Skip to content

Root cert setup

Root cert setup #141

Workflow file for this run

name: CI
on:
pull_request:
push:
branches: [ main ]
jobs:
build_test: # all steps run in dev container
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build Dev Container task
uses: devcontainers/[email protected]
with:
imageName: ghcr.io/astral-devcontainer
cacheFrom: ghcr.io/astral-devcontainer
push: never
runCmd: |
# Add multiple commands to run if needed
bundle install
- name: Lint code for consistent style
uses: devcontainers/[email protected]
with:
imageName: ghcr.io/astral-devcontainer
cacheFrom: ghcr.io/astral-devcontainer
push: never
runCmd: bin/rubocop -f github
- name: Run brakeman
uses: devcontainers/[email protected]
with:
imageName: ghcr.io/astral-devcontainer
cacheFrom: ghcr.io/astral-devcontainer
push: never
runCmd: bin/brakeman --no-pager
- name: Run tests
uses: devcontainers/[email protected]
with:
imageName: ghcr.io/astral-devcontainer
cacheFrom: ghcr.io/astral-devcontainer
push: never
runCmd: bin/rails test
- name: Keep screenshots from failed system tests
uses: actions/upload-artifact@v4
if: failure()
with:
name: screenshots
path: ${{ github.workspace }}/tmp/screenshots
if-no-files-found: ignore
docker:
name: Publish Docker Image
runs-on: ubuntu-latest
environment: docker
needs: [build_test]
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
permissions:
packages: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Compute repo name
id: repo
run: echo name=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_OUTPUT
- name: Build & Push Docker Image
run: |
# Docker login to GitHub Container Registry
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
# Build image
docker pull ghcr.io/${{ steps.repo.outputs.name }}:latest || :
docker build -f Dockerfile -t ghcr.io/${{ steps.repo.outputs.name }}:latest . \
--cache-from ghcr.io/${{ steps.repo.outputs.name }}:latest \
--build-arg RUBY_VERSION=${{ vars.RUBY_VERSION }} \
--build-arg RAILS_ROOT=${{ vars.RAILS_ROOT }}
# Push image
docker push ghcr.io/${{ steps.repo.outputs.name }}:latest