chore: Update axios to 1.6 to pull in fix for CVE 2023 45857 #1503
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test and Deploy | |
on: | |
push: | |
branches: [ '*' ] | |
tags: [ '*' ] | |
pull_request: | |
branches: [ main ] | |
schedule: | |
# Run automatically at 8AM PST Monday-Friday | |
- cron: '0 15 * * 1-5' | |
workflow_dispatch: | |
jobs: | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
timeout-minutes: 20 | |
strategy: | |
matrix: | |
node: [ 14, 16, 18, lts/* ] | |
steps: | |
- name: Checkout twilio-node | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Node | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node }} | |
- run: npm install | |
- name: Run Unit Tests | |
run: npm run ci | |
- name: Run Cluster Tests | |
if: (!github.event.pull_request.head.repo.fork) | |
env: | |
TWILIO_ACCOUNT_SID: ${{ secrets.TWILIO_ACCOUNT_SID }} | |
TWILIO_API_KEY: ${{ secrets.TWILIO_CLUSTER_TEST_API_KEY}} | |
TWILIO_API_SECRET: ${{ secrets.TWILIO_CLUSTER_TEST_API_KEY_SECRET }} | |
TWILIO_FROM_NUMBER: ${{ secrets.TWILIO_FROM_NUMBER }} | |
TWILIO_TO_NUMBER: ${{ secrets.TWILIO_TO_NUMBER }} | |
run: | | |
npm pack | |
tar -xzf twilio*.tgz | |
cd spec/cluster | |
npm install | |
npm run test | |
- name: SonarCloud Scan | |
if: ${{ (github.event_name == 'pull_request' || github.ref_type == 'branch') && matrix.node == 'lts/*' && !github.event.pull_request.head.repo.fork }} | |
uses: SonarSource/sonarcloud-github-action@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
deploy: | |
name: Deploy | |
if: success() && github.ref_type == 'tag' | |
needs: [ test ] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout twilio-node | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Node | |
uses: actions/setup-node@v3 | |
with: | |
node-version: lts/* | |
- run: npm install | |
- name: Login to Docker Hub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_AUTH_TOKEN }} | |
# The expression strips off the shortest match from the front of the string to yield just the tag name as the output | |
- name: Get tagged version | |
run: echo "GITHUB_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
- name: Create GitHub Release | |
uses: sendgrid/dx-automator/actions/release@main | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and Push image | |
run: make docker-build && make docker-push | |
- name: Publish to NPM | |
run: | | |
npm config set //registry.npmjs.org/:_authToken ${NODE_AUTH_TOKEN} | |
npm publish --ignore-scripts | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Submit metric to Datadog | |
uses: sendgrid/dx-automator/actions/datadog-release-metric@main | |
env: | |
DD_API_KEY: ${{ secrets.DATADOG_API_KEY }} | |
notify-on-failure: | |
name: Slack notify on failure | |
if: failure() && github.event_name != 'pull_request' && (github.ref == 'refs/heads/main' || github.ref_type == 'tag') | |
needs: [ test, deploy ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: rtCamp/action-slack-notify@v2 | |
env: | |
SLACK_COLOR: failure | |
SLACK_ICON_EMOJI: ':github:' | |
SLACK_MESSAGE: ${{ format('Test *{0}*, Deploy *{1}*, {2}/{3}/actions/runs/{4}', needs.test.result, needs.deploy.result, github.server_url, github.repository, github.run_id) }} | |
SLACK_TITLE: Action Failure - ${{ github.repository }} | |
SLACK_USERNAME: GitHub Actions | |
SLACK_MSG_AUTHOR: twilio-dx | |
SLACK_FOOTER: Posted automatically using GitHub Actions | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
MSG_MINIMAL: true |