webpack-vue-config/.github/workflows/npm-audit-fix.yml at main · nextcloud-libraries/webpack-vue-config · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud-libraries/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
#
# SPDX-FileCopyrightText: 2023-2024 Nextcloud GmbH and Nextcloud contributors
# SPDX-License-Identifier: MIT

name: Npm audit fix and compile

on:
  workflow_dispatch:
  schedule:
    # At 2:30 on Sundays
    - cron: '30 2 * * 0'

permissions:
  contents: read

jobs:
  build:
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:
        branches: ['main']

    name: npm-audit-fix-${{ matrix.branches }}

    steps:
      - name: Checkout
        id: checkout
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false
          ref: ${{ matrix.branches }}
        continue-on-error: true

      - name: Read package.json
        uses: nextcloud-libraries/parse-package-engines-action@122ae05d4257008180a514e1ddeb0c1b9d094bdd # v0.1.0
        id: versions

      - name: Set up node
        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
        with:
          node-version: ${{ steps.versions.outputs.node-version }}

      - name: Set up npm
        run: npm i -g 'npm@${{ steps.versions.outputs.package-manager-version }}'

      - name: Fix npm audit
        id: npm-audit
        uses: nextcloud-libraries/npm-audit-action@1b1728b2b4a7a78d69de65608efcf4db0e3e42d0 # v0.2.0

      - name: Run npm ci and npm run build
        if: steps.checkout.outcome == 'success'
        env:
          CYPRESS_INSTALL_BINARY: 0
        run: |
          npm ci
          npm run build --if-present

      - name: Create Pull Request
        if: steps.checkout.outcome == 'success'
        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(deps): Fix npm audit'
          committer: GitHub <noreply@github.com>
          author: nextcloud-command <nextcloud-command@users.noreply.github.com>
          signoff: true
          branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
          title: '[${{ matrix.branches }}] Fix npm audit'
          body: ${{ steps.npm-audit.outputs.markdown }}
          labels: |
            dependencies
            3. to review