variables: - &node_image 'node:18-alpine' - &when - path: &when_path # related config files - ".woodpecker/web.yml" # web source code - "web/**" branch: exclude: ${CI_REPO_DEFAULT_BRANCH} event: push - path: *when_path event: [pull_request, tag, deployment] steps: deps: image: *node_image directory: web/ commands: - corepack enable - pnpm install --frozen-lockfile when: *when lint: group: test image: *node_image directory: web/ commands: - corepack enable - pnpm lint when: *when formatcheck: group: test image: *node_image directory: web/ commands: - corepack enable - pnpm formatcheck when: *when typecheck: group: test image: *node_image directory: web/ commands: - corepack enable - pnpm typecheck when: *when securitycheck: group: test image: aquasec/trivy:latest commands: - trivy fs --exit-code 0 --skip-dirs node_modules/ --severity UNKNOWN,LOW web/ - trivy fs --exit-code 1 --skip-dirs node_modules/ --severity MEDIUM,HIGH,CRITICAL web/ when: *when test: group: test image: *node_image directory: web/ commands: - corepack enable - pnpm test when: *when