Skip to content
backoffice service ci

[Snyk] Fix for 3 vulnerabilities #706

Sign in to view logs

[Snyk] Fix for 3 vulnerabilities

[Snyk] Fix for 3 vulnerabilities #706

Workflow file for this run

.github/workflows/backoffice-ci.yaml at babda2b
name: backoffice service ci
on:
push:
branches: [ "main" ]
paths:
- "backoffice/**"
- ".github/workflows/actions/action.yaml"
- ".github/workflows/backoffice-ci.yaml"
pull_request:
branches: [ "main" ]
paths:
- "backoffice/**"
- ".github/workflows/actions/action.yaml"
- ".github/workflows/backoffice-ci.yaml"
workflow_dispatch:
jobs:
Build:
runs-on: ubuntu-latest
env:
FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- uses: actions/setup-node@v4
with:
node-version: 20
- run: npm ci
working-directory: backoffice
- run: npm run build
working-directory: backoffice
- run: npm run lint
working-directory: backoffice
- run: npx prettier --check .
working-directory: backoffice
- name: SonarCloud Scan
if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }}
uses: SonarSource/sonarcloud-github-action@master
with:
projectBaseDir: backoffice
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Log in to the Container registry
if: ${{ github.ref == 'refs/heads/main' }}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push Docker images
if: ${{ github.ref == 'refs/heads/main' }}
uses: docker/build-push-action@v6
with:
context: ./backoffice
push: true
tags: ghcr.io/nashtech-garage/yas-backoffice:latest