Skip to content

chore(deps): update pre-commit hook gitleaks/gitleaks to v8.23.2 #1853

chore(deps): update pre-commit hook gitleaks/gitleaks to v8.23.2

chore(deps): update pre-commit hook gitleaks/gitleaks to v8.23.2 #1853

Workflow file for this run

name: Continous Integration
on:
pull_request:
branches: [develop, main]
workflow_dispatch:
jobs:
eslint:
name: "Run ESLint"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4
with:
node-version: 20
- name: Install dependencies
run: npm ci
- name: Run ESLint
run: npm run lint
playwright:
name: "Playwright Tests"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf # v45
with:
files: |
package.json
package-lock.json
src/**
tests/**
**.js
**.ts
- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4
if: steps.changed-files.outputs.any_modified == 'true'
with:
node-version: 18
- name: Install dependencies
if: steps.changed-files.outputs.any_modified == 'true'
run: npm ci
- name: Install Playwright Browsers
if: steps.changed-files.outputs.any_modified == 'true'
run: npx playwright install --with-deps
- name: Build standalone nextjs server for testing
if: steps.changed-files.outputs.any_modified == 'true'
run: npm run build
- name: Run Playwright tests
if: steps.changed-files.outputs.any_modified == 'true'
run: npm run test:e2e --debug
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
if: steps.changed-files.outputs.any_modified == 'true'
with:
name: playwright-report
path: playwright-report/
retention-days: 30
scan:
name: Vulnerability scan
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Build an image from Dockerfile
run: |
docker build -t ghcr.io/bl4ko/netbox-ssot:${{ github.sha }} .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db
with:
image-ref: "ghcr.io/bl4ko/netbox-ssot:${{ github.sha }}"
format: "table"
exit-code: "1"
ignore-unfixed: true
vuln-type: "os,library"
severity: "CRITICAL,HIGH"