Executing various SCAs on UK-Export-Finance/exip 🔍️ #6419

Workflow file for this run

	# EXIP Git Hub Actions
	#####################################
	# This GHA performs SCA amongst following remits:
	# 1. Code quality
	# 2. Code coverage
	# 3. Vulnerabilities
	# 4. Licensing

	name: Source Code Analysis
	run-name: Executing various SCAs on ${{ github.repository }} 🔍️

	on:
	pull_request:
	branches: [main, main-*]

	env:
	environment: 'qa'
	timezone: ${{ vars.TIMEZONE }}

	jobs:
	# 1. Setup test infrastructure
	setup:
	name: Infrastructure setup 🔧
	runs-on: ubuntu-latest
	outputs:
	environment: ${{ env.environment }}
	timezone: ${{ env.timezone }}
	steps:
	- name: Environment 🧪
	run: echo "Environment set to ${{ env.environment }}"

	- name: Timezone 🌐
	run: echo "Timezone set to ${{ env.timezone }}"

	# 2. Code quality - SCA
	codacy:
	name: Codacy 🔖
	needs: setup
	environment:
	name: ${{ needs.setup.outputs.environment }}
	runs-on: ubuntu-latest

	steps:
	- name: Repository
	uses: actions/checkout@v4

	- name: Codacy
	uses: codacy/codacy-analysis-cli-action@master
	with:
	verbose: true

	# 3. Code quality - Spell check
	spell:
	name: Spelling 📚
	needs: setup
	environment:
	name: ${{ needs.setup.outputs.environment }}
	runs-on: ubuntu-latest

	steps:
	- name: Repository
	uses: actions/checkout@v4

	- name: Dependencies
	working-directory: ./
	run: npm run ci:all

	- name: Spell check
	working-directory: ./
	run: npm run spellcheck

	# 4. Licensing - SCA
	license:
	name: Licensing ✏️
	needs: setup
	environment:
	name: ${{ needs.setup.outputs.environment }}
	runs-on: ubuntu-latest

	steps:
	- name: Repository
	uses: actions/checkout@v4

	- name: Fossa
	uses: fossas/fossa-action@main
	with:
	api-key: ${{ secrets.FOSSA_API_KEY }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Executing various SCAs on UK-Export-Finance/exip 🔍️ #6419

Workflow file

Executing various SCAs on UK-Export-Finance/exip 🔍️ #6419

Jobs

Run details

Workflow file for this run