-
Notifications
You must be signed in to change notification settings - Fork 0
138 lines (117 loc) · 3.55 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: CI
on: [push]
jobs:
linters:
name: Linters
runs-on: ubuntu-24.04
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: '.tool-versions'
- name: Find yarn cache location
id: yarn-cache
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: JS package cache
uses: actions/cache@v4
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install yarn packages
run: |
yarn install --pure-lockfile
- name: Run linters
env:
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
LOCKBOX_MASTER_KEY: ${{ secrets.LOCKBOX_MASTER_KEY }}
run: |
bin/rubocop --config .rubocop.yml -P
yarn prettier --check .
yarn run eslint
security:
name: Security
runs-on: ubuntu-24.04
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: '.tool-versions'
- name: Find yarn cache location
id: yarn-cache
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: JS package cache
uses: actions/cache@v4
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install yarn packages
run: |
yarn install --pure-lockfile
- name: Run security checks
env:
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
LOCKBOX_MASTER_KEY: ${{ secrets.LOCKBOX_MASTER_KEY }}
run: |
bin/bundler-audit --update
bin/brakeman -q --no-pager
tests:
name: Tests
runs-on: ubuntu-24.04
services:
postgres:
image: postgres:16-alpine
env:
POSTGRES_USER: detonate
POSTGRES_DB: detonate_test
POSTGRES_PASSWORD: detonate
ports: ["5432:5432"]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: '.tool-versions'
- name: Find yarn cache location
id: yarn-cache
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: JS package cache
uses: actions/cache@v4
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install yarn packages
run: |
yarn install --pure-lockfile
- name: Run tests
env:
RAILS_ENV: test
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
LOCKBOX_MASTER_KEY: ${{ secrets.LOCKBOX_MASTER_KEY }}
DATABASE_URL: postgres://detonate:detonate@localhost/detonate_test
run: |
bin/rails db:setup
bin/rails assets:precompile
bin/rspec