mirror/dashy
1
0
Fork 0
mirror of https://github.com/Lissy93/dashy.git synced 2026-06-06 00:34:30 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
30b094caf70d25e386f4ce4197af42461ba1ea52
dashy/.github/workflows/ci.yml
Alicia Sykes 5aa1dc2687 💚 Fixes secret scanning check
2026-05-15 18:17:30 +01:00

180 lines
4.1 KiB
YAML
Raw Blame History

# CI checks to run when PR is opened
name: 🚦 PR Check
on:
pull_request:
branches: ['master', 'develop']
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
changes:
name: 🔎 Detect Changes
runs-on: ubuntu-latest
outputs:
lockfile: ${{ steps.filter.outputs.lockfile }}
workflows: ${{ steps.filter.outputs.workflows }}
steps:
- name: Checkout Code
uses: actions/checkout@v6
- name: Filter Paths
uses: dorny/paths-filter@v4
id: filter
with:
filters: |
lockfile:
- 'yarn.lock'
workflows:
- '.github/workflows/**'
lint:
name: 🛡️ Lint
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
cache: 'yarn'
- name: Install Dependencies
run: yarn install --frozen-lockfile
- name: Run ESLint
run: yarn lint
typecheck:
name: 🦴 Typecheck
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
cache: 'yarn'
- name: Install Dependencies
run: yarn install --frozen-lockfile
- name: Run vue-tsc
run: yarn typecheck
test:
name: 🧪 Test
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
cache: 'yarn'
- name: Install Dependencies
run: yarn install --frozen-lockfile
- name: Run Tests
run: yarn test
build:
name: 🏗️ Build Check
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
cache: 'yarn'
- name: Install Dependencies
run: yarn install --frozen-lockfile
- name: Build Project
run: yarn build
- name: Verify Build Output
run: |
if [ ! -d "dist" ]; then
echo "❌ Build failed: dist directory not created"
exit 1
fi
if [ ! -f "dist/index.html" ]; then
echo "❌ Build failed: index.html not found"
exit 1
fi
echo "✅ Build successful"
docker-smoke:
name: 🐳 Docker Smoke Test
runs-on: ubuntu-latest
continue-on-error: true
steps:
- name: Checkout Code
uses: actions/checkout@v6
- name: Build & Test Docker Image
run: sh tests/docker-smoke-test.sh
timeout-minutes: 10
dependency-review:
name: 🔒 Dependency Audit
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.lockfile == 'true'
permissions:
contents: read
steps:
- name: Checkout Code
uses: actions/checkout@v6
- name: Review Dependencies
uses: actions/dependency-review-action@v4
with:
fail-on-severity: moderate
secret-scan:
name: 🔑 Secret Scanning
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout Code
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Scan PR Diff for Secrets
uses: trufflesecurity/trufflehog@v3.95.3
with:
base: ${{ github.event.pull_request.base.sha }}
head: ${{ github.event.pull_request.head.sha }}
extra_args: --only-verified
actionlint:
name: 🛠️ Lint Actions
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.workflows == 'true'
steps:
- name: Checkout Code
uses: actions/checkout@v6
- name: Run Actionlint
uses: raven-actions/actionlint@v2
with:
fail-on-error: true
Reference in New Issue View Git Blame Copy Permalink