build(ci): only audit for production dependencies

[e-mobility-charging-stations-simulator.git] / .github / workflows / ci.yml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index be2b95f9bdebf3af063e2e473abc16e94032f6b7..fef46bc437f684580e3b5715117b42ba3ad9d407 100644 (file)
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -26,7 +26,7 @@ jobs:
     strategy:
       matrix:
         os: [windows-latest, macos-latest, ubuntu-latest]
-        node: ['20.x']
+        node: ['20.x', '21.x']
     name: Build simulator with Node ${{ matrix.node }} on ${{ matrix.os }}
     runs-on: ${{ matrix.os }}
     steps:
@@ -34,36 +34,39 @@ jobs:
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
       - name: Dependency Review
-        if: ${{ github.event_name == 'push' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ github.event_name == 'push' && matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         uses: actions/dependency-review-action@v3
         with:
           base-ref: ${{ github.ref_name }}
           head-ref: ${{ github.sha }}
       - name: Pull Request Dependency Review
-        if: ${{ github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         uses: actions/dependency-review-action@v3
       - uses: pnpm/action-setup@v2
         with:
           version: 8
       - name: Setup node ${{ matrix.node }}
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node }}
           cache: 'pnpm'
       - name: pnpm install
-        run: pnpm install --ignore-scripts
+        run: pnpm install --ignore-scripts --frozen-lockfile
+      - name: pnpm audit
+        if: ${{ matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
+        run: pnpm audit --prod
       - name: pnpm lint
-        if: ${{ matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         run: pnpm lint
       - name: pnpm build
         run: pnpm build
       - name: pnpm test
         run: pnpm test
       - name: pnpm coverage
-        if: ${{ github.repository == 'sap/e-mobility-charging-stations-simulator' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ github.repository == 'sap/e-mobility-charging-stations-simulator' && matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         run: pnpm coverage
       - name: SonarCloud Scan
-        if: ${{ needs.check-secrets.outputs.sonar-token-exists == 'true' && github.repository == 'sap/e-mobility-charging-stations-simulator' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ needs.check-secrets.outputs.sonar-token-exists == 'true' && github.repository == 'sap/e-mobility-charging-stations-simulator' && matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         uses: sonarsource/sonarcloud-github-action@v2.0.2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -73,7 +76,7 @@ jobs:
     strategy:
       matrix:
         os: [windows-latest, macos-latest, ubuntu-latest]
-        node: ['18.x', '20.x']
+        node: ['18.x', '20.x', '21.x']
     name: Build dashboard with Node ${{ matrix.node }} on ${{ matrix.os }}
     runs-on: ${{ matrix.os }}
     defaults:
@@ -84,36 +87,39 @@ jobs:
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
       - name: Dependency Review
-        if: ${{ github.event_name == 'push' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ github.event_name == 'push' && matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         uses: actions/dependency-review-action@v3
         with:
           base-ref: ${{ github.ref_name }}
           head-ref: ${{ github.sha }}
       - name: Pull Request Dependency Review
-        if: ${{ github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         uses: actions/dependency-review-action@v3
       - uses: pnpm/action-setup@v2
         with:
           version: 8
       - name: Setup node ${{ matrix.node }}
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node }}
           cache: 'pnpm'
       - name: pnpm install
-        run: pnpm install --ignore-scripts
+        run: pnpm install --ignore-scripts --frozen-lockfile
+      - name: pnpm audit
+        if: ${{ matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
+        run: pnpm audit --prod
       - name: pnpm lint
-        if: ${{ matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         run: pnpm lint
       - name: pnpm build
         run: pnpm build
       - name: pnpm test
         run: pnpm test
       - name: pnpm coverage
-        if: ${{ github.repository == 'sap/e-mobility-charging-stations-simulator' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ github.repository == 'sap/e-mobility-charging-stations-simulator' && matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         run: pnpm coverage
       - name: SonarCloud Scan
-        if: ${{ needs.check-secrets.outputs.sonar-token-exists == 'true' && github.repository == 'sap/e-mobility-charging-stations-simulator' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ needs.check-secrets.outputs.sonar-token-exists == 'true' && github.repository == 'sap/e-mobility-charging-stations-simulator' && matrix.os == 'ubuntu-latest' && matrix.node == '20.x' }}
         uses: sonarsource/sonarcloud-github-action@v2.0.2
         with:
           projectBaseDir: ui/web