diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..74884bf5 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,77 @@ +# This workflow uses actions that are not certified by GitHub. They are +# provided by a third-party and are governed by separate terms of service, +# privacy policy, and support documentation. +# +# This workflow will install a prebuilt Ruby version, install dependencies, and +# run tests and linters. +name: "CI" +on: + push: + branches: [main] + pull_request: + branches: [main] +jobs: + test: + name: Test + runs-on: ubuntu-latest + services: + postgres: + image: postgres:14.1 + ports: + - "5432:5432" + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + + env: + POSTGRES_DB: rails_test + POSTGRES_USER: rails + POSTGRES_PASSWORD: password + env: + POSTGRES_DB: rails_test + POSTGRES_USER: rails + POSTGRES_PASSWORD: password + RAILS_ENV: test + DATABASE_URL: "postgres://rails:password@localhost:5432/rails_test" + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Install Ruby and gems + uses: ruby/setup-ruby@v3 + with: + ruby-version: 3.1 + bundler-cache: true + + - name: Set up Rails + run: | + cp config/secrets.example.yml config/secrets.yml + cp config/database.ci.yml config/database.yml + + - name: Set up database schema + run: | + bin/rails db:create db:schema:load --trace + + - name: Run tests + run: bundle exec rspec + + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + - name: Install Ruby and gems + uses: ruby/setup-ruby@v1 + with: + ruby-version: 3.1 + bundler-cache: true + - name: Security audit dependencies + run: bundle exec bundler-audit --update + - name: Security audit application code + run: bundle exec brakeman -q -w2 + # - name: Lint Ruby files + # run: bin/rubocop --parallel