LerianStudio · lfbarrile01 · Oct 31, 2024 · Nov 4, 2024 · Nov 6, 2024 · Nov 6, 2024
diff --git a/.eslintrc.json b/.eslintrc.json
@@ -6,8 +6,19 @@
     "plugin:storybook/recommended"
   ],
   "rules": {
-    "prettier/prettier": "error",
+    "prettier/prettier": ["error", { "endOfLine": "auto" }],
     "react-hooks/rules-of-hooks": "off",
     "react-hooks/exhaustive-deps": "off"
+  },
+  "overrides": [
+    {
+      "files": ["*.ts", "*.tsx"],
+      "parserOptions": {
+        "project": "./tsconfig.json"
+      }
+    }
+  ],
+  "linterOptions": {
+    "reportUnusedDisableDirectives": true
   }
 }
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -0,0 +1,56 @@
+name: "CodeQL"
+
+on:
+  pull_request:
+    branches:
+      - develop
+      - main
+    types:
+      - opened
+      - edited
+      - synchronize
+      - reopened
+
+permissions:
+  id-token: write
+  contents: read
+  pull-requests: read
+  actions: read
+  security-events: write
+
+jobs:
+  CodeQL:
+    runs-on: ubuntu-latest
+    name: Run CodeQL for Next.js
+    timeout-minutes: 360
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - language: javascript
+          build-mode: none # Para Next.js, normalmente não é necessário um modo de build
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - uses: actions/setup-node@v3
+      with:
+        node-version: '22'
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        build-mode: ${{ matrix.build-mode }}
+
+    - name: Install dependencies
+      env:
+        MIDAZ_CONSOLE_SERVICE_HOST: 'localhost'
+      run: |
+        npm install
+        npm run build # Construa a aplicação, se necessário
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{ matrix.language }}"
diff --git a/.github/workflows/eslint-lint.yml b/.github/workflows/eslint-lint.yml
@@ -0,0 +1,41 @@
+name: "ESLint"
+
+on:
+  pull_request:
+    branches:
+      - develop
+      - main
+    types:
+      - opened
+      - edited
+      - synchronize
+      - reopened
+
+permissions:
+  id-token: write
+  contents: read
+  pull-requests: read
+
+jobs:
+  ESLint:
+    runs-on: ubuntu-latest
+    name: Run ESLint for Next.js
+    steps:
+    - uses: actions/checkout@v4
+
+    - uses: actions/setup-node@v3
+      with:
+        node-version: '22'
+
+    - name: Set up .env file
+      run: |
+        cp .env.example .env # Copia .env.example para .env para uso local, se necessário
+
+    - name: Install dependencies and update ESLint packages
+      run: |
+          npm install
+          npm install eslint@latest eslint-config-next@latest eslint-plugin-prettier@latest eslint-plugin-react-hooks@latest
+
+    - name: Run ESLint
+      run: |
+        npm run lint
diff --git a/.github/workflows/npm-audit.yml b/.github/workflows/npm-audit.yml
@@ -0,0 +1,36 @@
+name: "Npm Audit"
+
+on:
+  pull_request:
+    branches:
+      - develop
+      - main
+    types:
+      - opened
+      - edited
+      - synchronize
+      - reopened
+
+permissions:
+  id-token: write
+  contents: read
+  pull-requests: read
+
+jobs:
+  NpmAudit:
+    runs-on: ubuntu-latest
+    name: Run Npm Audit for Next.js
+    steps:
+    - uses: actions/checkout@v4
+    # Verificar se é mesmo essa versão de Node
+    - uses: actions/setup-node@v3
+      with:
+        node-version: '22' 
+
+    - name: Install dependencies
+      run: |
+        npm install
+
+    - name: Run npm audit
+      run: |
+        npm audit --audit-level=high
diff --git a/.github/workflows/release-notification.yml b/.github/workflows/release-notification.yml
@@ -0,0 +1,21 @@
+on:
+  release:
+    types: [published]
+
+jobs:
+  github-releases-to-discord:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Github Releases To Discord
+        uses: SethCohen/[email protected]
+        if: '!github.event.prerelease'
+        with:
+          webhook_url: ${{ secrets.DISCORD_WEBHOOK_URL }}
+          color: "2105893"
+          username: "Release Changelog"
+          content: "||@everyone||"
+          footer_title: "Changelog"
+          footer_timestamp: true
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,36 @@
+on:
+  push:
+    branches:
+      - develop
+
+permissions:
+  id-token: write
+  contents: read
+  pull-requests: write
+  actions: read
+  security-events: write
+
+jobs:
+  console_pipeline:
+    runs-on: ubuntu-latest
+    name: Docker Pipeline - Console
+    steps:
+      - uses: actions/checkout@v4
+
+      # Autenticação no GitHub Container Registry usando o token GHCR_TOKEN
+      - name: Set up Docker authentication
+        run: echo "${{ secrets.GHCR_TOKEN }}" | docker login ghcr.io -u YOUR_USERNAME --password-stdin
+        env:
+          GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
+
+      # Usando a ação personalizada para construir e enviar a imagem Docker
+      - uses: LerianStudio/midaz-github-actions-docker-pipeline@main
+        with:
+          app-name: 'midaz-console'
+          argo-cd-sync: false
+          aws-region: 'us-east-2'
+          dockerfile-name: 'Dockerfile'
+          role-session-name: 'GITHUB-OIDC-ECR-SESSION'
+          role-to-assume: ${{ secrets.AWS_GH_OICD_TERRAFORM_ROLE }}
+          service-github-token: ${{ secrets.SERVICE_USER_TOKEN }}
+          slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}