Skip to content

Commit

Permalink
chore(ci): Use GitHub Actions, Dependabot (#10)
Browse files Browse the repository at this point in the history
  • Loading branch information
fb55 authored Sep 14, 2021
1 parent 9894c1d commit e02b4dd
Show file tree
Hide file tree
Showing 6 changed files with 151 additions and 8 deletions.
12 changes: 12 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
version: 2
updates:
- package-ecosystem: npm
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
versioning-strategy: increase
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily
52 changes: 52 additions & 0 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
name: "Code scanning - action"

on:
push:
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
schedule:
- cron: "0 7 * * 0"

jobs:
CodeQL-Build:
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2

# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
# Override language selection by uncommenting this and choosing your languages
# with:
# languages: go, javascript, csharp, python, cpp, java
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl

# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language

#- run: |
# make bootstrap
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
28 changes: 28 additions & 0 deletions .github/workflows/dependabot-automerge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# Based on https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request
name: Dependabot auto-merge
on: pull_request_target

permissions:
pull-requests: write
contents: write

jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v1.1.1
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Enable auto-merge for Dependabot PRs
# Automatically merge semver-patch and semver-minor PRs
if: "${{ steps.metadata.outputs.update-type ==
'version-update:semver-minor' ||
steps.metadata.outputs.update-type ==
'version-update:semver-patch' }}"
run: gh pr merge --auto --squash "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
57 changes: 57 additions & 0 deletions .github/workflows/nodejs-test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: Node.js CI

on: [push, pull_request]

env:
CI: true
FORCE_COLOR: 2
NODE_COV: 16 # The Node.js version to run coveralls on

jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: 16
cache: npm
- run: npm ci
- run: npm run lint

test:
name: Node ${{ matrix.node }}
runs-on: ubuntu-latest

strategy:
fail-fast: false
matrix:
node:
- 10
- 12
- 14
- 16

steps:
- uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node }}
cache: npm
- run: npm ci
- run: npm run build --if-present

- name: Run Jest
run: npm run test:jest
if: matrix.node != env.NODE_COV

- name: Run Jest with coverage
run: npm run test:jest -- --coverage
if: matrix.node == env.NODE_COV

- name: Run Coveralls
uses: coverallsapp/github-action@master
if: matrix.node == env.NODE_COV
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
6 changes: 0 additions & 6 deletions .travis.yml

This file was deleted.

4 changes: 2 additions & 2 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@
"lib/**/*"
],
"scripts": {
"test": "jest --coverage && npm run lint",
"coverage": "cat coverage/lcov.info | coveralls",
"test": "npm run test:jest && npm run lint",
"test:jest": "jest",
"lint": "npm run lint:es && npm run lint:prettier",
"lint:es": "eslint .",
"lint:prettier": "npm run prettier -- --check",
Expand Down

0 comments on commit e02b4dd

Please sign in to comment.