Bring intermediate CA setup into the app #112
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: | |
push: | |
branches: [ main ] | |
jobs: | |
build_test: # all steps run in dev container | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build Dev Container task | |
uses: devcontainers/ci@v0.3 | |
with: | |
imageName: ghcr.io/astral-devcontainer | |
cacheFrom: ghcr.io/astral-devcontainer | |
push: never | |
runCmd: | | |
# Add multiple commands to run if needed | |
bundle install | |
- name: Lint code for consistent style | |
uses: devcontainers/ci@v0.3 | |
with: | |
imageName: ghcr.io/astral-devcontainer | |
cacheFrom: ghcr.io/astral-devcontainer | |
push: never | |
runCmd: bin/rubocop -f github | |
- name: Run brakeman | |
uses: devcontainers/ci@v0.3 | |
with: | |
imageName: ghcr.io/astral-devcontainer | |
cacheFrom: ghcr.io/astral-devcontainer | |
push: never | |
runCmd: bin/brakeman --no-pager | |
- name: Run tests | |
uses: devcontainers/ci@v0.3 | |
with: | |
imageName: ghcr.io/astral-devcontainer | |
cacheFrom: ghcr.io/astral-devcontainer | |
push: never | |
runCmd: bin/rails test | |
- name: Keep screenshots from failed system tests | |
uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: screenshots | |
path: ${{ github.workspace }}/tmp/screenshots | |
if-no-files-found: ignore | |
docker: | |
name: Publish Docker Image | |
runs-on: ubuntu-latest | |
environment: docker | |
needs: [build_test] | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
permissions: | |
packages: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Compute repo name | |
id: repo | |
run: echo name=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_OUTPUT | |
- name: Build & Push Docker Image | |
run: | | |
# Docker login to GitHub Container Registry | |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin | |
# Build image | |
docker pull ghcr.io/${{ steps.repo.outputs.name }}:latest || : | |
docker build -f Dockerfile -t ghcr.io/${{ steps.repo.outputs.name }}:latest . \ | |
--cache-from ghcr.io/${{ steps.repo.outputs.name }}:latest \ | |
--build-arg RUBY_VERSION=${{ vars.RUBY_VERSION }} \ | |
--build-arg RAILS_ROOT=${{ vars.RAILS_ROOT }} | |
# Push image | |
docker push ghcr.io/${{ steps.repo.outputs.name }}:latest |