Skip to content

build(deps): bump github/codeql-action from 3.28.2 to 3.28.3 #2982

build(deps): bump github/codeql-action from 3.28.2 to 3.28.3

build(deps): bump github/codeql-action from 3.28.2 to 3.28.3 #2982

Workflow file for this run

name: Build, lint and Test
on:
pull_request:
types: [opened, synchronize, reopened, closed]
branches:
- main
permissions:
contents: read
pull-requests: write
jobs:
build:
name: Azure NextJS Web App
if: github.repository == 'jerensl/www.jerenslensun.com'
uses: ./.github/workflows/build.yml
secrets: inherit
lint:
name: Linter check
if: github.repository == 'jerensl/www.jerenslensun.com'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/[email protected]
with:
egress-policy: audit
- name: Checkout repository
uses: actions/[email protected]
- name: Install pnpm
uses: pnpm/[email protected]
with:
version: 9
run_install: false
- name: Setup Node.js 18.x
uses: actions/[email protected]
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
- name: Install locked dependencies
run: pnpm install --frozen-lockfile --prefer-offline
- name: Lint files
run: pnpm lint
env:
CI: true
type-check:
name: Type check
if: github.repository == 'jerensl/www.jerenslensun.com'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/[email protected]
with:
egress-policy: audit
- name: Checkout repository
uses: actions/[email protected]
- name: Install pnpm
uses: pnpm/[email protected]
with:
version: 9
run_install: false
- name: Setup Node.js 18.x
uses: actions/[email protected]
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
- name: Install locked dependencies
run: pnpm install --frozen-lockfile --prefer-offline
- name: Perform type checking
run: pnpm type-check
env:
CI: true
test:
name: Unit and integration tests
if: github.repository == 'jerensl/www.jerenslensun.com'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/[email protected]
with:
egress-policy: audit
- name: Checkout repository
uses: actions/[email protected]
- name: Install pnpm
uses: pnpm/[email protected]
with:
version: 9
run_install: false
- name: Setup Node.js 18.x
uses: actions/[email protected]
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
- name: Install locked dependencies
run: pnpm install --frozen-lockfile --prefer-offline
- name: Check Code Coverage
run: pnpm test:coverage
- name: Upload code coverage to artifact
uses: actions/[email protected]
with:
name: jest-code-coverage
path: coverage
retention-days: 14
azure_deploy_staging:
name: Azure Static Web App deployment staging
if: github.repository == 'jerensl/www.jerenslensun.com'
needs: [build, lint, type-check]
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: write # for Azure/static-web-apps-deploy to comment on PRs
uses: ./.github/workflows/azure.yml
secrets: inherit
lhci:
if: >
github.repository == 'jerensl/www.jerenslensun.com' &&
contains(github.event.pull_request.labels.*.name, 'need-perf-check')
needs: azure_deploy_staging
uses: ./.github/workflows/lighthouse.yml
secrets: inherit
with:
static_web_url: ${{ needs.azure_deploy_staging.outputs.static_web_app_url }}