mirror of
https://github.com/ether/etherpad-lite.git
synced 2025-01-19 22:23:33 +01:00
2929a3c0bd
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
93 lines
2.6 KiB
YAML
93 lines
2.6 KiB
YAML
name: "Windows Zip"
|
|
|
|
# any branch is useful for testing before a PR is submitted
|
|
on: [push, pull_request]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
build:
|
|
# run on pushes to any branch
|
|
# run on PRs from external forks
|
|
if: |
|
|
(github.event_name != 'pull_request')
|
|
|| (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
|
|
name: Build
|
|
runs-on: windows-latest
|
|
steps:
|
|
-
|
|
uses: msys2/setup-msys2@v2
|
|
with:
|
|
path-type: inherit
|
|
install: >-
|
|
zip
|
|
-
|
|
name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
-
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
node-version: 12
|
|
cache: 'npm'
|
|
cache-dependency-path: |
|
|
src/package-lock.json
|
|
src/bin/doc/package-lock.json
|
|
-
|
|
name: Install all dependencies and symlink for ep_etherpad-lite
|
|
shell: msys2 {0}
|
|
run: src/bin/installDeps.sh
|
|
-
|
|
name: Run the backend tests
|
|
shell: msys2 {0}
|
|
run: cd src && npm test
|
|
-
|
|
name: Build the .zip
|
|
shell: msys2 {0}
|
|
run: src/bin/buildForWindows.sh
|
|
-
|
|
name: Archive production artifacts
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: etherpad-lite-win.zip
|
|
path: etherpad-lite-win.zip
|
|
|
|
deploy:
|
|
# run on pushes to any branch
|
|
# run on PRs from external forks
|
|
permissions:
|
|
contents: none
|
|
if: |
|
|
(github.event_name != 'pull_request')
|
|
|| (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
|
|
name: Deploy
|
|
needs: build
|
|
runs-on: windows-latest
|
|
steps:
|
|
-
|
|
name: Download zip
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: etherpad-lite-win.zip
|
|
-
|
|
name: Extract Etherpad
|
|
run: 7z x etherpad-lite-win.zip -oetherpad
|
|
-
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
node-version: 12
|
|
cache: 'npm'
|
|
cache-dependency-path: |
|
|
etherpad/src/package-lock.json
|
|
etherpad/src/bin/doc/package-lock.json
|
|
-
|
|
name: Install Cypress
|
|
run: npm install cypress -g
|
|
-
|
|
name: Run Etherpad
|
|
run: |
|
|
cd etherpad
|
|
node node_modules\ep_etherpad-lite\node\server.js &
|
|
curl --connect-timeout 10 --max-time 20 --retry 5 --retry-delay 10 --retry-max-time 60 --retry-connrefused http://127.0.0.1:9001/p/test
|
|
cd src\tests\frontend
|
|
cypress run --spec cypress\integration\test.js --config-file cypress\cypress.json
|