chore(dev-deps): update eslint #2505
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| strategy: | |
| matrix: | |
| node-version: [20.x] | |
| steps: | |
| - name: Check out the repo | |
| uses: actions/checkout@v3 | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: node_modules | |
| key: yarn-deps-${{ hashFiles('yarn.lock') }} | |
| restore-keys: | | |
| yarn-deps-${{ hashFiles('yarn.lock') }} | |
| - name: Lint the content | |
| run: | | |
| yarn config set workspaces-experimental true | |
| yarn install --frozen-lockfile | |
| yarn build | |
| yarn lint | |
| yarn test | |
| cdn: | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| permissions: | |
| contents: write | |
| needs: | |
| - test | |
| strategy: | |
| matrix: | |
| node-version: [20.x] | |
| steps: | |
| - name: Check out the repository | |
| uses: actions/checkout@v3 | |
| with: | |
| token: ${{ secrets.DISPATCH_ACCESS_TOKEN }} | |
| - name: Set up Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: node_modules | |
| key: yarn-deps-${{ hashFiles('yarn.lock') }} | |
| restore-keys: | | |
| yarn-deps-${{ hashFiles('yarn.lock') }} | |
| - name: Create CDN build | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.DISPATCH_ACCESS_TOKEN }} | |
| run: | | |
| yarn config set workspaces-experimental true | |
| yarn install --frozen-lockfile | |
| git fetch --tags | |
| PACKAGE_VERSION=$($GITHUB_WORKSPACE/node_modules/.bin/auto shipit -dq) yarn build | |
| - name: Push compiled content | |
| uses: s0/git-publish-subdir-action@develop | |
| env: | |
| REPO: self | |
| BRANCH: cdn | |
| FOLDER: packages/embed-cdn/lib | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| release: | |
| if: "!contains(github.event.head_commit.message, 'ci skip') && !contains(github.event.head_commit.message, 'skip ci') && github.repository_owner == 'gr4vy' && github.ref == 'refs/heads/main'" | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| needs: | |
| - test | |
| strategy: | |
| matrix: | |
| node-version: [20.x] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| token: ${{ secrets.DISPATCH_ACCESS_TOKEN }} | |
| - name: Prepare repository | |
| run: git fetch --unshallow --tags | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Upgrade npm for trusted publishing (needs npm >= 11.5.1 which comes with Node 24) | |
| if: matrix.node-version < '24' | |
| run: npm install -g npm@^11.5.1 | |
| shell: bash | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: node_modules | |
| key: yarn-deps-${{ hashFiles('yarn.lock') }} | |
| restore-keys: | | |
| yarn-deps-${{ hashFiles('yarn.lock') }} | |
| - name: Create Release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.DISPATCH_ACCESS_TOKEN }} | |
| NPM_TOKEN: '' # placeholder to prevent yarn from failing on ${NPM_TOKEN} expansion (OIDC token is written to ~/.npmrc by auto) | |
| run: | | |
| yarn config set workspaces-experimental true | |
| yarn install --frozen-lockfile | |
| PACKAGE_VERSION=$($GITHUB_WORKSPACE/node_modules/.bin/auto shipit -dq) yarn build | |
| yarn release | |
| scan: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 2 | |
| strategy: | |
| matrix: | |
| node-version: | |
| - 20.x | |
| steps: | |
| - name: Check out the repo | |
| uses: actions/checkout@v3 | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| scan-type: 'fs' | |
| ignore-unfixed: true | |
| exit-code: 1 | |
| env: | |
| TRIVY_DB_REPOSITORY: us-docker.pkg.dev/gr4vy-admin/aquasecurity/trivy-db |