Skip to content

ci: add CodeQL security scanning (weekly + on push/PR) #24

ci: add CodeQL security scanning (weekly + on push/PR)

ci: add CodeQL security scanning (weekly + on push/PR) #24

Workflow file for this run

name: test
on:
push:
pull_request:
jobs:
unit:
name: Unit Tests (Node ${{ matrix.node-version }})
runs-on: ubuntu-latest
strategy:
matrix:
node-version: ["20", "22"]
steps:
- uses: actions/checkout@v6
- name: Set up Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: npm ci
- name: Build
run: npm run build
- name: Run unit tests
run: node --experimental-vm-modules node_modules/.bin/jest --testPathPattern='src/__tests__/(?!integration)' --forceExit
integration:
name: Integration Tests
runs-on: ubuntu-latest
services:
localstack:
image: localstack/localstack:3
ports:
- 4566:4566
env:
SERVICES: kms
options: >-
--health-cmd "curl -sf http://localhost:4566/_localstack/health"
--health-interval 10s
--health-timeout 5s
--health-retries 15
vault:
image: hashicorp/vault:1.18
ports:
- 8200:8200
env:
VAULT_DEV_ROOT_TOKEN_ID: root
VAULT_DEV_LISTEN_ADDRESS: 0.0.0.0:8200
options: >-
--cap-add IPC_LOCK
--health-cmd "vault status -address=http://127.0.0.1:8200 || exit 1"
--health-interval 10s
--health-timeout 5s
--health-retries 10
steps:
- uses: actions/checkout@v6
- name: Set up Node.js 20
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Install dependencies
run: npm ci
- name: Build
run: npm run build
- name: Run integration tests
run: node --experimental-vm-modules node_modules/.bin/jest --testPathPattern='src/__tests__/integration' --forceExit
env:
AWS_ACCESS_KEY_ID: test
AWS_SECRET_ACCESS_KEY: test
AWS_DEFAULT_REGION: us-east-1
AWS_ENDPOINT_URL: http://localhost:4566
VAULT_ADDR: http://localhost:8200
VAULT_TOKEN: root