Merge pull request #368 from plural/gem-updates-20250323-1 #831
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CI" | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| env: | |
| IMAGENAME: registry.digitalocean.com/nsgcr/nrdb-api-server | |
| jobs: | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:14.5 | |
| ports: | |
| - "5432:5432" | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| env: | |
| POSTGRES_DB: rails_test | |
| POSTGRES_USER: rails | |
| POSTGRES_PASSWORD: password | |
| env: | |
| POSTGRES_DB: rails_test | |
| POSTGRES_USER: rails | |
| POSTGRES_PASSWORD: password | |
| RAILS_ENV: test | |
| DATABASE_URL: "postgres://rails:password@localhost:5432/rails_test" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Ruby and gems | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: 3.3.6 | |
| bundler-cache: true | |
| - name: Set up Rails | |
| run: | | |
| cp config/database.ci.yml config/database.yml | |
| - name: Set up database schema | |
| run: | | |
| bin/rails db:reset --trace | |
| - name: Run rspec tests | |
| run: bundle exec rspec | |
| - name: Run rails tests | |
| run: bundle exec rails test | |
| - name: Upload coverage reports to Codecov | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| files: ./coverage/spec/coverage.xml,./coverage/unit/coverage.xml | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Ruby and gems | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: 3.3.6 | |
| bundler-cache: true | |
| - name: Security audit dependencies | |
| run: bundle exec bundler-audit --update | |
| - name: Security audit application code | |
| run: bundle exec brakeman -q -w2 | |
| - name: Lint Ruby files | |
| run: bundle exec rubocop --parallel | |
| build_and_push: | |
| name: Build docker image | |
| if: (github.ref == 'refs/heads/main') || (github.event_name == 'release') | |
| needs: [test, lint] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout the repo | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Install doctl | |
| uses: digitalocean/action-doctl@v2 | |
| with: | |
| token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| - name: Log in to DO Container Registry | |
| run: doctl registry login --expiry-seconds 600 | |
| - name: Build, tag, and publish image | |
| env: | |
| IMAGETAG: ${{ github.ref == 'refs/heads/main' && 'latest' || github.ref_name }} | |
| run: | | |
| docker build -t $IMAGENAME:$IMAGETAG . | |
| docker tag $IMAGENAME:$IMAGETAG $IMAGENAME:${{ github.run_id }} | |
| docker push -a $IMAGENAME |