Disable npm audit in CI, skip cloud npm install by default

chriswilty · chriswilty · commit 731029b8c02a · 2024-10-22T15:24:15.000+01:00
diff --git a/.github/workflows/backend-checks.yml b/.github/workflows/backend-checks.yml
@@ -34,7 +34,7 @@ jobs:
           cache-dependency-path: './backend/package-lock.json'
       - name: Install dependencies
         run: |
-          npm ci
+          npm ci --no-audit
       - name: Run job
         run: |
           npx eslint .
@@ -58,7 +58,7 @@ jobs:
           cache-dependency-path: './backend/package-lock.json'
       - name: Install dependencies
         run: |
-          npm ci
+          npm ci --no-audit
       - name: Run job
         run: |
           npm run build
diff --git a/.github/workflows/cloud.yml b/.github/workflows/cloud.yml
@@ -35,7 +35,7 @@ jobs:
           cache-dependency-path: './cloud/package-lock.json'
       - name: Install dependencies
         run: |
-          npm ci
+          npm ci --no-audit
       - name: Run job
         run: |
           npm run codecheck
diff --git a/.github/workflows/frontend-checks.yml b/.github/workflows/frontend-checks.yml
@@ -34,7 +34,7 @@ jobs:
           cache-dependency-path: './frontend/package-lock.json'
       - name: Install dependencies
         run: |
-          npm ci
+          npm ci --no-audit
       - name: Run job
         run: |
           npx eslint .
@@ -59,7 +59,7 @@ jobs:
           cache-dependency-path: './frontend/package-lock.json'
       - name: Install dependencies
         run: |
-          npm ci
+          npm ci --no-audit
       - name: Run job
         run: |
           npm run build
diff --git a/.github/workflows/k6-checks.yml b/.github/workflows/k6-checks.yml
@@ -33,7 +33,7 @@ jobs:
           cache-dependency-path: './k6/package-lock.json'
       - name: Install dependencies
         run: |
-          npm ci
+          npm ci --no-audit
       - name: Run job
         run: |
           npx eslint .
diff --git a/cloud/lib/pipeline-stack.ts b/cloud/lib/pipeline-stack.ts
@@ -61,7 +61,7 @@ export class PipelineStack extends Stack {
 		const pipeline = new CodePipeline(this, generateResourceId('pipeline'), {
 			synth: new ShellStep('Synth', {
 				input: sourceCode,
-				installCommands: ['npm ci'],
+				installCommands: ['npm ci', 'cd cloud', 'npm ci --no-audit', 'cd ..'],
 				commands: ['cd cloud', `npm run cdk:synth -- --context STAGE=${stage}`],
 				primaryOutputDirectory: 'cloud/cdk.out',
 			}),
diff --git a/package.json b/package.json
@@ -18,7 +18,7 @@
 		"url": "https://github.com/ScottLogic/prompt-injection/issues"
 	},
 	"scripts": {
-		"postinstall": "concurrently \"cd backend && npm ci --no-audit\" \"cd frontend && npm ci --no-audit\" \"cd cloud && npm ci --no-audit\"",
+		"postinstall": "concurrently \"cd backend && npm ci --no-audit\" \"cd frontend && npm ci --no-audit\"",
 		"build": "concurrently \"cd backend && npm run build\" \"cd frontend && npm run build\"",
 		"start": "cd backend && npm start",
 		"docker:start": "docker compose up -d",
