Skip to content

[Snyk] Fix for 3 vulnerabilities #121

[Snyk] Fix for 3 vulnerabilities

[Snyk] Fix for 3 vulnerabilities #121

Workflow file for this run

name: MyCryptoBuilds PR
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: 'us-east-1'
on:
pull_request:
branches:
- '*'
jobs:
Sha:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v1
## Set sha in env for pathPrefix
- name: Set SHA number
run: echo "GITHUB_SHA=$GITHUB_SHA" >> $GITHUB_ENV
shell: bash
- name: Retrieve engines' versions from package.json to env variables
id: engines
run: echo "##[set-output name=NVMRC;]$(cat package.json | grep '\"node\":' | sed 's/^ *//;s/ *$//;s/\"node\":\ \"//;s/\",//' )"
- name: Setup node ${{ steps.engines.outputs.NODE_VERSION }}
uses: actions/setup-node@main
with:
node-version: ${{ steps.engines.outputs.NODE_VERSION }}
- name: Cache depedendencies
id: cache
uses: actions/cache@v1
with:
path: node_modules
## Check cache based on yarn.lock hashfile
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-${{ env.cache-name }}-
${{ runner.os }}-yarn-
${{ runner.os }}-
- name: Install dependencies
## If no cache is found, install dependencies
if: steps.cache.outputs.cache-hit != 'true'
run: yarn
- name: yarn build sha-build - pr
if: github.event_name == 'pull_request'
run: yarn build:staging
env:
PATH_PREFIX: '/${{ github.event.pull_request.head.sha }}'
- name: yarn build sha-build - push
if: github.event_name == 'push'
run: yarn build:staging
env:
PATH_PREFIX: '/${{ env.GITHUB_SHA }}'
- name: S3 Sync - SHA Push
uses: jakejarvis/[email protected]
if: github.event_name == 'push'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --exclude '.git/*'
env:
DEST_DIR: ${{ env.GITHUB_SHA }}
SOURCE_DIR: 'public'
- name: S3 Sync - SHA PR
uses: jakejarvis/[email protected]
if: github.event_name == 'pull_request'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --exclude '.git/*'
env:
DEST_DIR: ${{ github.event.pull_request.head.sha }}
SOURCE_DIR: 'public'
Pr:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v1
# Fetch the PR number to use it with AWS
- name: Set PR_NUMBER
run: |
PR_NUMBER=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')
echo "PR_NUMBER=$PR_NUMBER" >> $GITHUB_ENV
- name: Set E2E_BASE_URL
if: github.ref != 'refs/heads/master'
run: |
E2E_BASE_URL=$( echo https://landing.mycryptobuilds.com/pr/${PR_NUMBER}/# )
echo $E2E_BASE_URL
echo "E2E_BASE_URL=$E2E_BASE_URL" >> $GITHUB_ENV
- name: Retrieve engines' versions from package.json to env variables
id: engines
run: echo "##[set-output name=NVMRC;]$(cat package.json | grep '\"node\":' | sed 's/^ *//;s/ *$//;s/\"node\":\ \"//;s/\",//' )"
- name: Setup node ${{ steps.engines.outputs.NODE_VERSION }}
uses: actions/setup-node@main
with:
node-version: ${{ steps.engines.outputs.NODE_VERSION }}
- name: Cache depedendencies
id: cache
uses: actions/cache@v1
with:
path: node_modules
## Check cache based on yarn.lock hashfile
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-${{ env.cache-name }}-
${{ runner.os }}-yarn-
${{ runner.os }}-
- name: Install dependencies
## If no cache is found, install dependencies
if: steps.cache.outputs.cache-hit != 'true'
run: yarn
- name: yarn build pr
if: github.event_name == 'pull_request'
run: yarn build:staging
env:
PATH_PREFIX: '/pr/${{ env.PR_NUMBER }}'
- name: S3 Sync - PR Number
uses: jakejarvis/[email protected]
if: github.event_name == 'pull_request'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --delete --exclude '.git/*'
env:
DEST_DIR: 'pr/${{ env.PR_NUMBER }}'
SOURCE_DIR: 'public'
- name: Mycrypto-bot trigger
if: github.event_name == 'pull_request'
run: aws sns publish --topic-arn ${{ secrets.SNS_TOPIC_MYCRYPTO_BOT }} --region us-east-2 --message $(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')
# Launch E2E tests. When in pull request it runs against the PR's mycryptobuilds url.
- name: E2E - run
if: github.event_name == 'pull_request'
run: yarn test:e2e