Locker tweaks before push to prod #3532
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: [push, pull_request] | |
env: | |
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} | |
DB_HOST: localhost | |
DB_USERNAME: postgres | |
DB_PASSWORD: postgres | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres:14 | |
env: | |
POSTGRES_DB: makerspacerepo_test | |
POSTGRES_PASSWORD: postgres | |
POSTGRES_USER: postgres | |
ports: | |
- 5432:5432 | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
redis: | |
image: redis | |
ports: ["6379:6379"] | |
options: --entrypoint redis-server | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Setup Ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 3.1.2 | |
bundler-cache: true | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: "18.12.1" | |
cache: "yarn" | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: 3.11 | |
- name: Run Yarn install | |
uses: borales/actions-yarn@v4 | |
with: | |
cmd: install | |
- name: Create Credentials File | |
id: create-json | |
uses: jsdaniell/[email protected] | |
with: | |
name: "makerepo-1632742c49cc.json" | |
json: ${{ secrets.CREDENTIALS_JSON }} | |
dir: "config/" | |
- name: Prepare Test | |
env: | |
DATABASE_URL: postgres://postgres:@localhost:5432/makerspacerepo_test | |
REDIS_URL: redis://localhost:6379/0 | |
RAILS_ENV: test | |
run: | | |
sudo apt-get update | |
sudo apt-get -yqq install libpq-dev imagemagick | |
mkdir certs && touch certs/saml.key && touch certs/saml.crt | |
openssl req -x509 -newkey rsa:4096 -keyout certs/saml.key -out certs/saml.crt -days 1 -nodes -subj "/C=CA/ST=Ontario/L=Ottawa/O=uOttawa/OU=Richard L'Abbé Makerspace/CN=makerepo.com/[email protected]" | |
wget https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6.1-2/wkhtmltox_0.12.6.1-2.jammy_amd64.deb | |
sudo apt install ./wkhtmltox_0.12.6.1-2.jammy_amd64.deb | |
- name: Migrate DB | |
env: | |
DATABASE_URL: postgres://postgres:@localhost:5432/makerspacerepo_test | |
REDIS_URL: redis://localhost:6379/0 | |
RAILS_ENV: test | |
run: | | |
bundle exec rails db:prepare | |
bundle exec rails db:migrate | |
- name: Run tests | |
env: | |
DATABASE_URL: postgres://postgres:@localhost:5432/makerspacerepo_test | |
REDIS_URL: redis://localhost:6379/0 | |
RAILS_ENV: test | |
run: | | |
bundle exec rails spec | |
- name: Deploy Staging | |
if: github.ref == 'refs/heads/staging' | |
env: | |
DEPLOY_ENC_KEY: ${{ secrets.DEPLOY_ENC_KEY }} | |
run: | | |
openssl enc -d -aes-256-cbc -md sha512 -salt -in config/deploy_id_ed25519_staging_enc -out config/deploy_id_ed25519_staging -k $DEPLOY_ENC_KEY -a -pbkdf2 | |
chmod 600 config/deploy_id_ed25519_staging | |
eval "$(ssh-agent -s)" | |
ssh-add config/deploy_id_ed25519_staging | |
gem install capistrano | |
bundle exec cap staging deploy | |
- name: Deploy Master | |
if: github.ref == 'refs/heads/master' | |
env: | |
DEPLOY_ENC_KEY: ${{ secrets.DEPLOY_ENC_KEY }} | |
run: | | |
openssl enc -d -aes-256-cbc -md sha512 -salt -in config/deploy_id_ed25519_prod_enc -out config/deploy_id_ed25519_prod -k $DEPLOY_ENC_KEY -a -pbkdf2 | |
chmod 600 config/deploy_id_ed25519_prod | |
eval "$(ssh-agent -s)" | |
ssh-add config/deploy_id_ed25519_prod | |
gem install capistrano | |
bundle exec cap production deploy | |
- uses: ravsamhq/notify-slack-action@master | |
if: always() | |
with: | |
status: ${{ job.status }} | |
notify_when: "success,failure,warnings" | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
- uses: toko-bifrost/ms-teams-deploy-card@master | |
if: always() | |
with: | |
github-token: ${{ github.token }} | |
webhook-uri: ${{ secrets.MS_TEAMS_WEBHOOK_URI }} | |
timezone: "America/Montreal" | |
show-on-start: false |