Bump the npm group across 1 directory with 9 updates #75
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
pull_request: | |
push: | |
branches: [main] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.number || github.ref }} | |
cancel-in-progress: ${{ github.ref_name != 'main' }} | |
jobs: | |
scan_ruby: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up Ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: .ruby-version | |
bundler-cache: true | |
- name: Scan for common Rails security vulnerabilities using static analysis | |
run: bin/brakeman --no-pager | |
lint: | |
runs-on: ubuntu-latest | |
needs: scan_ruby | |
permissions: | |
actions: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up Ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: .ruby-version | |
bundler-cache: true | |
- name: Set up Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .node-version | |
cache: "yarn" | |
- name: Install JavaScript dependencies | |
run: yarn install --immutable | |
- name: Restore ESLint cache | |
uses: actions/cache/restore@v4.0.2 | |
with: | |
path: .cache/eslint | |
key: eslint-main-cache | |
- name: Run ESLint | |
run: yarn eslint-ci | |
- name: Remove ESLint cache | |
if: github.event_name == 'push' | |
env: | |
GH_TOKEN: ${{ github.token }} | |
GH_REPO: ${{ github.event.repository.full_name }} | |
run: | | |
gh api --method DELETE /repos/{owner}/{repo}/actions/caches?key=eslint-main-cache || | |
echo "ESLint cache not found" | |
- name: Save ESLint cache | |
if: github.event_name == 'push' | |
uses: actions/cache/save@v4.0.2 | |
with: | |
path: .cache/eslint | |
key: eslint-main-cache | |
- name: Restore prettier cache | |
uses: actions/cache/restore@v4.0.2 | |
with: | |
path: .cache/prettier | |
key: prettier-main-cache | |
- name: Run prettier | |
run: yarn prettier-ci | |
- name: Remove prettier cache | |
if: github.event_name == 'push' | |
env: | |
GH_TOKEN: ${{ github.token }} | |
GH_REPO: ${{ github.event.repository.full_name }} | |
run: | | |
gh api --method DELETE /repos/{owner}/{repo}/actions/caches?key=prettier-main-cache || | |
echo "Prettier cache not found" | |
- name: Save prettier cache | |
if: github.event_name == 'push' | |
uses: actions/cache/save@v4.0.2 | |
with: | |
path: .cache/prettier | |
key: prettier-main-cache | |
- name: Run RuboCop | |
run: yarn rubocop-ci | |
- name: Run Syntax Tree | |
run: yarn stree | |
- name: Run Slim-Lint | |
run: yarn slim-lint | |
- name: Run zeitwerk check | |
run: bin/rails zeitwerk:check | |
test: | |
runs-on: ubuntu-latest | |
needs: [scan_ruby, lint] | |
services: | |
postgres: | |
image: postgres | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
ports: | |
- 5432:5432 | |
options: --health-cmd="pg_isready" --health-interval=10s --health-timeout=5s --health-retries=3 | |
steps: | |
- name: Install packages | |
run: sudo apt-get update && sudo apt-get install --no-install-recommends -y google-chrome-stable curl libjemalloc2 libvips postgresql-client libpq-dev | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up Ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: .ruby-version | |
bundler-cache: true | |
- name: Precompile assets | |
run: bin/bundle exec rake assets:precompile | |
- name: Run tests | |
env: | |
RAILS_ENV: test | |
DATABASE_URL: postgres://postgres:postgres@localhost:5432 | |
CI: true | |
run: | | |
bin/rails db:test:prepare | |
bin/rspec | |
- name: Keep screenshots from failed system tests | |
uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: screenshots | |
path: ${{ github.workspace }}/tmp/capybara | |
if-no-files-found: ignore | |
deploy: | |
if: ${{ github.ref == 'refs/heads/main' }} | |
runs-on: ubuntu-latest | |
needs: [scan_ruby, lint, test] | |
permissions: | |
deployments: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Deploy to Render | |
uses: JorgeLNJunior/render-deploy@v1.4.4 | |
with: | |
service_id: ${{ secrets.RENDER_SERVICE_ID }} | |
api_key: ${{ secrets.RENDER_API_KEY }} | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
github_deployment: true | |
wait_deploy: true |