-
Notifications
You must be signed in to change notification settings - Fork 12
175 lines (143 loc) · 4.82 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
name: CI
on: push
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
test:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:17-alpine
ports: ['5432:5432']
env:
POSTGRES_PASSWORD: postgres
redis:
image: redis:alpine
ports: ['6379:6379']
env:
DB_HOST: localhost
DB_USER: postgres
DB_PASSWORD: postgres
REDIS_URL: redis://localhost:6379/0
RAILS_ENV: test
CI: true
RUBY_YJIT_ENABLE: 1
steps:
- uses: actions/checkout@v4
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node.js
uses: actions/[email protected]
with:
cache: yarn
node-version-file: 'package.json'
- name: Install Yarn packages
run: bin/yarn install --immutable
- name: Lint with RuboCop
run: bin/rubocop --parallel
- name: Scan for common Rails security vulnerabilities using static analysis
run: bin/brakeman --no-pager
- name: Run ESLint
run: bin/yarn lint
- name: Check for TypeScript errors
run: bin/yarn tsc
- name: Setup PostgreSQL
run: bin/rails db:create
- name: Compile assets
run: bin/rails assets:precompile
- name: Run Ruby Tests
run: bin/rspec
- name: Run JavaScript tests
run: bin/yarn test --coverage
- name: End-to-end tests
uses: cypress-io/github-action@v6
with:
start: bundle exec rails server
wait-on: http://localhost:3000
browser: chrome
record: true
env:
CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CYPRESS_BASE_URL: http://localhost:3000
CYPRESS: true
if: env.CYPRESS_RECORD_KEY != null
- name: Check JS size limit
run: yarn size-limit
- uses: actions/upload-artifact@v4
if: failure()
with:
name: Cypress screenshots and videos
path: |
tmp/cypress_screenshots/
tmp/cypress_videos/
if-no-files-found: ignore
deploy:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags')
needs: test
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Fetch tag annotations
# https://github.com/actions/checkout/issues/290
run: git fetch --tags --force
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
ghcr.io/templatus/templatus-vue
# generate Docker tags based on the following events/attributes
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set ENV values
run: |
echo "COMMIT_TIME=$(git show -s --format=%cI $GITHUB_SHA)" >> $GITHUB_ENV
echo "COMMIT_VERSION=$(git describe --always)" >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
COMMIT_SHA=${{ github.sha }}
COMMIT_TIME=${{ env.COMMIT_TIME }}
COMMIT_VERSION=${{ env.COMMIT_VERSION }}
COMMIT_BRANCH=${{ github.head_ref || github.ref_name }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Send webhook to start deployment
env:
DEPLOY_HOOK: ${{ secrets.DEPLOY_HOOK }}
if: env.DEPLOY_HOOK != null
run: curl -X POST ${{ env.DEPLOY_HOOK }}
- name: Notify Honeybadger about deployment
env:
DEPLOY_HOOK: ${{ secrets.DEPLOY_HOOK }}
HONEYBADGER_API_KEY: ${{ secrets.HONEYBADGER_API_KEY }}
if: env.DEPLOY_HOOK != null && env.HONEYBADGER_API_KEY != null
uses: honeybadger-io/github-notify-deploy-action@v1
with:
api_key: ${{ secrets.HONEYBADGER_API_KEY }}