CI: Build artefacts for sandbox #3080
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Backend CI (Tests, linter and security) | |
on: | |
push: | |
branches: | |
- "**" | |
- "!master" | |
env: | |
CI: true | |
COVERAGE: true | |
RUBY_VERSION: 3.2.0 | |
BACK_HOST: http://localhost:3001 | |
FRONT_HOST: http://localhost:3000 | |
ALLOWED_ORIGINS: http://localhost:3000 | |
OAUTH_HOST: https://app-test.moncomptepro.beta.gouv.fr | |
API_GOUV_HOST: https://staging.api.gouv.fr | |
PG_USER: datapass | |
PG_PASSWORD: datapass | |
PG_HOST: localhost | |
PG_DATABASE: datapass | |
INSEE_HOST: http://localhost | |
INSEE_CONSUMER_KEY: fake_key | |
INSEE_CONSUMER_SECRET: fake_secret | |
DO_NOT_VALIDATE_MAIL: "True" | |
DO_NOT_SEND_MAIL: "False" | |
jobs: | |
test: | |
name: Tests (RSpec) | |
runs-on: ubuntu-20.04 | |
defaults: | |
run: | |
working-directory: ./backend | |
services: | |
postgres: | |
image: postgres:12.12 | |
env: | |
POSTGRES_USER: datapass | |
POSTGRES_PASSWORD: datapass | |
POSTGRES_DB: datapass | |
ports: | |
- 5432:5432 | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
redis: | |
image: redis | |
ports: ["6379:6379"] | |
options: --entrypoint redis-server | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Setup ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: ${{ env.RUBY_VERSION }} | |
# - name: Setup tmate session (for debugging purpose) | |
# uses: mxschmitt/action-tmate@v2 | |
- name: Install postgres client #and imagemagick | |
run: sudo apt-get install libpq-dev #imagemagick | |
# - name: Authorize PDF manipulation for imagemagick | |
# run: | | |
# sudo grep -v PDF /etc/ImageMagick-6/policy.xml > policy.xml | |
# sudo cp policy.xml /etc/ImageMagick-6/policy.xml | |
- name: Cache Gems | |
uses: actions/cache@v3 | |
with: | |
path: vendor/bundle | |
key: ${{ runner.os }}-gems-1-${{ hashFiles('**/Gemfile.lock') }} | |
restore-keys: | | |
${{ runner.os }}-gems- | |
- name: Bundle install | |
run: | | |
gem install bundler | |
bundle config path vendor/bundle | |
bundler install --jobs 4 --retry 3 | |
- name: Create database | |
env: | |
POSTGRES_HOST: localhost | |
POSTGRES_PORT: ${{ job.services.postgres.ports[5432] }} | |
run: | | |
bundler exec rails db:create RAILS_ENV=test | |
bundler exec rails db:schema:load RAILS_ENV=test | |
- name: Run StandardRB (linter) | |
run: | | |
bundle exec standardrb | |
- name: Run Brakeman (security) | |
run: | | |
bundle exec brakeman | |
- name: Run tests & publish coverage | |
uses: paambaati/[email protected] | |
env: | |
CC_TEST_REPORTER_ID: c520d0a599739b0fb177eb2ecfeaa72792c262af475dfa0a7bcea092fdcd3301 | |
with: | |
coverageCommand: bundle exec rspec | |
workingDirectory: backend | |
# lint: | |
# name: Linter (StandardRB) | |
# runs-on: ubuntu-20.04 | |
# if: "${{ github.actor != 'dependabot[bot]' }}" | |
# steps: | |
# - name: Checkout code | |
# uses: actions/checkout@v3 | |
# - name: Run Standardrb linter | |
# uses: amoeba/standardrb-action@master | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# PROJECT_PATH: datapass-backend | |
# security: | |
# name: Brakeman | |
# if: "${{ github.actor != 'dependabot[bot]' }}" | |
# runs-on: ubuntu-20.04 | |
# steps: | |
# - name: Checkout code | |
# uses: actions/checkout@v3 | |
# - name: Run Brakeman linter action | |
# uses: devmasx/brakeman-linter-action@master | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# PROJECT_PATH: datapass-backend |