Bump dry-struct from 1.6.0 to 1.7.1 #364
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: | |
| push: | |
| branches: [ main ] | |
| jobs: | |
| scan_ruby: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Ruby | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: .ruby-version | |
| bundler-cache: true | |
| - name: Scan for security vulnerabilities in Ruby Dependencies | |
| run: bin/brakeman | |
| scan_js: | |
| runs-on: ubuntu-latest | |
| needs: [ scan_ruby ] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Ruby | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: .ruby-version | |
| bundler-cache: true | |
| - name: Scan for security vulnerabilities in Javascript Dependencies | |
| run: bin/importmap audit | |
| lint: | |
| runs-on: ubuntu-latest | |
| needs: [ scan_js ] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Ruby | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: .ruby-version | |
| bundler-cache: true | |
| - name: Lint code for consistent style | |
| run: bin/rubocop | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: [ lint ] | |
| services: | |
| postgres: | |
| image: ankane/pgvector:v0.5.1 | |
| env: | |
| POSTGRES_USER: postgres | |
| POSTGRES_PASSWORD: postgres | |
| ports: | |
| - 5432:5432 | |
| options: --health-cmd="pg_isready" --health-interval=10s --health-timeout=5s --health-retries=3 | |
| steps: | |
| - name: Install packages | |
| run: sudo apt-get update && sudo apt-get install --no-install-recommends -y google-chrome-stable curl libvips postgresql-client libpq-dev | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Ruby | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: .ruby-version | |
| bundler-cache: true | |
| - | |
| name: Run tests | |
| env: | |
| RAILS_ENV: test | |
| DATABASE_PRIMARY_RW_URL: postgresql://postgres:postgres@localhost:5432/ | |
| DATABASE_CACHE_RW_URL: postgresql://postgres:postgres@localhost:5432/ | |
| DATABASE_QUEUE_RW_URL: postgresql://postgres:postgres@localhost:5432/ | |
| DATABASE_CABLE_RW_URL: postgresql://postgres:postgres@localhost:5432/ | |
| ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: deterministickeyaaaaaaaaaaaaaaaa | |
| ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: keyderivationsaltbbbbbbbbbbbbbbb | |
| ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: primarykeycccccccddddddddddddddd | |
| DATABASE_USERNAME: postgres | |
| DATABASE_PASSWORD: postgres | |
| DATABASE_SUPER_USERNAME: postgres | |
| DATABASE_SUPER_PASSWORD: postgres | |
| run: bin/rails db:setup && bundle exec rake assets:precompile && bin/bundle exec rspec | |
| - name: Keep screenshots from failed system tests | |
| uses: actions/upload-artifact@v4 | |
| if: failure() | |
| with: | |
| name: screenshots | |
| path: ${{ github.workspace }}/tmp/screenshots | |
| if-no-files-found: ignore | |
| build_container: | |
| runs-on: ubuntu-latest | |
| needs: [ test ] | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: write package.json | |
| uses: mikefarah/yq@master | |
| with: | |
| cmd: yq --output-format=json -i '.sha = "${{ github.sha }}"' ./info.json | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: tillawy/ckretz | |
| tags: | | |
| type=raw,value=${{ github.sha }} | |
| - name: Docker buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push container image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: linux/amd64 | |
| ###### DEPLOY | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [ build_container ] | |
| steps: | |
| - | |
| name: FluxCD Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: 'ckretz-org/ckretz-helm-production' | |
| ref: 'main' | |
| ssh-key: ${{ secrets.FLUX_SSH_DEPLOY_KEY }} | |
| # Relative path under $GITHUB_WORKSPACE to place the repository | |
| path: '' | |
| - | |
| name: FluxCD write target image tag | |
| uses: mikefarah/yq@master | |
| with: | |
| cmd: yq --output-format=yaml -i '.spec.values.apps.app.tag = "${{ github.sha }}"' ./apps/ckretz.yaml | |
| - | |
| name: FluxCD debug ./apps/ckretz.yaml | |
| uses: mikefarah/yq@master | |
| with: | |
| cmd: cat ./apps/ckretz.yaml | |
| - | |
| name: Commit files | |
| run: | | |
| git config --local user.email "github-actions[bot]@users.noreply.github.com" | |
| git config --local user.name "github-actions[bot]" | |
| git commit -a -m "Deploy at $(date +'%Y-%m-%dT%H:%M:%S')" | |
| - | |
| name: Push changes | |
| uses: ad-m/github-push-action@master | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| branch: "main" | |
| repository: 'ckretz-org/ckretz-helm-production' | |
| ssh: true |