From cd4163eb1407aab0b3148f91b0b9c26276b96c6b Mon Sep 17 00:00:00 2001 From: Jake Lacey Date: Fri, 2 Dec 2022 09:15:31 +0000 Subject: [PATCH] chore(ci): configure Github Actions jobs for Tests & Security Scanning (#856) * chore: add github actions test job * chore: configure semgrep ci job --- .github/workflows/ci.yml | 26 ++++++++++++++++++++++++++ .github/workflows/semgrep.yml | 18 ++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/semgrep.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..67a8de5 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,26 @@ +name: Tests + +on: push + +jobs: + build: + runs-on: ubuntu-latest + + strategy: + matrix: + node-version: [12.x, 14.x, 15.x, 16.x, 18.x] + # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ + + steps: + - uses: actions/checkout@v2 + + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v1 + with: + node-version: ${{ matrix.node-version }} + + - name: Install dependencies + run: npm install + + - name: Test execution + run: npm test diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml new file mode 100644 index 0000000..1ba433d --- /dev/null +++ b/.github/workflows/semgrep.yml @@ -0,0 +1,18 @@ +name: Semgrep + +on: + pull_request_target: {} + push: + branches: ["master", "main"] +jobs: + semgrep: + name: Scan + runs-on: ubuntu-latest + container: + image: returntocorp/semgrep + if: (github.actor != 'dependabot[bot]' && github.actor != 'snyk-bot') + steps: + - uses: actions/checkout@v3 + - run: semgrep ci + env: + SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}