Skip to content

chore(deps): lock file maintenance #2665

chore(deps): lock file maintenance

chore(deps): lock file maintenance #2665

Workflow file for this run

name: Unit Tests and Analysis
on:
pull_request:
types:
- opened
- reopened
- synchronize
- ready_for_review
push:
branches:
- main
paths-ignore:
- "**.md"
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
tests-java:
name: Backend Tests
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-22.04
steps:
- uses: bcgov-nr/[email protected]
name: Backend Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: backend
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-backend
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/exception/**,**/dto/**,**/entity/**,**/models/**,**/repository/**,**/*$*Builder*,**/BootApplication*
sonar_project_token: ${{ secrets.SONAR_TOKEN_BACKEND }}
- uses: bcgov-nr/[email protected]
name: Legacy Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: legacy
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-legacy
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/exception/**,**/dto/**,**/entity/**,**/repository/**,**/*$*Builder*,**/LegacyApplication***/ApplicationConstants*
sonar_project_token: ${{ secrets.SONAR_TOKEN_LEGACY }}
- uses: bcgov-nr/[email protected]
name: Processor Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: processor
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=nr-forest-client_processor
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/dto/**,**/exception/**,**/entity/**,**/repository/**,**/*$*Builder*,**/ProcessApplication***/ApplicationConstant*
sonar_project_token: ${{ secrets.SONAR_TOKEN_PROCESSOR }}
- name: Archive CycloneDX
continue-on-error: true
uses: actions/upload-artifact@v3
with:
name: cyclone-backend
path: |
backend/target/bom.json
legacy/target/bom.json
processor/target/bom.json
retention-days: 5
- name: Checkstyle report
continue-on-error: true
uses: jwgmeligmeyling/checkstyle-github-action@master
with:
path: (backend|legacy|processor)/**/checkstyle-result.xml
- name: Publish Test Report
uses: mikepenz/action-junit-report@v3
continue-on-error: true
if: success() || failure() # always run even if the previous step fails
with:
report_paths: (backend|legacy|processor)/target/**/TEST-*.xml
commit: ${{ github.event.pull_request.head.sha }}
summary: Pull Request Tests for Backend
detailed_summary: true
job_name: Backend Tests
- name: Add coverage to PR
id: jacoco
continue-on-error: true
uses: madrapps/[email protected]
with:
paths: (backend|legacy|processor)/target/coverage-reports/merged-test-report/jacoco.xml
token: ${{ secrets.GITHUB_TOKEN }}
min-coverage-overall: 75
min-coverage-changed-files: 75
tests-frontend:
name: Frontend Unit Tests
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-22.04
steps:
- uses: bcgov-nr/[email protected]
env:
VITE_BACKEND_URL: http://localhost:8080
VITE_FRONTEND_URL: http://localhost:3000
VITE_NODE_ENV: openshift-dev
VITE_COVERAGE: true
VITE_PORT: 3000
with:
node_version: 18
commands: |
npm ci
npm run coverage
dir: frontend
sonar_args: >
-Dsonar.exclusions=**/coverage/**,**/tests/**,**/stub/**,**/reports/**,**/cypress/**,,**/assets/**,,**/dto/**,**/CoreConstants.ts,**/src/CoreConstants.ts,**/main.ts,**/routes.ts,**/sims-vue.d.ts,**/styles.ts,**/components.d.ts
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-frontend
sonar_token: ${{ secrets.SONAR_TOKEN_FRONTEND }}
triggers: ('frontend/')
trivy:
name: Repository Report
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/[email protected]
with:
scan-type: "fs"
format: "sarif"
output: "trivy-results.sarif"
ignore-unfixed: true
severity: "CRITICAL,HIGH"
scanners: "vuln,secret,config"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: "trivy-results.sarif"