ci: add Gitea Actions workflows (CI/deploy + weekly npm audit)
- ci.yml: run Playwright tests on every push to main, then deploy to VPS if tests pass; includes post-deploy health check - audit.yml: weekly npm audit (Mondays 07:00 UTC), fails on high/critical - Requires VPS_SSH_KEY secret (already configured in repo settings)
This commit is contained in:
27
.gitea/workflows/audit.yml
Normal file
27
.gitea/workflows/audit.yml
Normal file
@@ -0,0 +1,27 @@
|
||||
name: Security · npm audit
|
||||
|
||||
on:
|
||||
schedule:
|
||||
# Each Monday at 07:00 UTC
|
||||
- cron: '0 7 * * 1'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
audit:
|
||||
name: npm audit
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: '20'
|
||||
cache: 'npm'
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm ci
|
||||
|
||||
- name: Run audit (fail on high/critical)
|
||||
run: npm audit --audit-level=high
|
||||
Reference in New Issue
Block a user