IPS-1118: Bau gha add lint on pre-merge and post-merge checks. #400

	name: Pre-merge checks
	on:
	push:
	branches:
	- main
	pull_request:
	types:
	- opened
	- reopened
	- ready_for_review
	- synchronize

	jobs:
	pre-commit:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: '3.x'
	- uses: pre-commit/[email protected]
	with:
	extra_args: "detect-secrets --all-files"

	run-premerge-checks:
	runs-on: ubuntu-latest
	env:
	AWS_REGION: eu-west-2
	steps:
	- name: Check out repository code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

	- name: Setup SAM
	uses: aws-actions/setup-sam@v2
	with:
	use-installer: true

	- name: Set up AWS creds
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_DEV_DEPLOY_PASSPORTA_FRONT_GITHUB_ACTIONS_ROLE_ARN}}
	aws-region: eu-west-2

	- name: SAM Validate
	run: sam validate --region ${{ env.AWS_REGION }} -t deploy/template.yaml --lint

	- name: Use Node.js 20.x
	uses: actions/setup-node@v4
	with:
	node-version: 20

	- name: Install dependencies
	run: yarn install && yarn playwright install

	- name: Build assets
	run: yarn build

	- name: Run lint
	run: yarn lint

	- name: Run test and write coverage
	run: yarn run test:coverage

	- name: Run browser tests
	run: yarn run test:browser:ci

	- name: Run sonarcloud scan
	if: ${{ github.actor != 'dependabot[bot]' }}
	uses: SonarSource/sonarcloud-github-action@master
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

Provide feedback