-
Notifications
You must be signed in to change notification settings - Fork 3
57 lines (49 loc) · 2.3 KB
/
ci.yml
File metadata and controls
57 lines (49 loc) · 2.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# SonarQube cloud analysis exceptions
# shell:S5332 - Clear text protocols are acceptable for AWS local development.
# secrets:S2068 - Well known local development secrets are aceptable.
name: CI
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install nodejs
uses: actions/setup-node@v4
with:
node-version: "24.x"
- name: Install node dependencies
run: npm ci --ignore-scripts
- name: Run linting
run: npm run lint
- name: Run unit tests
run: |
npm run unit-test
- name: Analyse code quality
uses: sonarsource/sonarqube-scan-action@1a6d90ebcb0e6a6b1d87e37ba693fe453195ae25 # v5.3.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
args: >
-Dsonar.organization=defra
-Dsonar.projectKey=DEFRA_cap-xml
-Dsonar.exclusions=**/node_modules/**,**/test/**,**/test-output/**
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info
-Dsonar.javascript.exclusions=**/node_modules/**,**/test/**,**/test-output/**,**/mock/**,**/public/**
-Dsonar.issue.ignore.multicriteria=e1,e2,e3
-Dsonar.issue.ignore.multicriteria.e1.ruleKey=shell:S5332
-Dsonar.issue.ignore.multicriteria.e1.resourceKey=**/docker/scripts/register-lambda-functions.sh
-Dsonar.issue.ignore.multicriteria.e2.ruleKey=shell:S5332
-Dsonar.issue.ignore.multicriteria.e2.resourceKey=**/docker/scripts/load-dummy-data.sh
-Dsonar.issue.ignore.multicriteria.e3.ruleKey=secrets:S2068
-Dsonar.issue.ignore.multicriteria.e3.resourceKey=**/docker/.env
- name: Dependency Review
if: github.event_name == 'pull_request'
uses: actions/dependency-review-action@v4
with:
fail-on-severity: moderate
comment-summary-in-pr: always