-
Notifications
You must be signed in to change notification settings - Fork 0
145 lines (120 loc) · 3.41 KB
/
ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: CI/CD Pipeline
on:
push:
branches:
- main
pull_request:
branches:
- main
permissions:
issues: write
contents: read
jobs:
setup:
name: Setup
runs-on: ubuntu-latest
outputs:
cache-hit: ${{ steps.node-with-cache.outputs.cache-hit }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js with node_modules cache
id: node-with-cache
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install npm packages
run: npm ci
linting:
name: Linting
runs-on: ubuntu-latest
needs: setup
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 18.x
- name: Use cached node_modules
run: npm ci --cache ~/.npm
- name: Run ESLint and generate report
run: npm run lint
- name: Annotate Code Linting Results
uses: ataylorme/eslint-annotate-action@v3
with:
report-json: 'lint_report.json'
- name: Upload ESLint report
uses: actions/upload-artifact@v4
with:
name: lint_report.json
path: lint_report.json
retention-days: 5
e2e-testing:
name: E2E Testing
runs-on: ubuntu-latest
needs: linting
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 18.x
- name: Use cached node_modules
run: npm ci --cache ~/.npm
- name: Build application
run: npm run build
- name: Start server
run: npm run start &
- name: Wait for server to start
run: npx wait-on http://localhost:3000
- name: Run tests
run: npx cypress run --e2e
- name: Generate testing report
run: |
npx mochawesome-merge "cypress/reports/*.json" > report.json
npx marge report.json --reportFilename "e2e_testing_report" --reportTitle "E2E Testing Report" --reportPageTitle "E2E Testing Report"
- name: Upload testing report
uses: actions/upload-artifact@v4
with:
name: e2e_testing_report
path: mochawesome-report
retention-days: 5
security-testing:
name: Security Testing
runs-on: ubuntu-latest
needs: e2e-testing
services:
app:
image: quiirex/nowted-app:latest
ports:
- 3000:3000
steps:
- name: ZAP Full Scan
uses: zaproxy/action-full-scan@v0.10.0
with:
target: 'http://app:3000'
- name: Upload ZAP reports
uses: actions/upload-artifact@v4
with:
name: zap_scan
path: zap_scan
retention-days: 5
# performance-testing:
# name: Performance Testing
# runs-on: ubuntu-latest
# needs: security-testing
# steps:
# - name: Checkout repository
# uses: actions/checkout@v4
# - name: Run k6 tests
# run: npm run performance
# - name: Upload k6 performance reports
# uses: actions/upload-artifact@v4
# with:
# name: performance-testing-reports
# path: performance-testing-reports