xfox111/bonch-calendar
1
0
Fork 0
mirror of https://github.com/XFox111/bonch-calendar.git synced 2026-04-22 07:08:01 +03:00
Code Activity
Files
b932b49b65daeb2847a3758bb883a46877022764
bonch-calendar/.github/workflows/audit.yml
T
xfox111 fe11e264de init: initial commit
2025-11-18 20:16:48 +00:00

89 lines
1.8 KiB
YAML
Raw Blame History

name: "Audit pipeline"
on:
push:
branches: [ "main" ]
paths-ignore:
- '.devcontainer/*'
- '.github/*'
- '!.github/workflows/audit.yml'
- '.vscode/*'
- '**.md'
- 'LICENSE'
- 'assets/*'
pull_request:
branches: [ "main" ]
paths-ignore:
- '.devcontainer/*'
- '.github/*'
- '!.github/workflows/audit.yml'
- '.vscode/*'
- '**.md'
- 'LICENSE'
- 'assets/*'
workflow_dispatch:
permissions:
packages: write
jobs:
api:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: docker/build-push-action@v6
with:
context: ./api
tags: ${{ github.repository }}-api:ci
- run: docker save ${{ github.repository }}:ci | gzip > api_image.tar.gz
- uses: actions/upload-artifact@v5
with:
name: api-image
path: api_image.tar.gz
app:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: docker/build-push-action@v6
with:
context: ./app
tags: ${{ github.repository }}-app:ci
- run: docker save ${{ github.repository }}:ci | gzip > app_image.tar.gz
- uses: actions/upload-artifact@v5
with:
name: app-image
path: app_image.tar.gz
app_audit:
runs-on: ubuntu-latest
container: node:latest
steps:
- uses: actions/checkout@v5
- run: npm install
working-directory: ./app
- run: npm run lint
working-directory: ./app
- run: npm audit --audit-level=moderate
working-directory: ./app
- run: npm audit --audit-level=moderate --json > audit_report.json
working-directory: ./app
- uses: actions/upload-artifact@v5
with:
name: app-audit-report
path: ./app/audit_report.json
View Git Blame Copy Permalink