-
Notifications
You must be signed in to change notification settings - Fork 1
161 lines (129 loc) · 4.21 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
name: CI
on:
pull_request:
push:
jobs:
scan_ruby:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Scan for common Rails security vulnerabilities using static analysis
run: bin/brakeman --no-pager
scan_js:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Scan for security vulnerabilities in JavaScript dependencies
run: bin/importmap audit
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Lint code for consistent style
run: |
bin/rubocop --format json --out rubocop_output.json
offenses_per_file=$(jq '.files[] | {path, offenses: (.offenses | length)} | select(.offenses > 1)' rubocop_output.json)
if [[ -n "$offenses_per_file" ]]; then
echo "There are files with more than 1 offense:"
echo "$offenses_per_file"
exit 1
else
echo "All files have 1 or fewer offenses."
fi
test:
runs-on: ubuntu-latest
# services:
# redis:
# image: redis
# ports:
# - 6379:6379
# options: --health-cmd "redis-cli ping" --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- name: Install packages
run: sudo apt-get update && sudo apt-get install --no-install-recommends -y google-chrome-stable curl libjemalloc2 libvips sqlite3
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Install bundler
run: gem install bundler
- name: Install dependencies
run: |
bundle install
- name: Run database migrations
run: bin/rails db:migrate RAILS_ENV=test
- name: Prepare the test database
run: bin/rails db:test:prepare
- name: Debug installed gems
run: |
bundle exec gem list
- name: Run tests
env:
RAILS_ENV: test
# REDIS_URL: redis://localhost:6379/0
# run: bin/rails db:test:prepare test test:system
run: |
bundle exec rails test
- name: Check test coverage
run: |
covered_percent=$(ruby -r simplecov -e "puts SimpleCov.result.covered_percent")
if (( $(echo "$covered_percent < 90" | bc -l) )); then
echo "Code coverage is below 90%: $covered_percent%"
exit 1
else
echo "Code coverage is sufficient: $covered_percent%"
fi
- name: Keep screenshots from failed system tests
uses: actions/upload-artifact@v4
if: failure()
with:
name: screenshots
path: ${{ github.workspace }}/tmp/screenshots
if-no-files-found: ignore
cucumber_coverage:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Install dependencies
run: bundle install
- name: Run Cucumber tests with coverage
run: |
bundle exec cucumber --format pretty --format html --out cucumber_report.html
if grep -q "coverage below" coverage/.last_run.json; then
echo "Test coverage is below the required threshold"
exit 1
else
echo "Test coverage meets the required threshold"
fi
- name: Upload Cucumber HTML Report
uses: actions/upload-artifact@v4
with:
name: cucumber-report
path: cucumber_report.html