Skip to content
Build & Deploy Staging

[Snyk] Security upgrade typeorm from 0.2.37 to 0.3.18 #323

Sign in to view logs

[Snyk] Security upgrade typeorm from 0.2.37 to 0.3.18

[Snyk] Security upgrade typeorm from 0.2.37 to 0.3.18 #323

Workflow file for this run

.github/workflows/ci.yml at 4a82eb2
name: Build & Deploy Staging
env:
CI: true
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
services:
postgres:
image: postgres:9.6
env:
POSTGRES_PASSWORD: postgres
ports:
- 5432:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- name: Notify Push
uses: appleboy/telegram-action@0.0.7
with:
to: ${{ secrets.TELEGRAM_TO }}
token: ${{ secrets.TELEGRAM_TOKEN }}
format: markdown
message: Building [this commit](https://github.com/${{github.repository}}/commit/${{github.sha}}) by [${{github.actor}}](https://github.com/${{github.actor}}).
- uses: actions/checkout@v2
- name: Setup Node
if: success()
uses: actions/setup-node@v2
with:
node-version: '14.x'
- name: Install Dependencies
if: success()
run: npm install
- name: Lint
if: success()
run: npm run lint
- name: Test & Coverage
if: success()
env:
POSTGRES_HOST: localhost
POSTGRES_PORT: ${{ job.services.postgres.ports[5432] }}
run: npm run test -- --collect-coverage
- name: Archive code coverage results
uses: actions/upload-artifact@v1
with:
name: code-coverage-report
path: coverage/
- name: Codecov
uses: codecov/codecov-action@v1.0.5
continue-on-error: true
timeout-minutes: 3
with:
token: ${{ secrets.CODECOV_TOKEN }}
file: coverage/coverage-final.json
fail_ci_if_error: false
- name: Publish to Docker Hub
uses: elgohr/Publish-Docker-Github-Action@master
if: ${{ github.ref == 'refs/heads/master' }}
with:
name: msociety/msocietybot
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
tags: latest
tag_names: true
tag_semver: true
- name: Notify Completed
uses: appleboy/telegram-action@0.0.7
if: success() || failure()
with:
to: ${{ secrets.TELEGRAM_TO }}
token: ${{ secrets.TELEGRAM_TOKEN }}
format: markdown
message: Building completed with status ${{job.status}} for [this commit](https://github.com/${{github.repository}}/commit/${{github.sha}}) by [${{github.actor}}](https://github.com/${{github.actor}}).
deploy-staging:
needs: build
if: ${{ github.ref == 'refs/heads/master' }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Notify Push
uses: appleboy/telegram-action@0.0.7
with:
to: ${{ secrets.TELEGRAM_TO }}
token: ${{ secrets.TELEGRAM_TOKEN }}
format: markdown
message: Deploying to staging [this commit](https://github.com/${{github.repository}}/commit/${{github.sha}}) by [${{github.actor}}](https://github.com/${{github.actor}}).
- name: Deploy Staging
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.DEPLOY_HOST }}
username: ${{ secrets.DEPLOY_USERNAME }}
key: ${{ secrets.DEPLOY_KEY }}
script: |
podman stop msocietybot-staging-new || true
podman rm msocietybot-staging-new || true
podman pull msociety/msocietybot
podman run -d --name msocietybot-staging-new --env-file $HOME/staging.env --pod msocietybot-pod msociety/msocietybot
yes | podman system prune
- name: Notify Completed
uses: appleboy/telegram-action@0.0.7
if: success() || failure()
with:
to: ${{ secrets.TELEGRAM_TO }}
token: ${{ secrets.TELEGRAM_TOKEN }}
format: markdown
message: Deploying to staging completed with status ${{job.status}} for [this commit](https://github.com/${{github.repository}}/commit/${{github.sha}}) by [${{github.actor}}](https://github.com/${{github.actor}}).