aboutsummaryrefslogtreecommitdiffstats
path: root/.github/workflows/ci.yml
diff options
context:
space:
mode:
Diffstat (limited to '.github/workflows/ci.yml')
-rw-r--r--.github/workflows/ci.yml90
1 files changed, 90 insertions, 0 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..00af91f
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,90 @@
+name: CI
+
+on:
+ pull_request:
+ push:
+ branches: [ main ]
+
+jobs:
+ scan_ruby:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Set up Ruby
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: .ruby-version
+ bundler-cache: true
+
+ - name: Scan for common Rails security vulnerabilities using static analysis
+ run: bin/brakeman --no-pager
+
+ scan_js:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Set up Ruby
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: .ruby-version
+ bundler-cache: true
+
+ - name: Scan for security vulnerabilities in JavaScript dependencies
+ run: bin/importmap audit
+
+ lint:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Set up Ruby
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: .ruby-version
+ bundler-cache: true
+
+ - name: Lint code for consistent style
+ run: bin/rubocop -f github
+
+ test:
+ runs-on: ubuntu-latest
+
+ # services:
+ # redis:
+ # image: redis
+ # ports:
+ # - 6379:6379
+ # options: --health-cmd "redis-cli ping" --health-interval 10s --health-timeout 5s --health-retries 5
+ steps:
+ - name: Install packages
+ run: sudo apt-get update && sudo apt-get install --no-install-recommends -y google-chrome-stable curl libjemalloc2 libvips sqlite3
+
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Set up Ruby
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: .ruby-version
+ bundler-cache: true
+
+ - name: Run tests
+ env:
+ RAILS_ENV: test
+ # REDIS_URL: redis://localhost:6379/0
+ run: bin/rails db:test:prepare test test:system
+
+ - name: Keep screenshots from failed system tests
+ uses: actions/upload-artifact@v4
+ if: failure()
+ with:
+ name: screenshots
+ path: ${{ github.workspace }}/tmp/screenshots
+ if-no-files-found: ignore