feat: snyk pipeline #31

	name: CI/CD Pipeline

	on:
	push:
	branches:
	- main

	jobs:
	source:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v3

	build:
	needs: source
	runs-on: ubuntu-latest
	environment: Production
	steps:
	- name: Setup Node.js environment
	uses: actions/setup-node@v2
	with:
	node-version: '18'
	- name: Check for package-lock.json
	id: lockfile
	run: \|
	if [[ -f package-lock.json ]]; then
	echo "::set-output name=exists::true"
	else
	echo "::set-output name=exists::false"
	fi

	- name: Install dependencies
	run: \|
	if [[ "${{ steps.lockfile.outputs.exists }}" == "true" ]]; then
	npm ci
	else
	npm install
	fi
	- name: Build
	run: npm run build

	test:
	needs: build
	runs-on: ubuntu-latest
	steps:
	- name: Run tests
	run: npm test

	security:
	needs: test
	runs-on: ubuntu-latest
	steps:
	- name: Run Snyk to check for vulnerabilities
	uses: snyk/actions/[email protected]
	with:
	args: --severity-threshold=high
	fail-on-issues: true # This will make the workflow fail if issues are found

	notify:
	needs: security
	runs-on: ubuntu-latest
	environment: Production
	if: failure() # This job will only run if the previous job fails
	steps:
	- name: Send failure notification
	uses: dawidd6/action-send-mail@v3
	with:
	server_address: smtp.gmail.com
	server_port: 465
	username: ${{secrets.MAIL_USERNAME}}
	password: ${{secrets.MAIL_PASSWORD}}
	subject: CI/CD Pipeline failed
	to: ${{secrets.MAIL}}
	body: The pipeline has failed. Please check the GitHub Actions output.

Provide feedback