-
Notifications
You must be signed in to change notification settings - Fork 1
87 lines (72 loc) · 1.89 KB
/
sca.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# EXIP Git Hub Actions
#####################################
# This GHA performs SCA amongst following remits:
# 1. Code quality
# 2. Code coverage
# 3. Vulnerabilities
# 4. Licensing
name: Source Code Analysis
run-name: Executing various SCAs on ${{ github.repository }} 🔍️
on:
pull_request:
branches: [main, main-*]
env:
environment: 'qa'
timezone: ${{ vars.TIMEZONE }}
jobs:
# 1. Setup test infrastructure
setup:
name: Infrastructure setup 🔧
runs-on: ubuntu-latest
outputs:
environment: ${{ env.environment }}
timezone: ${{ env.timezone }}
steps:
- name: Environment 🧪
run: echo "Environment set to ${{ env.environment }}"
- name: Timezone 🌐
run: echo "Timezone set to ${{ env.timezone }}"
# 2. Code quality - SCA
codacy:
name: Codacy 🔖
needs: setup
environment:
name: ${{ needs.setup.outputs.environment }}
runs-on: ubuntu-latest
steps:
- name: Repository
uses: actions/checkout@v4
- name: Codacy
uses: codacy/codacy-analysis-cli-action@master
with:
verbose: true
# 3. Code quality - Spell check
spell:
name: Spelling 📚
needs: setup
environment:
name: ${{ needs.setup.outputs.environment }}
runs-on: ubuntu-latest
steps:
- name: Repository
uses: actions/checkout@v4
- name: Dependencies
working-directory: ./
run: npm run ci:all
- name: Spell check
working-directory: ./
run: npm run spellcheck
# 4. Licensing - SCA
license:
name: Licensing ✏️
needs: setup
environment:
name: ${{ needs.setup.outputs.environment }}
runs-on: ubuntu-latest
steps:
- name: Repository
uses: actions/checkout@v4
- name: Fossa
uses: fossas/fossa-action@main
with:
api-key: ${{ secrets.FOSSA_API_KEY }}