name: Tests on: push: env: REPO_NAME: template-desktop jobs: static-code-checks: name: Static code checks runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Setup BunJS uses: oven-sh/setup-bun@v2 - name: Install dependencies run: bun install --frozen-lockfile - name: run Astro and TypeScript checks run: bun run check run: name: Unit tests runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Setup BunJS uses: oven-sh/setup-bun@v2 - name: Install dependencies run: bun install --frozen-lockfile # - name: Prepare Tests # run: npm run install:test - name: Test # run : npm run test run: bun run test:unit secrets-scanner: name: Secrets Scanning runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Secret Scanning uses: onboardbase/securelog-scan@main with: exclude: "node_modules,dist" # Comma-separated list of folders to exclude (optional) commits: 100 # Number of recent commits to scan (optional) changed: "true" # Set to "false" to scan entire repository instead of just files that was changed (optional) mask: "true" # that is mask secret value e.g sk_****** verify: "true" # that is verify potential secrets against their service provider sonarqube: name: SonarQube runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 - name: Setup BunJS uses: oven-sh/setup-bun@v2 - name: Install project dependencies run: bun install --frozen-lockfile - name: Run coverage run: bun run test:unit continue-on-error: true # continue on error as we still want reporting to be done - name: Scan repository uses: Aviortheking/sonarqube-action@v5.1.0 with: host: ${{ secrets.SONARQUBE_HOST }} login: ${{ secrets.SONARQUBE_TOKEN }} projectKey: ${{ env.REPO_NAME }} args: > -Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info