exec overcommit --run
- name: NPM install
run: npm ci
- name: Setup Istanbul
run: sudo npm install -g istanbul
# ------- Teaspoon tests for "admin_views" directory ----------
- name: Run teaspoon tests
uses: GabrielBB/xvfb-action@v1
with:
run: bundle exec rake teaspoon DIR=${{ matrix.tests }}
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v1
with:
file: coverage-frontend/default/lcov.info
fail_ci_if_error: true
#--------Audit Job-------------
audit:
name: Build-and-Audit
runs-on: ubuntu-latest
services:
mongodb:
image: mongo:3.6.22
ports:
- 27017:27017
steps:
- uses: actions/checkout@v2
- name: Set up Ruby 2.7.2
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.7.2
bundler-cache: true
- name: Use Node.js 16.x
uses: actions/setup-node@v2
with:
node-version: 16.x
- name: Install bundler & bundle-audit
run: |
gem install bundler -v 2.1.4
gem install bundle-audit
- name: Install ruby gems
run: bundle install --jobs 4 --retry 3
# - name: Run Rubocop
# env:
# RAILS_ENV: test
# run: |
# bundle exec rubocop
# - name: Execute Brakeman static vulnerability analysis
# run: bundle exec brakeman -qAzw1
- name: Perform audit check for vulnerabilities
env:
RAILS_ENV: test
run: bundle exec bundle-audit check
- name: Set and run up overcommit
run: |
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions CI"
bundle exec overcommit --sign
bundle exec overcommit --run
- name: NPM install
run: npm ci
- name: NPM audit
run: npm audit --production --audit-level=high
- name: Build and test with Rake
env:
RAILS_ENV: test
uses: GabrielBB/xvfb-action@v1
with:
run: bundle exec rake test
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v1
with:
file: coverage/.resultset.json
fail_ci_if_error: true
- name: Setup Istanbul
run: sudo npm install -g istanbul