backport: Export authorization metadata to user extended data #151
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "CI/CD" | |
on: [push] | |
env: | |
CI: "true" | |
SIMPLECOV: "true" | |
RSPEC_FORMAT: "documentation" | |
RUBY_VERSION: 3.0.2 | |
RAILS_ENV: test | |
NODE_VERSION: 16.9.1 | |
RUBYOPT: '-W:no-deprecated' | |
# Set locales available for i18n tasks | |
ENFORCED_LOCALES: "en,fr" | |
AVAILABLE_LOCALES: "en,fr" | |
jobs: | |
todo: | |
name: TODO | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 1 | |
- name: "TODO to Issue" | |
uses: "alstr/todo-to-issue-action@v4" | |
lint: | |
name: Lint code | |
runs-on: ubuntu-latest | |
if: "!startsWith(github.head_ref, 'chore/l10n')" | |
timeout-minutes: 60 | |
steps: | |
- uses: rokroskar/[email protected] | |
if: "github.ref != 'refs/heads/develop'" | |
env: | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
- uses: OpenSourcePolitics/lint-action@master | |
with: | |
ruby_version: ${{ env.RUBY_VERSION }} | |
node_version: ${{ env.NODE_VERSION }} | |
tests: | |
strategy: | |
fail-fast: false | |
matrix: | |
slice: [ "0-2", "1-2" ] | |
name: Tests | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres:11 | |
ports: ["5432:5432"] | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
env: | |
POSTGRES_PASSWORD: postgres | |
env: | |
DATABASE_USERNAME: postgres | |
DATABASE_PASSWORD: postgres | |
DATABASE_HOST: localhost | |
steps: | |
- uses: rokroskar/[email protected] | |
if: "github.ref != 'refs/heads/master' || github.ref != 'refs/heads/develop'" | |
env: | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 1 | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: ${{ env.RUBY_VERSION }} | |
bundler-cache: true | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ env.NODE_VERSION }} | |
- name: Install dependencies | |
run: yarn install --prefer-offline --frozen-lockfile | |
- name: Create db | |
run: | | |
bundle exec rails parallel:create parallel:migrate | |
- name: Register cache hash | |
id: cache-hash | |
run: | | |
echo "::set-output name=hash::$(bundle exec rake test:assets_hash)" | |
- uses: OpenSourcePolitics/cache-precompile-action@master | |
with: | |
key: asset-cache-${{ runner.os }}-${{ steps.cache-hash.outputs.hash }} | |
- run: mkdir -p ./spec/tmp/screenshots | |
name: Create the screenshots folder | |
- uses: nanasess/setup-chromedriver@v2 | |
- run: bundle exec rake "test:run[exclude, spec/system/**/*_spec.rb, ${{ matrix.slice }}]" | |
name: RSpec | |
- run: ./.github/upload_coverage.sh decidim-app $GITHUB_EVENT_PATH | |
name: Upload coverage | |
- uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: screenshots | |
path: ./spec/tmp/screenshots | |
- uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: assets-manifest-${{ matrix.slice }} | |
path: ./tmp/assets_manifest.json | |
system_tests: | |
strategy: | |
matrix: | |
slice: [ "0-4", "1-4", "2-4", "3-4" ] | |
name: System tests | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres:11 | |
ports: ["5432:5432"] | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
env: | |
POSTGRES_PASSWORD: postgres | |
env: | |
DATABASE_USERNAME: postgres | |
DATABASE_PASSWORD: postgres | |
DATABASE_HOST: localhost | |
steps: | |
- uses: rokroskar/[email protected] | |
if: "github.ref != 'refs/heads/master' || github.ref != 'refs/heads/develop'" | |
env: | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 1 | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: ${{ env.RUBY_VERSION }} | |
bundler-cache: true | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ env.NODE_VERSION }} | |
- name: Install dependencies | |
run: yarn install --prefer-offline --frozen-lockfile | |
- name: Create db | |
run: | | |
bundle exec rails parallel:create parallel:migrate | |
- name: Register cache hash | |
id: cache-hash | |
run: | | |
echo "::set-output name=hash::$(bundle exec rake test:assets_hash)" | |
- uses: OpenSourcePolitics/cache-precompile-action@master | |
with: | |
key: asset-cache-${{ runner.os }}-${{ steps.cache-hash.outputs.hash }} | |
- run: mkdir -p ./spec/tmp/screenshots | |
name: Create the screenshots folder | |
- uses: nanasess/setup-chromedriver@v2 | |
- run: bundle exec rake "test:run[include, spec/system/**/*_spec.rb, ${{ matrix.slice }}]" | |
name: RSpec | |
- run: ./.github/upload_coverage.sh decidim-app $GITHUB_EVENT_PATH | |
name: Upload coverage | |
- uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: screenshots | |
path: ./spec/tmp/screenshots | |
- uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: assets-manifest-${{ matrix.slice }} | |
path: ./tmp/assets_manifest.json | |
test_build: | |
name: Test build docker image | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres:11 | |
ports: [ "5432:5432" ] | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
env: | |
POSTGRES_PASSWORD: postgres | |
env: | |
DATABASE_USERNAME: postgres | |
DATABASE_PASSWORD: postgres | |
DATABASE_HOST: host.docker.internal | |
steps: | |
- uses: OpenSourcePolitics/build-and-test-images-action@master | |
with: | |
registry: ${{ vars.REGISTRY_ENDPOINT }} | |
namespace: ${{ vars.REGISTRY_NAMESPACE }} | |
image_name: ${{ vars.IMAGE_NAME }} | |
tag: ${{ github.ref }} | |
password: ${{ secrets.TOKEN }} | |
database_username: ${{ env.DATABASE_USERNAME }} | |
database_password: ${{ env.DATABASE_PASSWORD }} | |
database_host: ${{ env.DATABASE_HOST }} | |
build_and_push_image_dev: | |
name: Build and push image to Registry | |
if: "github.ref == 'refs/heads/develop'" | |
needs: [lint, tests, system_tests, test_build] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: OpenSourcePolitics/build-and-push-images-action@master | |
with: | |
registry: ${{ vars.REGISTRY_ENDPOINT }} | |
namespace: ${{ vars.REGISTRY_NAMESPACE }} | |
password: ${{ secrets.TOKEN }} | |
image_name: ${{ vars.IMAGE_NAME }} | |
tag: "develop" | |
generate_release: | |
name: Generate release | |
needs: [lint, tests, system_tests, test_build] | |
if: "github.ref == 'refs/heads/master'" | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: mathieudutour/[email protected] | |
name: Bump version and push tag | |
id: tag_version | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
- uses: ncipollo/release-action@v1 | |
name: Create a GitHub release | |
with: | |
generateReleaseNotes: true | |
tag: ${{ steps.tag_version.outputs.new_tag }} | |
name: Release ${{ steps.tag_version.outputs.new_tag }} | |
body: ${{ steps.tag_version.outputs.changelog }} | |
- uses: OpenSourcePolitics/build-and-push-images-action@master | |
with: | |
registry: ${{ vars.REGISTRY_ENDPOINT }} | |
namespace: ${{ vars.REGISTRY_NAMESPACE }} | |
password: ${{ secrets.TOKEN }} | |
image_name: ${{ vars.IMAGE_NAME }} | |
tag: ${{ steps.tag_version.outputs.new_tag }} |