This repository has been archived by the owner on Jun 28, 2024. It is now read-only.
[Snyk] Fix for 6 vulnerabilities #1503
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: [master, staging] | |
pull_request: | |
branches: [master, staging] | |
jobs: | |
#----main job for teaspoon tests------- | |
build: | |
name: Build-and-Test | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
tests: [admin_views, cqm_specs, helper_specs, integration, models, patient_builder_tests/input_views, patient_builder_tests/measure, patient_builder_tests/patient, patient_builder_tests/criteria, production_tests, calc, spec/javascripts/patient_builder_tests/cql/cql_logic_view_spec.js.coffee, spec/javascripts/patient_builder_tests/cql/cql_truncated_statement_view_spec.js.coffee, spec/javascripts/patient_builder_tests/cql/cql_coloring_spec.js.coffee, spec/javascripts/cql_calculator_spec.js.coffee] | |
services: | |
mongodb: | |
image: mongo:3.6.22 | |
ports: | |
- 27017:27017 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up Ruby 2.7.2 | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7.2 | |
bundler-cache: true | |
- name: Use Node.js 16.x | |
uses: actions/setup-node@v2 | |
with: | |
node-version: 16.x | |
- name: Install bundler & bundle-audit | |
run: | | |
gem install bundler -v 2.1.4 | |
gem install bundle-audit | |
- name: Install ruby gems | |
run: bundle install --jobs 4 --retry 3 | |
- name: Set and run up overcommit | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "GitHub Actions CI" | |
bundle exec overcommit --sign | |
bundle exec overcommit --run | |
- name: NPM install | |
run: npm ci | |
- name: Setup Istanbul | |
run: sudo npm install -g istanbul | |
# ------- Teaspoon tests for "admin_views" directory ---------- | |
- name: Run teaspoon tests | |
uses: GabrielBB/xvfb-action@v1 | |
with: | |
run: bundle exec rake teaspoon DIR=${{ matrix.tests }} | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v1 | |
with: | |
file: coverage-frontend/default/lcov.info | |
fail_ci_if_error: true | |
#--------Audit Job------------- | |
audit: | |
name: Build-and-Audit | |
runs-on: ubuntu-latest | |
services: | |
mongodb: | |
image: mongo:3.6.22 | |
ports: | |
- 27017:27017 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up Ruby 2.7.2 | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7.2 | |
bundler-cache: true | |
- name: Use Node.js 16.x | |
uses: actions/setup-node@v2 | |
with: | |
node-version: 16.x | |
- name: Install bundler & bundle-audit | |
run: | | |
gem install bundler -v 2.1.4 | |
gem install bundle-audit | |
- name: Install ruby gems | |
run: bundle install --jobs 4 --retry 3 | |
# - name: Run Rubocop | |
# env: | |
# RAILS_ENV: test | |
# run: | | |
# bundle exec rubocop | |
# - name: Execute Brakeman static vulnerability analysis | |
# run: bundle exec brakeman -qAzw1 | |
- name: Perform audit check for vulnerabilities | |
env: | |
RAILS_ENV: test | |
run: bundle exec bundle-audit check | |
- name: Set and run up overcommit | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "GitHub Actions CI" | |
bundle exec overcommit --sign | |
bundle exec overcommit --run | |
- name: NPM install | |
run: npm ci | |
- name: NPM audit | |
run: npm audit --production --audit-level=high | |
- name: Build and test with Rake | |
env: | |
RAILS_ENV: test | |
uses: GabrielBB/xvfb-action@v1 | |
with: | |
run: bundle exec rake test | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v1 | |
with: | |
file: coverage/.resultset.json | |
fail_ci_if_error: true | |
- name: Setup Istanbul | |
run: sudo npm install -g istanbul |