mythic-insight/calcom
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 5

Adds security checks for PRs (#1503)

Browse source 
* Update lint.yml

* Build and e2e on PRs

* Adds security checks for PRs
This commit is contained in:
Omar López 2022-01-13 12:37:34 -07:00 committed by GitHub
parent 67bcbfd75a
commit f8c036164c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 58 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
.github/workflows/build.yml vendored
View file

@ -1,17 +1,22 @@
name: Build name: Build
on: on:
push: pull_request_target:
branches:
- main
- staging
pull_request:
branches: branches:
- main - main
jobs: jobs:
approve:
runs-on: ubuntu-latest
steps:
- name: Approve
run: echo For security reasons, all pull requests need to be approved first before running any automated CI.
build: build:
needs: [approve] # Require the first step to finish
timeout-minutes: 5 timeout-minutes: 5
name: Build on Node ${{ matrix.node }} and ${{ matrix.os }} name: Build on Node ${{ matrix.node }} and ${{ matrix.os }}
environment:
name: Preview
env: env:
DATABASE_URL: postgresql://postgres:@localhost:5432/calendso DATABASE_URL: postgresql://postgres:@localhost:5432/calendso
NODE_ENV: test NODE_ENV: test
@ -35,6 +40,9 @@ jobs:
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@v2 uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 2
- name: Use Node ${{ matrix.node }} - name: Use Node ${{ matrix.node }}
uses: actions/setup-node@v1 uses: actions/setup-node@v1
@ -57,28 +65,3 @@ jobs:
- run: yarn prisma migrate deploy - run: yarn prisma migrate deploy
- run: yarn test - run: yarn test
- run: yarn build - run: yarn build
types:
name: Check types
strategy:
matrix:
node: ["14.x"]
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Checkout repo
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Use Node ${{ matrix.node }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node }}
- name: Install deps
uses: bahmutov/npm-install@v1
- run: yarn check-changed-files

30
.github/workflows/check-types.yml vendored Normal file
View file

@ -0,0 +1,30 @@
name: Check types
on:
pull_request:
branches:
- main
jobs:
types:
name: Check types
strategy:
matrix:
node: ["14.x"]
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Checkout repo
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Use Node ${{ matrix.node }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node }}
- name: Install deps
uses: bahmutov/npm-install@v1
- run: yarn check-changed-files

20
.github/workflows/e2e.yml vendored
View file

@ -1,17 +1,22 @@
name: E2E test name: E2E test
on: on:
push: pull_request_target:
branches:
- main
- staging
pull_request:
branches: branches:
- main - main
jobs: jobs:
approve:
runs-on: ubuntu-latest
steps:
- name: Approve
run: echo For security reasons, all pull requests need to be approved first before running any automated CI.
test: test:
timeout-minutes: 10 timeout-minutes: 10
name: ${{ matrix.node }} and ${{ matrix.os }} name: ${{ matrix.node }} and ${{ matrix.os }}
needs: [approve] # Require the first step to finish
environment:
name: Preview
env: env:
DATABASE_URL: postgresql://postgres:@localhost:5432/calendso DATABASE_URL: postgresql://postgres:@localhost:5432/calendso
BASE_URL: http://localhost:3000 BASE_URL: http://localhost:3000
@ -52,6 +57,9 @@ jobs:
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@v2 uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 2
- name: Use Node ${{ matrix.node }} - name: Use Node ${{ matrix.node }}
uses: actions/setup-node@v1 uses: actions/setup-node@v1