OPHJOD-1048: Fix accessability issues in tool #1120
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and deploy JOD Yksilö UI | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write # Needed to interact with GitHub's OIDC Token endpoint | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: lts/iron | |
cache: npm | |
- name: Install dependencies | |
run: npm ci | |
- name: Run ESLint | |
run: npx eslint . --report-unused-disable-directives --max-warnings 0 | |
- name: Run Prettier | |
run: npx prettier . --check | |
- name: Run Vitest unit tests | |
run: npx vitest --coverage.enabled true | |
- name: Upload Vitest report | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: coverage | |
path: coverage/ | |
retention-days: 30 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: arn:aws:iam::${{ secrets.JOD_UTIL_AWS_ACCOUNT_ID }}:role/${{ secrets.JOD_UTIL_AWS_GITHUB_ROLE_NAME}} | |
aws-region: eu-west-1 | |
- name: Copy third party assets from S3 | |
run: aws s3 sync --quiet s3://${{ secrets.JOD_UI_ASSETS }} ./assets | |
- name: Run build | |
run: npm run build | |
# E2E tests | |
# It's not recommended to cache browsers. | |
# See https://playwright.dev/docs/ci#caching-browsers | |
- name: Install Playwright browsers | |
run: npx playwright install --with-deps | |
- name: Run Playwright e2e tests | |
run: npx playwright test | |
- name: Upload Playwright report | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: playwright-report | |
path: playwright-report/ | |
retention-days: 30 | |
# SonarCloud analysis | |
- name: SonarCloud Scan | |
uses: SonarSource/sonarcloud-github-action@v2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
- name: Upload dist artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: dist | |
path: dist/ | |
deploy-development: | |
name: Deploy to development | |
if: github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch' | |
needs: build | |
uses: ./.github/workflows/deploy.yml | |
permissions: | |
id-token: write # Needed to interact with GitHub's OIDC Token endpoint | |
contents: read | |
actions: read | |
secrets: inherit | |
with: | |
environment: 'development' | |
deploy-test: | |
name: Deploy to testing | |
if: github.ref == 'refs/heads/main' | |
needs: build | |
uses: ./.github/workflows/deploy.yml | |
permissions: | |
id-token: write # Needed to interact with GitHub's OIDC Token endpoint | |
contents: read | |
actions: read | |
secrets: inherit | |
with: | |
environment: 'test' |