simon/svelte-5-static-shadcn-template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2c52fa7b77418c01326208956827770290bf3014
svelte-5-static-shadcn-temp…/.github/workflows/ci.yml
Simon Malm 2c52fa7b77
Some checks failed
CI / test (push) Failing after 11s
Details
CI / security (push) Failing after 12s
Details
CI / docker-build (push) Has been skipped
Details
fix: nu
2025-08-14 14:50:52 +02:00

144 lines
3.9 KiB
YAML
Raw Blame History

name: CI
on:
push:
branches: [master, develop]
pull_request:
branches: [master, develop]
jobs:
test:
runs-on: ubuntu-latest
defaults:
run:
shell: nu {0}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: '1.2.20'
- name: Setup Nushell
run: |
# Install Nushell following official docs
curl -s https://api.github.com/repos/nushell/nushell/releases/latest \
| grep "browser_download_url.*x86_64-unknown-linux-gnu" \
| cut -d : -f 2,3 \
| tr -d \" \
| wget -qi -
tar xf nu-*-x86_64-unknown-linux-gnu.tar.gz
sudo mkdir -p /usr/local/bin
sudo cp nu-*/nu /usr/local/bin/
sudo chmod +x /usr/local/bin/nu
echo "/usr/local/bin" >> $GITHUB_PATH
# Verify installation and set as default shell
/usr/local/bin/nu --version
echo "SHELL=/usr/local/bin/nu" >> $GITHUB_ENV
- name: Setup Just
uses: extractions/setup-just@v2
- name: Install dependencies
run: just install
- name: Install Playwright browsers
run: just install-browsers
- name: Run CI pipeline
run: just ci
security:
runs-on: ubuntu-latest
defaults:
run:
shell: nu {0}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: '1.2.20'
- name: Setup Nushell
run: |
# Install Nushell following official docs
curl -s https://api.github.com/repos/nushell/nushell/releases/latest \
| grep "browser_download_url.*x86_64-unknown-linux-gnu" \
| cut -d : -f 2,3 \
| tr -d \" \
| wget -qi -
tar xf nu-*-x86_64-unknown-linux-gnu.tar.gz
sudo mkdir -p /usr/local/bin
sudo cp nu-*/nu /usr/local/bin/
sudo chmod +x /usr/local/bin/nu
echo "/usr/local/bin" >> $GITHUB_PATH
# Verify installation and set as default shell
/usr/local/bin/nu --version
echo "SHELL=/usr/local/bin/nu" >> $GITHUB_ENV
- name: Setup Just
uses: extractions/setup-just@v2
- name: Install dependencies
run: just install
- name: Run security audit
run: just audit
continue-on-error: true
- name: Run Semgrep security scan
uses: semgrep/semgrep-action@v1
with:
config: >-
p/security-audit
p/secrets
p/owasp-top-ten
p/javascript
p/typescript
generateSarif: '1'
# Token only needed for Semgrep Cloud features (optional)
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
continue-on-error: true
docker-build:
runs-on: ubuntu-latest
defaults:
run:
shell: nu {0}
needs: [test, security]
if: github.ref == 'refs/heads/master'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to Container Registry
uses: docker/login-action@v2
with:
registry: ${{ vars.DOCKER_REGISTRY }}
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
${{ vars.DOCKER_REGISTRY }}/${{ vars.DOCKER_REPOSITORY }}:latest
${{ vars.DOCKER_REGISTRY }}/${{ vars.DOCKER_REPOSITORY }}:${{ github.sha }}
cache-from: type=gha
cache-to: type=gha,mode=max
Reference in New Issue View Git Blame Copy Permalink