Skip to content

Apply suggestions from code review #3834

Apply suggestions from code review

Apply suggestions from code review #3834

Workflow file for this run

name: Backend CI (Tests, linter and security)
on:
push:
branches:
- "**"
- "!master"
env:
CI: true
COVERAGE: true
RUBY_VERSION: 3.2.2
BACK_HOST: http://localhost:3001
FRONT_HOST: http://localhost:3000
ALLOWED_ORIGINS: http://localhost:3000
OAUTH_HOST: https://app-test.moncomptepro.beta.gouv.fr
API_GOUV_HOST: https://staging.api.gouv.fr
PG_USER: datapass
PG_PASSWORD: datapass
PG_HOST: localhost
PG_DATABASE: datapass-test
INSEE_HOST: http://localhost
INSEE_CONSUMER_KEY: fake_key
INSEE_CONSUMER_SECRET: fake_secret
DO_NOT_VALIDATE_MAIL: "True"
DO_NOT_SEND_MAIL: "False"
jobs:
test:
name: Tests (RSpec)
runs-on: ubuntu-20.04
defaults:
run:
working-directory: ./backend
services:
postgres:
image: postgres:12.12
env:
POSTGRES_USER: datapass
POSTGRES_PASSWORD: datapass
POSTGRES_DB: datapass-test
ports:
- 5432:5432
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
redis:
image: redis
ports: ["6379:6379"]
options: --entrypoint redis-server
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ env.RUBY_VERSION }}
# - name: Setup tmate session (for debugging purpose)
# uses: mxschmitt/action-tmate@v2
- name: Install postgres client #and imagemagick
run: sudo apt-get install libpq-dev #imagemagick
# - name: Authorize PDF manipulation for imagemagick
# run: |
# sudo grep -v PDF /etc/ImageMagick-6/policy.xml > policy.xml
# sudo cp policy.xml /etc/ImageMagick-6/policy.xml
- name: Cache Gems
uses: actions/cache@v3
with:
path: vendor/bundle
key: ${{ runner.os }}-gems-1-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-
- name: Bundle install
run: |
gem install bundler
bundle config path vendor/bundle
bundler install --jobs 4 --retry 3
- name: Create database
env:
POSTGRES_HOST: localhost
POSTGRES_PORT: ${{ job.services.postgres.ports[5432] }}
run: |
bundler exec rails db:create RAILS_ENV=test
bundler exec rails db:schema:load RAILS_ENV=test
- name: Run StandardRB (linter)
run: |
bundle exec standardrb
- name: Run Brakeman (security)
run: |
bundle exec brakeman
- name: Run tests & publish coverage
uses: paambaati/[email protected]
env:
CC_TEST_REPORTER_ID: c520d0a599739b0fb177eb2ecfeaa72792c262af475dfa0a7bcea092fdcd3301
with:
coverageCommand: bundle exec rspec
workingDirectory: backend
# lint:
# name: Linter (StandardRB)
# runs-on: ubuntu-20.04
# if: "${{ github.actor != 'dependabot[bot]' }}"
# steps:
# - name: Checkout code
# uses: actions/checkout@v3
# - name: Run Standardrb linter
# uses: amoeba/standardrb-action@master
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# PROJECT_PATH: datapass-backend
# security:
# name: Brakeman
# if: "${{ github.actor != 'dependabot[bot]' }}"
# runs-on: ubuntu-20.04
# steps:
# - name: Checkout code
# uses: actions/checkout@v3
# - name: Run Brakeman linter action
# uses: devmasx/brakeman-linter-action@master
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# PROJECT_PATH: datapass-backend