Skip to content

Instantly share code, notes, and snippets.

@dorianmariecom

dorianmariecom/ci.yml

Created February 25, 2024 19:24
Show Gist options
  • Save dorianmariecom/2a93ce9a318392c922beb5e84dbf8b5c to your computer and use it in GitHub Desktop.
Save dorianmariecom/2a93ce9a318392c922beb5e84dbf8b5c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ci.yml
name: CI
on: push
jobs:
brakeman:
name: Brakeman
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- run: sudo apt-get install -y pandoc
- run: bin/brakeman -A -q --color
bundler-audit:
name: Bundler Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- run: bin/bundler-audit
importmap-audit:
name: Importmap Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- run: bin/importmap audit
importmap-outdated:
name: Importmap Outdated
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- run: bin/importmap outdated
rspec:
name: RSpec
runs-on: ubuntu-latest
env:
RAILS_ENV: test
PGHOST: localhost
PGUSER: postgres
PGPASSWORD: password
POSTGRES_HOST: localhost
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
RAILS_MASTER_KEY: ${{secrets.TEST_RAILS_MASTER_KEY}}
services:
postgres:
image: postgres:latest
ports: ["5432:5432"]
env:
RAILS_ENV: test
PGHOST: localhost
PGUSER: postgres
PGPASSWORD: password
POSTGRES_HOST: localhost
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
ruby-version: 3.3.0
bundler-cache: true
- uses: actions/setup-node@v4
with:
node-version: 20.11.0
cache: 'yarn'
- run: yarn install --frozen-lockfile --immutable --ignore-engines
- run: sudo apt-get -yqq install libpq-dev pandoc
- run: bin/rails db:create db:schema:load
- run: bin/rails assets:precompile
- run: bin/rspec
rubocop:
name: Rubocop
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- run: bin/rubocop
yarn-audit:
name: Yarn Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- run: yarn audit
deploy:
name: Deploy
runs-on: ubuntu-latest
needs:
- brakeman
- bundler-audit
- importmap-audit
- importmap-outdated
- rspec
- rubocop
- yarn-audit
steps:
- uses: actions/checkout@v4
- uses: webfactory/[email protected]
with:
ssh-private-key: ${{secrets.SSH_PRIVATE_KEY}}
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
username: ${{secrets.KAMAL_REGISTRY_USERNAME}}
password: ${{secrets.KAMAL_REGISTRY_PASSWORD}}
- uses: docker/build-push-action@v5
with:
context: .
cache-from: type=gha
cache-to: type=gha,mode=max
push: true
tags: ${{github.repository}}:${{github.sha}}
- uses: ruby/setup-ruby@v1
with:
ruby-version: 3.3.0
bundler-cache: true
- run: gem install kamal
- run: kamal lock release
if: github.ref == 'refs/heads/main'
- run: kamal deploy --skip-push
env:
KAMAL_REGISTRY_USERNAME: ${{secrets.KAMAL_REGISTRY_USERNAME}}
KAMAL_REGISTRY_PASSWORD: ${{secrets.KAMAL_REGISTRY_PASSWORD}}
RAILS_MASTER_KEY: ${{secrets.PRODUCTION_RAILS_MASTER_KEY}}
POSTGRES_PASSWORD: ${{secrets.POSTGRES_PASSWORD}}
DATABASE_URL: ${{secrets.DATABASE_URL}}
if: github.ref == 'refs/heads/main'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment