Skip to content
PR Validation

XSS Vulnerability and API Version fix #182

Sign in to view logs

XSS Vulnerability and API Version fix

XSS Vulnerability and API Version fix #182

Workflow file for this run

.github/workflows/pr.yml at 9813138
# Unique name for this workflow
name: PR Validation
# Definition when the workflow should run
on:
pull_request:
types: [edited, opened, synchronize, reopened, review_requested]
paths:
- 'sfdx-source/**'
- 'pmd/**'
- 'config/**'
- 'data/**'
workflow_dispatch:
concurrency:
group: pr-tests-${{ github.ref }}-1
cancel-in-progress: true
# Jobs to be executed
jobs:
check-pmd:
runs-on: ubuntu-latest
if: ${{ github.actor != 'dependabot[bot]' }}
steps:
# Checkout the source code
- name: 'Checkout source code'
uses: actions/checkout@v3
# Install PMD
- name: 'Install PMD'
run: |
PMD_VERSION=$(curl -s https://api.github.com/repos/pmd/pmd/releases/latest | grep '.tag_name' | sed 's:.*/::' | sed 's:",::')
wget https://github.com/pmd/pmd/releases/download/pmd_releases%2F$PMD_VERSION/pmd-dist-$PMD_VERSION-bin.zip
unzip pmd-dist-$PMD_VERSION-bin.zip -d ~
mv ~/pmd-bin-$PMD_VERSION ~/pmd
~pmd/bin/pmd --version
# Run PMD scan
- name: 'Run PMD scan'
run: ~pmd/bin/pmd -d sfdx-source -R pmd/deployRules.xml -f text --cache .pmdCache --minimum-priority 2
test-run:
runs-on: ubuntu-latest
needs: check-pmd
steps:
- name: 'Checkout source code'
uses: actions/checkout@v3
# Install Salesforce CLI
- name: 'Install Salesforce sfdx CLI'
run: |
npm install sfdx-cli --location=global
nodeInstallPath=$(npm config get prefix)
echo "$nodeInstallPath/bin" >> $GITHUB_PATH
sfdx --version
- name: 'Install Salesforce sf CLI'
run: |
npm install @salesforce/cli --global
sf --version
# Store secret for dev hub
- name: 'Populate auth file with DEVHUB_SFDX_URL secret'
shell: bash
run: |
echo ${{ secrets.DEVHUB_SFDX_URL}} > ./DEVHUB_SFDX_URL.txt
secretFileSize=$(wc -c "./DEVHUB_SFDX_URL.txt" | awk '{print $1}')
if [ $secretFileSize == 1 ]; then
echo "Missing DEVHUB_SFDX_URL secret. Is this workflow running on a fork?";
exit 1;
fi
# Authenticate dev hub
- name: 'Authenticate Dev Hub'
run: sf org login sfdx-url --sfdx-url-file ./DEVHUB_SFDX_URL.txt --alias devhub --set-default-dev-hub
# Add namespace to project config
- name: Add namespace to project config
run: |
sed -i 's,"namespace": "","namespace": "LabsActionPlans",' sfdx-project.json
# Create scratch org
- name: 'Create scratch org'
#run: sfdx force:org:create -f config/project-scratch-def.json -a ActionPlans -s -d 1 -w 20 --no-ancestors
run: sf org create scratch --definition-file config/project-scratch-def.json --alias ActionPlans --set-default --no-ancestors --duration-days 1 --wait 20 --target-dev-hub devhub
# Deploy source to scratch org
- name: 'Push source to scratch org'
#run: sfdx force:source:push
run: sf deploy metadata --target-org ActionPlans
# Assign permissionset
- name: 'Assign permissionset to default user'
#run: sfdx force:user:permset:assign -n Action_Plans_Admin
run: sf org assign permset --name Action_Plans_Admin --target-org ActionPlans
# Run Apex tests in scratch org
- name: 'Run Apex tests'
#run: sfdx force:apex:test:run --codecoverage --detailedcoverage --resultformat human -l RunLocalTests --wait 20 --outputdir ./
run: sf apex run test --code-coverage --detailed-coverage --result-format human --wait 20 --test-level RunLocalTests --output-dir ./
# Upload code coverage to Codecov.io
- name: 'Upload code coverage for Apex to Codecov.io'
uses: codecov/codecov-action@v3
with:
flags: Apex
token: ${{ secrets.CODECOV_TOKEN }}
# Housekeeping
- name: 'Delete scratch org'
if: always()
run: sf org delete scratch --no-prompt --target-org ActionPlans
# Remove namespace from project config
- name: Remove namespace from project config
run: |
sed -i 's,"namespace": "LabsActionPlans","namespace": "",' sfdx-project.json