Inspect .env file in prod. #218
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pipeline | |
| on: push | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| - name: Run code checks | |
| run: bundle exec rubocop | |
| test: | |
| needs: check | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| ruby: [2.7.5, 3.0.6, 3.1.4, 3.2.2] | |
| rails: [6.0.6, 6.1.7, 7.0.4, 7.1.3] | |
| exclude: | |
| - ruby: 3.1.4 | |
| rails: 6.0.6 | |
| - ruby: 3.2.2 | |
| rails: 6.0.6 | |
| env: | |
| RAILS_VERSION: ${{ matrix.rails }} | |
| CUSTOM_RUBY_VERSION: ${{ matrix.ruby }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Remove `Gemfile.lock` because this is a matrix job | |
| run: rm Gemfile.lock | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: ${{ matrix.ruby }} | |
| bundler-cache: true | |
| - name: Execute migrations | |
| run: bin/rails db:migrate | |
| - name: Run tests | |
| run: BACKTRACE=1 bin/rails test | |
| - name: Check if coverage LCOV file exists | |
| id: lcov_exists | |
| uses: andstor/file-existence-action@v3 | |
| with: | |
| files: coverage/lcov.info | |
| - name: Submit coverage to `coveralls.io` if LCOV file exists | |
| uses: coverallsapp/github-action@master | |
| if: steps.lcov_exists.outputs.files_exists == 'true' | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| deploy: | |
| needs: test | |
| runs-on: ubuntu-latest | |
| if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.APPSERVER_DEPLOY_SSH_KEY }} | |
| - name: Setup appserver known_hosts | |
| run: cat config/appserver.known_hosts >> ~/.ssh/known_hosts | |
| - name: Set up Docker Buildx for cache | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Expose GitHub Runtime for cache | |
| uses: crazy-max/ghaction-github-runtime@v3 | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| - name: Write out .env file | |
| run: echo "PRODUCTION_KEY=${{ secrets.PRODUCTION_KEY }}" > .env | |
| - name: Display .env file | |
| run: cat .env | |
| - name: Build and deploy using Kamal | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| PRODUCTION_KEY: ${{ secrets.PRODUCTION_KEY }} | |
| run: bundle exec kamal deploy | |
| release: | |
| needs: test | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| - name: Build the gem | |
| run: gem build rest_framework.gemspec -o rest_framework.gem | |
| - name: Display VERSION | |
| run: cat VERSION | |
| - name: Push to RubyGems | |
| env: | |
| GEM_HOST_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }} | |
| run: gem push rest_framework.gem |