Gandalf/sofarr
1
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases 15 Wiki Activity
Files
a05aaf8d71cf11f2ddb7dd141fae4a6e154a0dd0
sofarr/.gitea/workflows/ci.yml
Gronod 0d4b169c79
All checks were successful
Build and Push Docker Image / build (push) Successful in 22s
Details
CI / Security audit (push) Successful in 37s
Details
CI / Tests & coverage (push) Successful in 1m11s
Details
ci: downgrade upload-artifact to v3 (v4+ not supported on Gitea GHES)
2026-05-17 09:11:18 +01:00

63 lines
1.5 KiB
YAML
Raw Blame History

name: CI
on:
push:
branches: ["**"]
pull_request:
branches: ["**"]
jobs:
audit:
name: Security audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: "22"
cache: "npm"
- name: Install dependencies
run: npm ci
- name: Run security audit (fail on high+)
run: npm audit --audit-level=high
- name: Check for critical vulnerabilities
run: npm audit --audit-level=critical --json | jq -e '.metadata.vulnerabilities.critical == 0' || (echo "Critical vulnerabilities found!" && exit 1)
continue-on-error: false
test:
name: Tests & coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: "22"
cache: "npm"
- name: Install dependencies
run: npm ci
- name: Run tests with coverage
run: npm run test:coverage
env:
# Required by tokenStore (writable temp dir in CI)
DATA_DIR: /tmp/sofarr-ci-data
# Disable rate limiters so integration tests don't hit 429s
SKIP_RATE_LIMIT: "1"
NODE_ENV: test
- name: Upload coverage report
uses: actions/upload-artifact@v3
if: always()
with:
name: coverage-report
path: coverage/
retention-days: 14
Reference in New Issue View Git Blame Copy Permalink