This repository has been archived by the owner on Jun 28, 2024. It is now read-only.
[Snyk] Fix for 1 vulnerabilities #1525
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: [master, bonnie-prior, bonnie-on-fhir] | |
pull_request: | |
branches: [master, bonnie-prior, bonnie-on-fhir] | |
jobs: | |
build: | |
name: Build-and-Test | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
tests: [admin_views, cqm_specs, fhir_measures, helper_specs, integration, models, patient_builder_tests/input_views_1, patient_builder_tests/input_views_2, patient_builder_tests/input_views_3, patient_builder_tests/measure, patient_builder_tests/patient, patient_builder_tests/criteria, patient_builder_tests/negation_views, production_tests, calc, spec/javascripts/patient_builder_tests/cql/cql_logic_view_spec.js.coffee, spec/javascripts/patient_builder_tests/cql/cql_truncated_statement_view_spec.js.coffee, spec/javascripts/patient_builder_tests/cql/cql_coloring_spec.js.coffee] | |
services: | |
mongodb: | |
image: mongo:3.6.22 | |
ports: | |
- 27017:27017 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up Ruby 2.7.2 | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7.2 | |
bundler-cache: true | |
- name: Use Node.js 16.x | |
uses: actions/setup-node@v2 | |
with: | |
node-version: 16.x | |
- name: Install bundler & bundle-audit | |
run: | | |
gem install bundler -v 2.1.4 | |
gem install bundle-audit | |
- name: Install ruby gems | |
run: bundle install --jobs 4 --retry 3 | |
- name: Set and run up overcommit | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "GitHub Actions CI" | |
bundle exec overcommit --sign | |
bundle exec overcommit --run | |
- name: NPM install | |
run: npm ci | |
- name: Setup Istanbul | |
run: sudo npm install -g istanbul | |
# ------- Teaspoon tests for "admin_views" directory ---------- | |
- name: Run teaspoon tests | |
uses: GabrielBB/xvfb-action@v1 | |
with: | |
run: bundle exec rake teaspoon DIR=${{ matrix.tests }} | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v1 | |
with: | |
file: coverage-frontend/default/lcov.info | |
fail_ci_if_error: true | |
audit: | |
name: Build-and-Audit | |
runs-on: ubuntu-latest | |
services: | |
mongodb: | |
image: mongo:3.6.22 | |
ports: | |
- 27017:27017 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up Ruby 2.7.2 | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7.2 | |
bundler-cache: true | |
- name: Use Node.js 16.x | |
uses: actions/setup-node@v2 | |
with: | |
node-version: 16.x | |
- name: Install bundler & bundle-audit | |
run: | | |
gem install bundler -v 2.1.4 | |
gem install bundle-audit | |
- name: Install ruby gems | |
run: bundle install --jobs 4 --retry 3 | |
# - name: Run Rubocop | |
# env: | |
# RAILS_ENV: test | |
# run: | | |
# bundle exec rubocop | |
# - name: Execute Brakeman static vulnerability analysis | |
# run: bundle exec brakeman -qAzw1 | |
- name: Perform audit check for vulnerabilities | |
env: | |
RAILS_ENV: test | |
run: bundle exec bundle-audit check | |
- name: Set and run up overcommit | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "GitHub Actions CI" | |
bundle exec overcommit --sign | |
bundle exec overcommit --run | |
- name: NPM install | |
run: npm ci | |
- name: NPM audit | |
run: npm audit --production --audit-level=high | |
- name: Build and test with Rake | |
env: | |
RAILS_ENV: test | |
uses: GabrielBB/xvfb-action@v1 | |
with: | |
run: bundle exec rake test | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v1 | |
with: | |
file: coverage/.resultset.json | |
fail_ci_if_error: true | |
- name: Setup Istanbul | |
run: sudo npm install -g istanbul |