chore(deps-dev): bump @angular-eslint/schematics from 14.4.0 to 17.4.0 #90

	name: Build for development

	on:
	push:
	branches: [ 'feature/', 'dependabot/' ]
	pull_request_target:
	branches: [ develop, main ]
	types: [ ready_for_review, closed ]

	jobs:
	test_and_scan:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up Node 20
	uses: actions/setup-node@v4
	with:
	node-version: '20'
	cache: 'npm'
	- name: Install
	run: npm install
	- name: Run Linter
	run: npm run lint
	- name: Run frontend unit tests
	run: npm run test-ci
	env:
	NODE_OPTIONS: --max_old_space_size=4096
	- name: Upload test report
	uses: actions/upload-artifact@v4
	with:
	name: test-report
	path: ./reports/junit/
	- name: Run CVE scan with audit
	run: npm audit --audit-level=critical
	- name: Run Trivy vulnerability scanner in repo mode
	uses: aquasecurity/trivy-action@master
	with:
	scan-type: 'fs'
	ignore-unfixed: true
	format: 'sarif'
	output: 'trivy-results.sarif'
	severity: 'CRITICAL,HIGH'
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: 'trivy-results.sarif'

	docker:
	needs: test_and_scan
	if: github.event.pull_request.merged == true

	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up Node 20
	uses: actions/setup-node@v4
	with:
	node-version: '20'
	cache: 'npm'
	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_USERNAME }}
	password: ${{ secrets.DOCKER_PASSWORD }}
	- name: Build and push
	uses: docker/build-push-action@v5
	with:
	load: true
	tags: ${{ secrets.DOCKER_USERNAME }}/num-portal-webapp:develop

Provide feedback