44r0n7/privacy.sexy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

automated using bump-everywhere + more quality checks (#8)

Browse Source 
- new workflows
- linting commands & linted stuff
- security checks & fixed audited vulnerabilities
- updated documentation
This commit is contained in:
undergroundwires
2020-05-23 19:13:01 +00:00
parent 997be7113f
commit 4a91e8ccd8
13 changed files with 3110 additions and 1191 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
.github/workflows/bump-and-release.yaml vendored Normal file
View File

@@ -0,0 +1,23 @@
name: Bump & release
on:
pull_request:
types: [closed]
branches:
- master
push: # Ensure a new release is created for each new tag
tags:
- '[0-9]+.[0-9]+.[0-9]+'
jobs:
bump-version-and-release:
if: > # Push => Ensure only changes from master. PR => to not trigger when closing PR without merging
(github.event_name == 'push' && github.event.base_ref == 'refs/heads/master')
|| github.event.pull_request.merged == true
runs-on: ubuntu-latest
steps:
-
uses: undergroundwires/bump-everywhere@master
with:
user: undergroundwires-bot
release-token: ${{secrets.BUMP_GITHUB_PAT}} # Does not trigger release pipeline if we use default token: https://github.community/t5/GitHub-Actions/Github-Action-trigger-on-release-not-working-if-releases-was/td-p/34559

27
.github/workflows/build-and-deploy.yaml → .github/workflows/deploy.yaml vendored
View File

@@ -1,31 +1,11 @@
name: Build & deploy
on:
push:
branches:
- master
release:
types: [created] # will be triggered when a NON-draft release is created and published.
jobs:
increase-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: '12.x'
- name: Setup GIT
run: |
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
git config user.name "$GITHUB_ACTOR"
- name: Install and Publish
run: |
npm version patch -m "🚀 upgraded to %s"
git push --set-upstream origin master && git push --tags
env:
NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
build-and-deploy:
needs: increase-version
runs-on: ubuntu-latest
steps:
-
@@ -98,11 +78,12 @@ jobs:
uses: actions/checkout@v2
with:
path: site
ref: master # otherwise we don't get version bump commit
-
name: "App: Setup node"
uses: actions/setup-node@v1
with:
node-version: '12.x'
node-version: '14.x'
-
name: "App: Install dependencies"
run: npm install

37
.github/workflows/quality-checks.yaml vendored Normal file
View File

@@ -0,0 +1,37 @@
name: Quality checks
on:
pull_request:
branches:
- master
jobs:
lint:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Setup node
uses: actions/setup-node@v1
with:
node-version: 14.x
-
name: Install dependencies
run: npm ci
-
name: Lint vue
run: npm run lint:vue
-
name: Lint yaml
run: npm run lint:yaml
-
name: 'Validate md: Relative URLs'
run: npm run lint:md:relative-urls
-
name: 'Validate md: Enforce standards'
run: npm run lint:md
-
name: 'Validate md: Ensure consistency'
run: npm run lint:md:consistency

24
.github/workflows/security-checks.yaml vendored Normal file
View File

@@ -0,0 +1,24 @@
name: Security checks
on:
pull_request:
branches:
- master
schedule:
- cron: '0 0 * * 0'
jobs:
npm-audit:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Setup node
uses: actions/setup-node@v1
with:
node-version: 14.x
-
name: NPM audit
run: npm audit

13
.github/workflows/run-tests.yaml → .github/workflows/test.yaml vendored
View File

@@ -1,6 +1,9 @@
name: Run tests
name: Test
on: [push, pull_request]
on:
pull_request:
branches:
- master
jobs:
run-tests:
@@ -8,15 +11,15 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v1
uses: actions/checkout@v2
-
name: Setup node
uses: actions/setup-node@v1
with:
node-version: '11.x'
node-version: '14.x'
-
name: Install dependencies
run: npm install
run: npm ci
-
name: Run tests
run: npm run test:unit