Skip to content
Analysis

Trigger the openingDetails popup and store the info in postgres acting as opening view history for the users, and track openings later #1280

Sign in to view logs

Trigger the openingDetails popup and store the info in postgres acting as opening view history for the users, and track openings later

Trigger the openingDetails popup and store the info in postgres acting as opening view history for the users, and track openings later #1280

Workflow file for this run

.github/workflows/analysis.yml at ce4f6bf
name: Analysis
on:
pull_request:
types: [opened, reopened, synchronize, ready_for_review, converted_to_draft]
push:
branches: [main]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
tests-backend:
name: Tests (Backend)
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-24.04
steps:
- uses: bcgov-nr/[email protected]
with:
commands: mvn --no-transfer-progress clean compile verify package checkstyle:checkstyle -P all-tests
dir: backend
java-cache: maven
java-distribution: temurin
java-version: 21
sonar_args: >
-Dsonar.exclusions=**/configuration/**,**/dto/**,**/entity/**,**/exception/**,**/job/**,**/*$*Builder*,**/ResultsApplication.*,**/*Constants.*,
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.project.monorepo.enabled=true
-Dsonar.projectKey=nr-silva-backend
sonar_token: ${{ secrets.SONAR_TOKEN_BACKEND }}
# Only use triggers for PRs
triggers: ${{ github.event_name == 'pull_request' && '("backend/")' || '' }}
lint-frontend:
name: Lint (Frontend)
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-24.04
steps:
- uses: bcgov-nr/[email protected]
with:
commands: |
npm ci
npm run lint || true
dir: frontend
node_version: "20"
# Only use triggers for PRs
triggers: ${{ github.event_name == 'pull_request' && '("frontend/")' || '' }}
tests-frontend:
name: Tests (Frontend)
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-24.04
steps:
- uses: bcgov-nr/[email protected]
with:
commands: |
npm ci
npm run test:coverage
dir: frontend
node_version: "20"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=nr-silva-frontend
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info
-Dsonar.typescript.tsconfigPaths=tsconfig.json
-Dsonar.sources=src/
-Dsonar.exclusions=src/__test__/**
-Dsonar.tests=src/__test__/
-Dsonar.project.monorepo.enabled=true
sonar_token: ${{ secrets.SONAR_TOKEN_FRONTEND }}
# Only use triggers for PRs
triggers: ${{ github.event_name == 'pull_request' && '("frontend/")' || '' }}
codeql:
name: CodeQL
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v3
- uses: actions/setup-java@v4
with:
distribution: "oracle"
java-version: "21"
- uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- run: |
# Exclude file and build
rm InstallCert.java
./mvnw package -DskipTests
ls -la
working-directory: backend
- uses: github/codeql-action/analyze@v3
# https://github.com/marketplace/actions/aqua-security-trivy
trivy:
name: Trivy Security Scan
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/[email protected]
with:
format: "sarif"
output: "trivy-results.sarif"
ignore-unfixed: true
scan-type: "fs"
scanners: "vuln,secret,config"
severity: "CRITICAL,HIGH"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: "trivy-results.sarif"