.github/workflows/ci.yml at main · rieth.dev/practice

rieth.dev / practice
practice doing this
practice / .github / workflows / ci.yml
at main 3.3 kB view raw
  1name: CI
  2
  3on:
  4  pull_request:
  5  push:
  6    branches: [ master ]
  7
  8jobs:
  9  scan_ruby:
 10    runs-on: ubuntu-latest
 11
 12    steps:
 13      - name: Checkout code
 14        uses: actions/checkout@v5
 15
 16      - name: Set up Ruby
 17        uses: ruby/setup-ruby@v1
 18        with:
 19          bundler-cache: true
 20
 21      - name: Scan for common Rails security vulnerabilities using static analysis
 22        run: bin/brakeman --no-pager
 23      
 24      - name: Scan for known security vulnerabilities in gems used
 25        run: bin/bundler-audit
 26      
 27  scan_js:
 28    runs-on: ubuntu-latest
 29
 30    steps:
 31      - name: Checkout code
 32        uses: actions/checkout@v5
 33
 34      - name: Set up Ruby
 35        uses: ruby/setup-ruby@v1
 36        with:
 37          bundler-cache: true
 38
 39      - name: Scan for security vulnerabilities in JavaScript dependencies
 40        run: bin/importmap audit
 41
 42  lint:
 43    runs-on: ubuntu-latest
 44    env:
 45      RUBOCOP_CACHE_ROOT: tmp/rubocop
 46    steps:
 47      - name: Checkout code
 48        uses: actions/checkout@v5
 49
 50      - name: Set up Ruby
 51        uses: ruby/setup-ruby@v1
 52        with:
 53          bundler-cache: true
 54
 55      - name: Prepare RuboCop cache
 56        uses: actions/cache@v4
 57        env:
 58          DEPENDENCIES_HASH: ${{ hashFiles('.ruby-version', '**/.rubocop.yml', '**/.rubocop_todo.yml', 'Gemfile.lock') }}
 59        with:
 60          path: ${{ env.RUBOCOP_CACHE_ROOT }}
 61          key: rubocop-${{ runner.os }}-${{ env.DEPENDENCIES_HASH }}-${{ github.ref_name == github.event.repository.default_branch && github.run_id || 'default' }}
 62          restore-keys: |
 63            rubocop-${{ runner.os }}-${{ env.DEPENDENCIES_HASH }}-
 64
 65      - name: Lint code for consistent style
 66        run: bin/rubocop -f github
 67
 68  test:
 69    runs-on: ubuntu-latest
 70
 71    # services:
 72    #  redis:
 73    #    image: valkey/valkey:8
 74    #    ports:
 75    #      - 6379:6379
 76    #    options: --health-cmd "redis-cli ping" --health-interval 10s --health-timeout 5s --health-retries 5
 77    steps:
 78      - name: Checkout code
 79        uses: actions/checkout@v5
 80
 81      - name: Set up Ruby
 82        uses: ruby/setup-ruby@v1
 83        with:
 84          bundler-cache: true
 85
 86      - name: Run tests
 87        env:
 88          RAILS_ENV: test
 89          # RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
 90          # REDIS_URL: redis://localhost:6379/0
 91        run: bin/rails db:test:prepare test
 92
 93  system-test:
 94    runs-on: ubuntu-latest
 95
 96    # services:
 97    #  redis:
 98    #    image: valkey/valkey:8
 99    #    ports:
100    #      - 6379:6379
101    #    options: --health-cmd "redis-cli ping" --health-interval 10s --health-timeout 5s --health-retries 5
102    steps:
103      - name: Checkout code
104        uses: actions/checkout@v5
105
106      - name: Set up Ruby
107        uses: ruby/setup-ruby@v1
108        with:
109          bundler-cache: true
110
111      - name: Run System Tests
112        env:
113          RAILS_ENV: test
114          # RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
115          # REDIS_URL: redis://localhost:6379/0
116        run: bin/rails db:test:prepare test:system
117
118      - name: Keep screenshots from failed system tests
119        uses: actions/upload-artifact@v4
120        if: failure()
121        with:
122          name: screenshots
123          path: ${{ github.workspace }}/tmp/screenshots
124          if-no-files-found: ignore