vaas-ruby-ci #254
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: vaas-ruby-ci | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - "ruby/**" | |
| - ".github/workflows/ci-ruby.yaml" | |
| tags: | |
| - "rb*" | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - "ruby/**" | |
| - ".github/workflows/ci-ruby.yaml" | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| type: choice | |
| description: "Test environment" | |
| options: | |
| - production | |
| - staging | |
| default: "production" | |
| env: | |
| CLIENT_ID: ${{ secrets.CLIENT_ID }} | |
| CLIENT_SECRET: ${{ (inputs.environment == 'production' || inputs.environment == null || startsWith(github.ref, 'refs/tags/rb')) && secrets.CLIENT_SECRET || secrets.STAGING_CLIENT_SECRET }} | |
| VAAS_URL: ${{ (inputs.environment == 'production' || inputs.environment == null || startsWith(github.ref, 'refs/tags/rb')) && 'wss://gateway.production.vaas.gdatasecurity.de' || 'wss://gateway.staging.vaas.gdatasecurity.de' }} | |
| TOKEN_URL: ${{ (inputs.environment == 'production' || inputs.environment == null || startsWith(github.ref, 'refs/tags/rb')) && 'https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token' || 'https://account-staging.gdata.de/realms/vaas-staging/protocol/openid-connect/token' }} | |
| VAAS_CLIENT_ID: ${{ secrets.VAAS_CLIENT_ID }} | |
| VAAS_USER_NAME: ${{ secrets.VAAS_USER_NAME }} | |
| VAAS_PASSWORD: ${{ (inputs.environment == 'production' || inputs.environment == null || startsWith(github.ref, 'refs/tags/rb')) && secrets.VAAS_PASSWORD || secrets.STAGING_VAAS_PASSWORD }} | |
| jobs: | |
| build-ruby: | |
| name: Build & Test Ruby SDK | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: "3.1" # Not needed with a .ruby-version file | |
| bundler-cache: true # runs 'bundle install' and caches installed gems automatically | |
| - name: extract version | |
| if: startsWith(github.ref, 'refs/tags/rb') | |
| run: | | |
| echo "RELEASE_VERSION=${GITHUB_REF#refs/*/rb}" >> $GITHUB_ENV | |
| echo $RELEASE_VERSION | |
| - name: set version | |
| if: startsWith(github.ref, 'refs/tags/rb') | |
| run: | | |
| sed -i "s/VERSION = '0.0.1'/VERSION = '$RELEASE_VERSION'/g" ./ruby/lib/vaas/version.rb | |
| - name: set version without tag | |
| if: ${{ !startsWith(github.ref, 'refs/tags/rb') }} | |
| run: | | |
| echo RELEASE_VERSION=$(sed -r -n 's/.*([0-9]+\.[0-9]+\.[0-9]+).*/\1/p' ./ruby/lib/vaas/version.rb) >> $GITHUB_ENV | |
| echo $RELEASE_VERSION | |
| - name: build gem | |
| run: gem build vaas.gemspec | |
| working-directory: ruby | |
| - name: install dependencies/gem | |
| run: | | |
| echo $RELEASE_VERSION | |
| gem install "vaas-$RELEASE_VERSION.gem" | |
| working-directory: ruby | |
| - name: Test | |
| run: ruby vaas_test.rb | |
| working-directory: ruby/test | |
| - name: Run simple example | |
| env: | |
| URL: "https://github.com/GDATASoftwareAG/vaas" | |
| run: ruby simple_example.rb | |
| working-directory: ruby/examples | |
| - name: Run example with reconnect | |
| env: | |
| URL: "https://github.com/GDATASoftwareAG/vaas" | |
| run: ruby example_with_reconnect.rb | |
| working-directory: ruby/examples | |
| - name: Run authentication example | |
| env: | |
| URL: "https://github.com/GDATASoftwareAG/vaas" | |
| run: ruby authentication.rb | |
| working-directory: ruby/examples | |
| - name: Push to rubygems.org | |
| if: startsWith(github.ref, 'refs/tags/rb') | |
| env: | |
| RUBY_GEMS_TOKEN: ${{ secrets.RUBY_GEMS_TOKEN }} | |
| run: | | |
| mkdir -p ~/.gem | |
| cat << EOF > ~/.gem/credentials | |
| --- | |
| :rubygems_api_key: ${RUBY_GEMS_TOKEN} | |
| EOF | |
| chmod 0600 ~/.gem/credentials | |
| set -x | |
| gem update --system | |
| gem push "vaas-$RELEASE_VERSION.gem" | |
| working-directory: ruby | |
| - name: Microsoft Teams Notification | |
| uses: skitionek/notify-microsoft-teams@master | |
| if: failure() | |
| with: | |
| webhook_url: ${{ secrets.MSTEAMS_WEBHOOK }} | |
| overwrite: "{title: `Failed workflow on for VaaS-SDK ${workflow}`, sections: [{activityTitle: 'build failed', activitySubtitle: `Failed workflow on for VaaS-SDK ${workflow}`, activityImage: 'https://adaptivecards.io/content/cats/3.png'}], themeColor: '#ff0000'}" | |
| codeql: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 360 | |
| permissions: | |
| security-events: write | |
| actions: read | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: ruby | |
| - name: Autobuild | |
| uses: github/codeql-action/autobuild@v3 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| category: "/language:ruby" | |
| - name: Microsoft Teams Notification | |
| uses: skitionek/notify-microsoft-teams@master | |
| if: failure() | |
| with: | |
| webhook_url: ${{ secrets.MSTEAMS_WEBHOOK }} | |
| overwrite: "{title: `Failed codeql on for VaaS-SDK ${workflow}`, sections: [{activityTitle: 'build failed', activitySubtitle: `Failed workflow on for VaaS-SDK ${workflow}`, activityImage: 'https://adaptivecards.io/content/cats/3.png'}], themeColor: '#ff0000'}" |