fix(cli): resolve vm2 security vulnerability (#5070) #70
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CD | |
on: | |
push: | |
branches: | |
- stable | |
permissions: | |
contents: write | |
id-token: write | |
packages: write | |
jobs: | |
build: | |
name: Build, Test, and Deploy | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
registry-url: https://registry.npmjs.org/ | |
cache: npm | |
cache-dependency-path: '**/package.json' | |
- run: npm install | |
- run: npm run bootstrap | |
- run: npm run publish:ci | |
env: | |
GIT_AUTHOR_NAME: Ionitron | |
GIT_AUTHOR_EMAIL: hi@ionicframework.com | |
GIT_COMMITTER_NAME: Ionitron | |
GIT_COMMITTER_EMAIL: hi@ionicframework.com | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Sleep while npm takes its time | |
run: sleep 20 | |
- name: GitHub Container Registry Login | |
run: echo ${{ github.token }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Build Container | |
run: | | |
docker build \ | |
--build-arg IONIC_CLI_VERSION=$(npm info @ionic/cli dist-tags.latest) \ | |
--tag ghcr.io/${{ github.repository }}:latest \ | |
--tag ghcr.io/${{ github.repository}}:$(npm info @ionic/cli dist-tags.latest) \ | |
. | |
- name: Push Container as latest | |
run: docker push ghcr.io/${{ github.repository }}:latest | |
- name: Push Container as version | |
run: docker push ghcr.io/${{ github.repository }}:$(npm info @ionic/cli dist-tags.latest) |