Merge branch 'release/2.12.0'

.github/workflows/accessibility_test.yml

@@ -0,0 +1,131 @@
+name: Accessibility test
+
+on: pull_request
+
+jobs:
+  run-accessibility-test:
+    strategy:
+      matrix:
+        # Run against the current branch (represented by '', which will use the default ref when using the checkout action) and the base branch
+        branch: [ '', '${{ github.base_ref }}' ]
+
+    # Uses if/else expression evaluation workaround from https://github.com/actions/runner/issues/409#issuecomment-752775072
+    # 'matrix.branch == github.base_ref' is the condition, 'base' is the true value and 'current' is the false value
+    name: Accessibility test (${{ matrix.branch == github.base_ref && 'base' || 'current' }} branch)
+
+    runs-on: ubuntu-20.04
+    services:
+      postgres:
+        image: postgres:13.3
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_DB: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_HOST_AUTH_METHOD: trust
+        ports:
+          # Maps tcp port 5432 on service container to the host
+          - 5432:5432
+      elasticsearch:
+        image: docker.elastic.co/elasticsearch/elasticsearch:7.10.1
+        env:
+          xpack.security.enabled: false
+          transport.host: localhost
+          network.host: 127.0.0.1
+          http.port: 9200
+          discovery.type: single-node
+
+    steps:
+      - name: Checkout branch
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ matrix.branch }}
+
+      - name: Install browser
+        uses: browser-actions/setup-chrome@v1
+
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17.0.4+8'
+          distribution: 'adopt'
+
+      - name: Install npm
+        uses: actions/setup-node@v4
+        with:
+          node-version-file: '.nvmrc'
+
+      - name: Cache dependencies
+        id: cache-dependencies
+        uses: actions/cache@v3
+        env:
+          cache-version: version1
+        with:
+          path: ./node_modules
+          key: dep-cache-${{ env.cache-version }}-${{ hashFiles('**/package-lock.json') }}
+
+      - if: ${{ steps.cache-dependencies.outputs.cache-hit != 'true' }}
+        name: Install dependencies if cache miss
+        run: npm ci
+
+      - name: Build
+        run: NODE_OPTIONS="--max-old-space-size=1610" npm run build.prod
+
+      # Run the services
+      - name: Install postgresql client
+        run: sudo apt install -y postgresql-client || true
+
+      - name: Prepare webservice
+        run: DB_DUMP="db_dump.sql" npm run webservice
+
+      - name: Install nginx
+        run: sudo apt install -y nginx || true
+
+      - name: Prepare nginx config
+        run: sed "s%REPLACEME%`pwd`%" .circleci/nginx.conf.tmpl > .circleci/nginx.conf
+
+      - name: Run nginx
+        run: sudo nginx -c `pwd`/.circleci/nginx.conf &
+
+      - name: Run webservice
+        run: java -jar dockstore-webservice.jar server test/web.yml 1>/dev/null &
+
+      - name: Wait for services
+        run: bash scripts/wait-for.sh
+
+      - name: Run accessibility test
+        run: |
+          if [[ "${{ matrix.branch }}" == "$GITHUB_BASE_REF" ]]; then
+            echo "Running accessibility test for base branch"
+            npm run accessibility-test -- -RB
+          else 
+            echo "Running accessibility test for current branch"
+            npm run accessibility-test -- -R
+          fi
+          
+      - name: Save accessibility results
+        uses: actions/upload-artifact@v3
+        with:
+          name: accessibility-results
+          path: accessibility-results/
+
+  compare_accessibility_results:
+    needs: run-accessibility-test
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install npm
+        uses: actions/setup-node@v4
+        with:
+          node-version-file: '.nvmrc'
+
+      - name: Download accessibility results
+        uses: actions/download-artifact@v3
+        with:
+          name: accessibility-results
+          # Download to this directory because this is the directory that the accessibility script looks at for the results
+          path: accessibility-results 
+
+      - name: Compare accessibility results
+        run: npm run accessibility-test -- -A
+

.github/workflows/codeql.yml

@@ -36,7 +36,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/npm_audit_test.yml

@@ -0,0 +1,29 @@
+name: npm audit test
+
+on: pull_request
+
+jobs:
+  npm-audit-test:
+    name: npm audit test
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout branch
+        uses: actions/checkout@v4
+        with:
+          # Fetches all history for all branches and tags
+          # Needed because the audit script checks out the base branch
+          fetch-depth: 0
+
+      - name: Install npm
+        uses: actions/setup-node@v4
+        with:
+          node-version-file: '.nvmrc'
+
+      - name: Run npm audit
+        # Run npm audit on current branch and compare it with the results of running npm audit on the base branch that is set in the built-in $GITHUB_BASE_REF environment variable. 
+        # If there are more high or critical findings in the current branch, then the test fails. If the same number of findings are found, then check that the vulnerabilities are the same.
+        # If they are are different, then the test fails.
+        run: npm run compare-audits -- $GITHUB_BASE_REF
+      - name: Run signature check
+        # Compares the signatures generated by npm locally to those provided by the registry.
+        run: npm audit signatures

.github/workflows/update_license.yml

@@ -15,7 +15,7 @@ jobs:
   update_license_file:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Install dependencies
         run: npm ci

.gitignore

@@ -6,7 +6,6 @@
 /out-tsc
 /src/app/**/*.js
 !/src/app/shared/grammars/*.js
-src/app/shared/swagger/
 src/app/shared/openapi/
 swagger-codegen-cli.jar
 openapi-generator-cli-3.3.1.jar