add cron job (#60)

* add automatic security check * update workflow 1 * update workflow 2 * test old webpack * add outcome validation * revert webpack * add slack notification
NovatecConsulting · Nov 29, 2024 · 55ffa1b · 55ffa1b
1 parent 5f53149
commit 55ffa1b
Showing 1 changed file with 39 additions and 0 deletions.
diff --git a/.github/workflows/security_check.yml b/.github/workflows/security_check.yml
@@ -0,0 +1,39 @@
+name: Automatic Security Check
+
+on:
+  schedule:
+    - cron: "0 8 1,15 * *" # At 08:00 on day-of-month 1 and 15
+
+jobs:
+  security-check:
+    name: Security Check
+    runs-on: ubuntu-latest
+    container:
+      image: node:16.17
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Install dependencies
+        run: yarn install
+      - name: Run yarn audit
+        id: audit
+        run: yarn audit --no-color --json > yarn-report.json
+        continue-on-error: true # we still want to upload the report
+      - name: Upload report
+        uses: actions/upload-artifact@v4
+        with:
+          name: yarn-audit-report
+          path: yarn-report.json
+      - name: Send Notification
+        uses: slackapi/slack-github-action@v2.0.0
+        with:
+          webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
+          webhook-type: incoming-webhook
+          payload: |
+            text: "*Boomerang-OTel-Plugin Yarn-Audit Report*: ${{ job.status }}\nPlease check the report here: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+      # if yarn audit failed, the job should also fail, but only after the results were uploaded
+      - name: Validate yarn audit outcome
+        if: ${{ steps.audit.outcome == 'failure' }}
+        run: |
+          echo "Yarn audit failed"
+          exit 1