[Snyk] Security upgrade ip from 1.1.5 to 1.1.9 #44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request_target: | |
| branches: | |
| - develop | |
| - master | |
| push: | |
| branches: | |
| - develop | |
| - master | |
| jobs: | |
| cancel-previous: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Cancel Previous Runs | |
| uses: styfle/cancel-workflow-action@ce177499ccf9fd2aded3b0426c97e5434c2e8a73 | |
| with: | |
| access_token: ${{ github.token }} | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: cancel-previous | |
| outputs: | |
| comment: ${{ steps.comment.outputs.body }} | |
| commentSlack: ${{ steps.comment.outputs.bodySlack }} | |
| commentSlackAuthor: ${{ steps.comment.outputs.bodySlackAuthor }} | |
| slackAuthor: ${{ steps.comment.outputs.slackAuthor }} | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| persist-credentials: false | |
| - uses: actions/setup-node@main | |
| with: | |
| node-version: 12.x | |
| - name: get yarn cache | |
| id: yarn-cache | |
| run: echo "::set-output name=dir::$(yarn cache dir)" | |
| - uses: actions/cache@v2 | |
| with: | |
| path: ${{ steps.yarn-cache.outputs.dir }} | |
| key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-yarn- | |
| - name: install dependencies | |
| run: yarn --frozen-lockfile | |
| - name: run code checks | |
| run: yarn ci 2>lint.txt | |
| - name: Read lint output | |
| id: lint | |
| if: always() | |
| uses: juliangruber/read-file-action@e0a316da496006ffd19142f0fd594a1783f3b512 | |
| with: | |
| path: ./lint.txt | |
| - name: check build | |
| if: always() | |
| run: export INSTRUMENT_BUILD=true && sudo --preserve-env=INSTRUMENT_BUILD yarn build | |
| - name: start electron webdriver | |
| if: always() | |
| run: yarn start-electron-webdriver -d | |
| - uses: nev7n/wait_for_response@7fef3c1a6e8939d0b09062f14fec50d3c5d15fa1 | |
| if: always() | |
| with: | |
| url: 'http://localhost:9515/' | |
| responseCode: 404 | |
| timeout: 600000 | |
| interval: 1000 | |
| - name: run spectron | |
| if: always() | |
| run: yarn spectron --no-color 2>output.txt | |
| - name: Read test output | |
| id: spectron | |
| if: always() | |
| uses: juliangruber/read-file-action@e0a316da496006ffd19142f0fd594a1783f3b512 | |
| with: | |
| path: ./output.txt | |
| - name: run coverage generation | |
| if: always() | |
| run: yarn spectron-coverage | |
| env: | |
| CODECOV_TOKEN: ${{secrets.CODECOV_TOKEN}} | |
| - name: upload diffs to imgur | |
| if: always() | |
| uses: ./.github/actions/upload-images | |
| id: imgur | |
| with: | |
| path: tests/specs/__image_snapshots__/__diff_output__ | |
| - name: clean diff | |
| if: always() | |
| run: rm -f tests/specs/__image_snapshots__/__diff_output__/*.png | |
| - name: upload ci suggested screenshots | |
| uses: actions/upload-artifact@v2 | |
| if: always() | |
| with: | |
| name: ci-suggested-screenshots | |
| path: tests/specs/__image_snapshots__/__diff_output__/ | |
| - name: generate imgChanged | |
| run: | | |
| git remote add ledger https://github.com/LedgerHQ/ledger-live-desktop.git | |
| git fetch ledger | |
| git diff --name-only ledger/${{github.base_ref}}..${{github.event.pull_request.head.sha}} -- tests/specs/__image_snapshots__ >imgChanged.txt | |
| if: always() && github.event_name == 'pull_request_target' | |
| - name: Read imgChanged output | |
| id: imgChanged | |
| if: always() && github.event_name == 'pull_request_target' | |
| uses: juliangruber/read-file-action@e0a316da496006ffd19142f0fd594a1783f3b512 | |
| with: | |
| path: ./imgChanged.txt | |
| - name: prepare comment body | |
| if: always() | |
| id: comment | |
| uses: ./.github/actions/prepare-comment-body | |
| with: | |
| images: ${{ steps.imgur.outputs.images }} | |
| fullrepo: ${{ github.repository }} | |
| runId: ${{ github.run_id }} | |
| testoutput: ${{ steps.spectron.outputs.content }} | |
| lintoutput: ${{ steps.lint.outputs.content }} | |
| author: ${{github.event.sender.login}} | |
| pullId: ${{github.event.number}} | |
| imgChanged: ${{steps.imgChanged.outputs.content}} | |
| from: ${{github.base_ref}} | |
| to: ${{github.event.pull_request.head.sha}} | |
| - name: display comment | |
| if: always() | |
| id: displaycomment | |
| env: | |
| BODY: ${{ steps.comment.outputs.body }} | |
| run: echo "$BODY" | |
| post-comment: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: always() && needs.test.result != 'cancelled' | |
| steps: | |
| - name: post comment | |
| uses: mshick/add-pr-comment@5cd99bf9c186219af43341076f1fe9c09e5a9934 | |
| with: | |
| message: ${{ needs.test.outputs.comment }} | |
| allow-repeats: true | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Send message to Slack channel | |
| uses: archive/[email protected] | |
| if: github.event_name == 'push' && needs.test.outputs.commentSlack != '' | |
| id: notify | |
| with: | |
| slack-bot-user-oauth-access-token: ${{ secrets.SLACK_BOT_USER_OAUTH_ACCESS_TOKEN }} | |
| slack-channel: live-internal-desktop | |
| slack-text: ${{ needs.test.outputs.commentSlack }} | |
| - name: Send message to Slack author | |
| uses: archive/[email protected] | |
| if: github.event_name == 'pull_request_target' && needs.test.outputs.slackAuthor != '' | |
| id: notifyauthor | |
| with: | |
| slack-bot-user-oauth-access-token: ${{ secrets.SLACK_BOT_USER_OAUTH_ACCESS_TOKEN }} | |
| slack-channel: ${{ needs.test.outputs.slackAuthor }} | |
| slack-text: ${{ needs.test.outputs.commentSlackAuthor }} |