refactor(ci): split audit from prebuild (#3298)

Move dependency audits from prebuild to their own jobs, so that an error does not affect the rest of the build/test process.

refactor(ci): split audit from prebuild (#3298)
Move dependency audits from prebuild to their own jobs, so that an error does not affect the rest of the build/test process.
d27b12ba · Akash Satheesan · GitHub · af5a1c98 · d27b12ba
隐藏空白更改
内联并排

Showing with 28 addition and 4 deletion

.github/workflows/ci.yaml .github/workflows/ci.yaml +28 -4

未找到文件。
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -43,10 +43,6 @@ jobs:
        if: steps.cache-yarn.outputs.cache-hit != 'true'
        run: yarn --frozen-lockfile

-      - name: Audit for vulnerabilities
-        run: yarn _audit
-        if: success()
-
      - name: Run yarn fmt
        run: yarn fmt
        if: success()
@@ -63,6 +59,34 @@ jobs:
        run: yarn coverage
        if: success()

+  audit-ci:
+    name: Run audit-ci
+    needs: prebuild
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v2
+
+      - name: Install Node.js v12
+        uses: actions/setup-node@v2
+        with:
+          node-version: "12"
+
+      - name: Fetch dependencies from cache
+        id: cache-yarn
+        uses: actions/cache@v2
+        with:
+          path: "**/node_modules"
+          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
+
+      - name: Install dependencies
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
+        run: yarn --frozen-lockfile
+
+      - name: Audit for vulnerabilities
+        run: yarn _audit
+        if: success()
+
  build:
    name: Build
    needs: prebuild