From d27b12bae93418192adc972741753a89fa3a557c Mon Sep 17 00:00:00 2001 From: Akash Satheesan Date: Fri, 7 May 2021 00:32:10 +0530 Subject: [PATCH] refactor(ci): split audit from prebuild (#3298) Move dependency audits from prebuild to their own jobs, so that an error does not affect the rest of the build/test process. --- .github/workflows/ci.yaml | 32 ++++++++++++++++++++++++++++---- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 8e6344db0..832241dc6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -43,10 +43,6 @@ jobs: if: steps.cache-yarn.outputs.cache-hit != 'true' run: yarn --frozen-lockfile - - name: Audit for vulnerabilities - run: yarn _audit - if: success() - - name: Run yarn fmt run: yarn fmt if: success() @@ -63,6 +59,34 @@ jobs: run: yarn coverage if: success() + audit-ci: + name: Run audit-ci + needs: prebuild + runs-on: ubuntu-latest + steps: + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Install Node.js v12 + uses: actions/setup-node@v2 + with: + node-version: "12" + + - name: Fetch dependencies from cache + id: cache-yarn + uses: actions/cache@v2 + with: + path: "**/node_modules" + key: yarn-build-${{ hashFiles('**/yarn.lock') }} + + - name: Install dependencies + if: steps.cache-yarn.outputs.cache-hit != 'true' + run: yarn --frozen-lockfile + + - name: Audit for vulnerabilities + run: yarn _audit + if: success() + build: name: Build needs: prebuild