Update development-workflow.yml #16
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: development pipeline | |
| on: | |
| # Runs on pushes targeting the default branch | |
| push: | |
| branches: ["develop", "feature/*"] | |
| pull_request: | |
| branches: ["develop", "feature/*"] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages | |
| permissions: | |
| contents: read | |
| pages: write | |
| id-token: write | |
| jobs: | |
| # Build job | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Detect package manager | |
| id: detect-package-manager | |
| run: | | |
| if [ -f "${{ github.workspace }}/yarn.lock" ]; then | |
| echo "manager=yarn" >> $GITHUB_OUTPUT | |
| echo "command=install" >> $GITHUB_OUTPUT | |
| echo "runner=yarn" >> $GITHUB_OUTPUT | |
| exit 0 | |
| elif [ -f "${{ github.workspace }}/package.json" ]; then | |
| echo "manager=npm" >> $GITHUB_OUTPUT | |
| echo "command=ci" >> $GITHUB_OUTPUT | |
| echo "runner=npx --no-install" >> $GITHUB_OUTPUT | |
| exit 0 | |
| else | |
| echo "Unable to determine package manager" >&2 | |
| exit 1 | |
| fi | |
| - name: Setup Node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: "20" | |
| cache: ${{ steps.detect-package-manager.outputs.manager }} | |
| - name: Restore cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| .next/cache | |
| # Generate a new cache whenever packages or source files change. | |
| key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }} | |
| # If source files changed but packages didn't, rebuild from a prior cache. | |
| restore-keys: | | |
| ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}- | |
| - name: Install dependencies | |
| run: ${{ steps.detect-package-manager.outputs.manager }} ${{ steps.detect-package-manager.outputs.command }} | |
| - name: Build with Next.js | |
| run: npm run build | |
| sonarcloud: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: SonarCloud Scan | |
| uses: SonarSource/sonarcloud-github-action@master | |
| with: | |
| args: > | |
| -Dsonar.projectKey=SpotiCloud_frontend | |
| -Dsonar.organization=spoticloud | |
| -Dsonar.host.url=https://sonarcloud.io | |
| -Dsonar.sources=./ | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| snyk_scan: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Install Snyk CLI | |
| run: npm install -g snyk # Install Snyk CLI globally | |
| - name: Authenticate with Snyk | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| run: npx snyk auth $SNYK_TOKEN | |
| - name: Run Snyk security scan | |
| run: npx snyk test --json > snyk-output.json | |
| - name: Upload Snyk results | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: snyk-results | |
| path: snyk-output.json |