-
Notifications
You must be signed in to change notification settings - Fork 4
105 lines (102 loc) · 3.55 KB
/
ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
name: CI CD
on:
push:
branches:
- master
- release
jobs:
static-analysis:
name: Static Analysis
runs-on: ubuntu-latest
steps:
- name: Checkout code
if: contains(github.event.head_commit.message, 'skip ci') == false
uses: actions/checkout@v1
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.7.8
- name: Install dependencies
run: gem install brakeman bundler-audit
- name: Perform Brakeman vulnerability scan
run: brakeman
- name: Perform Bundler audit
run: bundle audit check --update --ignore $(while read line; do echo -n "$line "; done <config/bundler-audit.ignore)
# - name: Perform Yarn audit
# run: bin/yarn audit
test:
name: Test
runs-on: ubuntu-latest
services:
postgres:
image: postgres
ports:
- 5432:5432
env:
POSTGRES_DB: roombooking_test
POSTGRES_HOST_AUTH_METHOD: trust
redis:
image: redis
ports:
- 6379:6379
steps:
- name: Checkout code
if: contains(github.event.head_commit.message, 'skip ci') == false
uses: actions/checkout@master
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.7.8
- name: Cache build artefacts
uses: actions/cache@v1
with:
path: vendor/bundle
key: roombooking-cache-v2-${{ runner.os }}-gem-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
roombooking-cache-v2-${{ runner.os }}-gem-
- name: Install dependencies
run: |
sudo apt-get -y install libpq-dev
gem install bundler
bundle config set deployment 'true'
bundle install --jobs 4 --retry 3
bin/yarn install --non-interactive --network-concurrency 4 --network-timeout 5000
- name: Configure environment
run: |
rm -f .env && touch .env
echo "RAILS_ENV=test" >> .env
echo "RAILS_MAX_THREADS=1" >> .env
echo "WEB_CONCURRENCY=1" >> .env
echo "DISABLE_SPRING=1" >> .env
echo "SITE_HOSTNAME=roombooking.adctheatre.com" >> .env
echo "REDIS_CACHE=redis://127.0.0.1:6379/1" >> .env
echo "REDIS_STORE=redis://127.0.0.1:6379/1" >> .env
echo "CAMDRAM_APP_ID=${{ secrets.CAMDRAM_APP_ID }}" >> .env
echo "CAMDRAM_APP_SECRET=${{ secrets.CAMDRAM_APP_SECRET }}" >> .env
echo "SECRET_KEY_BASE=${{ secrets.SECRET_KEY_BASE }}" >> .env
echo "CODECOV_TOKEN=${{ secrets.CODECOV_TOKEN }}" >> .env
- name: Setup database
run: bin/bundle exec rails db:schema:load roombooking:search:setup
env:
RAILS_ENV: test
DISABLE_SPRING: 1
DATABASE_PORT: 5432
- name: Run tests
run: bin/bundle exec rails test
env:
RAILS_ENV: test
DISABLE_SPRING: 1
DATABASE_PORT: 5432
deploy:
name: Deploy
needs: [static-analysis, test]
runs-on: ubuntu-latest
if: "github.ref == 'refs/heads/release'"
steps:
- name: SSH to server
run: |
umask 0077
mkdir -p $HOME/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" >> $HOME/.ssh/id_rsa
echo "${{ secrets.SSH_HOST_KEY }}" >> $HOME/.ssh/known_hosts
ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "export PATH="/opt/embedded/ruby/bin:$PATH" && cd /opt/roombooking && bin/update release && sudo systemctl restart roombooking.target"