[Snyk] Security upgrade @cmsgov/design-system from 5.0.2 to 7.0.0 #481
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will do the following: | |
| # - perform a clean install of node dependencies | |
| # - lint the source code for errors | |
| # - build the source code | |
| # - run tests and capture code coverage | |
| # - run end-to-end tests | |
| # - upload the code coverage report to Codacy | |
| # - upload the code coverage report to Codecov | |
| name: Continuous Integration | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main, develop] | |
| jobs: | |
| node_matrix: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| version: [20] | |
| name: Checkout, install, lint, build and test with coverage | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./react | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Use Node.js (matrix) | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ matrix.version }} | |
| - name: Cache node modules | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-node-modules | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-${{ env.cache-name }}- | |
| ${{ runner.os }}-build- | |
| ${{ runner.os }}- | |
| - name: Install node dependencies | |
| run: npm ci | |
| - name: Audit dependencies for security vulnerabilities | |
| run: npm audit --production | |
| - name: Lint the source code | |
| run: npm run-script lint | |
| - name: Check prettier formatting | |
| run: npm run-script check-format | |
| - name: Build the source code | |
| run: npm run build | |
| - name: Execute test coverage | |
| run: npm run-script coverage | |
| - name: Store the coverage report as an artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: coverage | |
| path: react/coverage/lcov.info | |
| - name: Upload code coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: lcov.info | |
| fail_ci_if_error: true |