NI-182 | Updated fws-app with security recommendations, npmrc & depen… #524

Workflow file for this run

	name: CI

	on: [push, pull_request]
	jobs:
	build:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Install nodejs
	uses: actions/setup-node@v4
	with:
	node-version: "22.x"

	- name: Install node dependencies
	run: npm ci --ignore-scripts

	- name: Run linting and unit tests
	env:
	AD_CLIENT_ID: "${{ secrets.AD_CLIENT_ID }}"
	AD_CLIENT_SECRET: "${{ secrets.AD_CLIENT_SECRET }}"
	AD_COOKIE_PASSWORD: "${{ secrets.AD_COOKIE_PASSWORD }}"
	AD_TENANT: "${{ secrets.AD_TENANT }}"
	FORCE_HTTPS: "${{ secrets.FORCE_HTTPS }}"
	FWS_API: "${{ secrets.FWS_API }}"
	FWS_API_KEY: "${{ secrets.FWS_API_KEY }}"
	FWS_API_URL: "${{ secrets.FWS_API_URL }}"
	FWS_APP_PROXY: "${{ secrets.FWS_APP_PROXY }}"
	run: \|
	npm run test

	- name: Analyse code quality
	uses: sonarsource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 #7.0.0
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	with:
	args: >
	-Dsonar.organization=defra
	-Dsonar.projectKey=DEFRA_fws-app
	-Dsonar.exclusions=/node_modules/,/test/,/test-output/,/service-down/
	-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info
	-Dsonar.javascript.exclusions=/node_modules/,/test/,/test-output/,/mock/,/public/
	-Dsonar.issue.ignore.multicriteria=e1
	-Dsonar.issue.ignore.multicriteria.e1.ruleKey=shell:S5332
	-Dsonar.issue.ignore.multicriteria.e1.resourceKey=**/docker/scripts/update-localstack-url.sh
	- name: Dependency Review
	if: github.event_name == 'pull_request'
	uses: actions/dependency-review-action@v4
	with:
	fail-on-severity: moderate
	comment-summary-in-pr: always

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

NI-182 | Updated fws-app with security recommendations, npmrc & depen… #524

Workflow file

NI-182 | Updated fws-app with security recommendations, npmrc & depen… #524

Uh oh!

Workflow file for this run