This repository has been archived by the owner on Sep 5, 2024. It is now read-only.
fix: override vulnerable ip package #468
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: This workflow runs unit tests and builds PRs targeting `main` | |
| # | |
| # Triggered by: | |
| # (1) Internal PRs: contirubutor pushes a commit to PRs targeting protected branches. | |
| # (2) Fork PRs: maintainer adds "run-test" label to PRs targeting protected branches. | |
| name: Build PRs | |
| on: | |
| pull_request_target: | |
| branches: [main] | |
| types: [opened, synchronize, labeled] | |
| permissions: | |
| pull-requests: write # used to remove label | |
| id-token: write | |
| contents: read | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| # We run tests only if it's: | |
| # 1) pull request not from a fork (ie. internal PR), or | |
| # 2) pull request from a fork (ie. external PR) that was added "run-tests" label | |
| if: | | |
| (github.event.pull_request.head.repo.full_name == github.repository) || | |
| (github.event.action == 'labeled' && github.event.label.name == 'run-tests') | |
| steps: | |
| - name: Remove run-tests label, if applicable | |
| if: always() && github.event.label.name == 'run-tests' | |
| uses: actions/[email protected] | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const { issue: { number: issue_number }, repo: { owner, repo } } = context; | |
| const label = 'run-tests'; | |
| github.issues.removeLabel({ owner, repo, issue_number, name: label }); | |
| build: | |
| name: Build | |
| needs: setup | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@main | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| persist-credentials: false | |
| - name: Setup Node.js 20.x | |
| uses: actions/setup-node@main | |
| with: | |
| node-version: 20.x | |
| - name: Install Dependencies | |
| run: npm install | |
| - name: Fetch Amplify backend configuration | |
| uses: ./.github/actions/fetch_amplify_backend | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ARN_ROLE }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| app-id: ${{ secrets.APP_ID }} | |
| env-name: ${{ secrets.ENV_NAME }} | |
| - name: Run build | |
| run: npm run build |