This repository was archived by the owner on Jun 13, 2026. It is now read-only.
build(deps): bump qs from 6.15.1 to 6.15.2 in the npm_and_yarn group across 1 directory #363
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| types: [opened, synchronize, reopened] | |
| jobs: | |
| quality: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 # For SonarQube to have full history | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 24 | |
| - name: npm cache | |
| uses: actions/cache@v5 | |
| with: | |
| path: node_modules | |
| key: ${{ runner.os }}-node-modules-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node-modules- | |
| - name: Dependencies installation | |
| run: npm install | |
| - name: Linting | |
| run: npm run lint | |
| - name: Unit tests | |
| run: npm run test:cov | |
| - name: SonarQube Scan | |
| uses: SonarSource/sonarqube-scan-action@v7 | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
| # Optionnel : Fail si Quality Gate rouge | |
| # - uses: SonarSource/sonarqube-quality-gate-action@v1 | |
| # timeout-minutes: 5 | |
| # env: | |
| # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| - name: Retire | |
| run: npx retire | |
| - name: Audit deps (prod) | |
| run: npm audit -R --environment production | |
| - name: Audit deps (dev) | |
| run: npm audit --environment development || true | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| needs: quality | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 24 | |
| - name: npm cache | |
| uses: actions/cache@v5 | |
| with: | |
| path: node_modules | |
| key: ${{ runner.os }}-node-modules-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node-modules- | |
| - name: Dependencies installation | |
| run: npm install | |
| - name: Extract package.json version | |
| id: pkg | |
| run: echo "version=$(jq -r .version package.json)" >> "$GITHUB_OUTPUT" | |
| - name: Prepare image name | |
| id: image | |
| run: | | |
| owner_lc=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]') | |
| echo "name=ghcr.io/$owner_lc/backend-node" >> "$GITHUB_OUTPUT" | |
| # multi-arch build | |
| - name: Setup Docker Buildx | |
| uses: docker/setup-buildx-action@v4 | |
| - name: Connection to GitHub Container Registry | |
| uses: docker/login-action@v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: multi-arch Build and push Docker image | |
| uses: docker/build-push-action@v7 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name == 'push' }} | |
| tags: | | |
| ${{ steps.image.outputs.name }}:latest | |
| ${{ steps.image.outputs.name }}:${{ steps.pkg.outputs.version }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Verify build status | |
| run: | | |
| if [ "${{ github.event_name }}" == "push" ]; then | |
| echo "✅ Image built and pushed on GHCR." | |
| echo "Image pushed:" | |
| echo "${{ steps.image.outputs.name }}:latest" | |
| echo "${{ steps.image.outputs.name }}:${{ steps.pkg.outputs.version }}" | |
| else | |
| echo "🧪 Image built but not pushed (tests PR)" | |
| fi |