Skip to content

Commit

Permalink
Merge branch 'develop' into ocrvs-5932-auth
Browse files Browse the repository at this point in the history
  • Loading branch information
rikukissa authored Sep 30, 2024
2 parents 61c0da9 + 41c7dac commit ba7b233
Show file tree
Hide file tree
Showing 9 changed files with 1,798 additions and 913 deletions.
6 changes: 5 additions & 1 deletion .github/workflows/build-images-from-branch.yml
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,11 @@ jobs:
cache-to: type=inline

- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
# Skip temporarily for non-develop branches because of
# a TOOMANYREQUESTS error failing the check
# https://github.com/aquasecurity/trivy/discussions/7591
if: ${{ needs.base.outputs.branch == 'develop' }}
uses: aquasecurity/[email protected]
with:
image-ref: 'opencrvs/ocrvs-${{ matrix.service }}:${{ needs.base.outputs.version }}'
trivy-config: trivy.yaml
2 changes: 1 addition & 1 deletion .github/workflows/lint-and-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner in fs mode
uses: aquasecurity/trivy-action@0.23.0
uses: aquasecurity/trivy-action@0.24.0
with:
scan-type: 'fs'
scan-ref: '.'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publish-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ jobs:
.trivyignore.yaml
sparse-checkout-cone-mode: false
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@0.23.0
uses: aquasecurity/trivy-action@0.24.0
with:
image-ref: 'opencrvs/ocrvs-${{ matrix.service }}:${{ needs.base.outputs.version }}'
trivy-config: trivy.yaml
11 changes: 8 additions & 3 deletions .github/workflows/storybook-deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -87,13 +87,18 @@ jobs:
run: cd packages/components && yarn build-storybook

- name: Deploy Storybook to Cloudflare Pages
run: npx wrangler pages deploy ./packages/components/build --project-name opencrvs --branch ${{ env.PR_BRANCH }}
id: deploy_storybook
run: |
DEPLOY_OUTPUT=$(npx wrangler pages deploy ./packages/components/build --project-name opencrvs --branch ${{ env.PR_BRANCH }})
echo "$DEPLOY_OUTPUT"
DEPLOY_URL=$(echo "$DEPLOY_OUTPUT" | grep -o 'https://.*.dev' | tail -n 1)
echo "storybook_url=$DEPLOY_URL" >> $GITHUB_OUTPUT
env:
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}

- name: Comment on PR with Storybook link
run: |
COMMENT="Storybook deployed: https://${{ env.PR_BRANCH }}.opencrvs.pages.dev"
COMMENT="Storybook deployed: ${{ steps.deploy_storybook.outputs.storybook_url }}"
gh pr comment ${{ github.event.issue.number }} --body "$COMMENT"
env:
GITHUB_TOKEN: ${{ secrets.OLLIE_BOT_GITHUB_TOKEN }}
10 changes: 10 additions & 0 deletions .trivyignore.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,13 @@ vulnerabilities:
statement: Transitive dependency of lint-staged, jest and msw. Not running in production. Likely fixed by upgrading.
- id: CVE-2024-37890
statement: ws vulnerability, transitive dependency of jest, storybook, graphql-codegen, not running in production.
- id: CVE-2024-45296
statement: Transitive dependency of react-router 5.3.4. Only affects client-side code ocrvs-7682
- id: CVE-2024-47068
statement: Transitive dependency of Vite. Not run in production and there is currently no fix.
- id: CVE-2024-7254
statement: Metabase v0.46 vulnerability, fixed in Metabase v0.50 ocrvs-6607
- id: CVE-2024-41909
statement: Metabase v0.46 vulnerability, fixed in Metabase v0.50 ocrvs-6607
- id: CVE-2024-22871
statement: Metabase v0.46 vulnerability, fixed in Metabase v0.50 ocrvs-6607
2 changes: 1 addition & 1 deletion packages/client/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@
"sanitize-html": "^2.4.0",
"styled-components": "^5.2.0",
"tsconfig-paths": "^3.13.0",
"vite": "^5.0.0",
"vite": "^5.4.8",
"vite-plugin-svgr": "^0.6.0",
"vite-tsconfig-paths": "^3.5.0",
"webfontloader": "^1.6.28",
Expand Down
6 changes: 0 additions & 6 deletions packages/components/.storybook/main.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,6 @@ import type { StorybookConfig } from '@storybook/react-vite'
const viteFinal = async (config: Record<string, any>) => {
// return the customized config
return mergeConfig(config, {
// customize the Vite config here
resolve: {
alias: {
crypto: 'crypto-js'
}
},
build: {
minify: false,
sourcemap: false
Expand Down
24 changes: 12 additions & 12 deletions packages/components/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"license": "MPL-2.0",
"private": true,
"dependencies": {
"@storybook/core-server": "^7.0.2",
"@storybook/core-server": "^7.6.17",
"css-animation": "^2.0.4",
"jest": "27.5.1",
"patch-package": "^6.1.2",
Expand Down Expand Up @@ -47,16 +47,16 @@
]
},
"devDependencies": {
"@storybook/addon-a11y": "^7.0.2",
"@storybook/addon-actions": "^7.0.2",
"@storybook/addon-docs": "^7.0.2",
"@storybook/addon-essentials": "^7.0.2",
"@storybook/addon-links": "^7.0.2",
"@storybook/manager-api": "^7.0.2",
"@storybook/node-logger": "^7.0.2",
"@storybook/react": "^7.0.2",
"@storybook/react-vite": "^7.0.2",
"@storybook/theming": "^7.0.2",
"@storybook/addon-a11y": "^7.6.17",
"@storybook/addon-actions": "^7.6.17",
"@storybook/addon-docs": "^7.6.17",
"@storybook/addon-essentials": "^7.6.17",
"@storybook/addon-links": "^7.6.17",
"@storybook/manager-api": "^7.6.17",
"@storybook/node-logger": "^7.6.17",
"@storybook/react": "^7.6.17",
"@storybook/react-vite": "^7.6.17",
"@storybook/theming": "^7.6.17",
"@types/jest": "^26.0.14",
"@types/lodash": "^4.14.126",
"@types/node": "^10.12.5",
Expand All @@ -76,7 +76,7 @@
"lint-staged": "^15.0.0",
"prettier": "2.8.8",
"rimraf": "^5.0.0",
"storybook": "^7.0.2",
"storybook": "^7.6.17",
"stylelint": "^14.11.0",
"stylelint-config-recommended": "^9.0.0",
"stylelint-config-styled-components": "^0.1.1",
Expand Down
Loading

0 comments on commit ba7b233

Please sign in to comment.