Bump omniauth and omniauth-cas #154
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: [ push, pull_request, workflow_dispatch ] | |
env: | |
REGISTRY: ghcr.io | |
jobs: | |
# TODO: DRY w/release.yml | |
setup: | |
runs-on: ubuntu-latest | |
steps: | |
# See https://github.com/docker/build-push-action/blob/v2.10.0/TROUBLESHOOTING.md#repository-name-must-be-lowercase | |
- name: Sanitize image name | |
uses: actions/github-script@v6 | |
id: image-name | |
with: | |
result-encoding: string | |
script: return '${{ env.REGISTRY }}/${{ github.repository }}'.toLowerCase() | |
- name: Get short SHA | |
run: | | |
echo SHORT_SHA="${GITHUB_SHA:0:7}" >> $GITHUB_ENV | |
outputs: | |
base_image_name: ${{ steps.image-name.outputs.result }} | |
build_image: ${{ steps.image-name.outputs.result }}:${{ env.SHORT_SHA }} | |
build: | |
if: github.event_name != 'release' | |
needs: setup | |
env: | |
BUILD_IMAGE: ${{ needs.setup.outputs.build_image }} | |
runs-on: ubuntu-latest | |
permissions: | |
packages: write | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Log in to the Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Get build start time | |
run: | | |
echo BUILD_TIMESTAMP="$(date --utc --iso-8601=seconds)" >> $GITHUB_ENV | |
- name: Build and push Docker image | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
push: true | |
tags: ${{ env.BUILD_IMAGE }} | |
build-args: | | |
BUILD_TIMESTAMP=${{ env.BUILD_TIMESTAMP }} | |
BUILD_URL=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
DOCKER_TAG=${{ env.BUILD_IMAGE }} | |
GIT_BRANCH=${{ github.ref_name }} | |
GIT_COMMIT=${{ github.sha }} | |
GIT_URL=${{ github.repositoryUrl }} | |
outputs: | |
build_image: ${{ env.BUILD_IMAGE }} | |
test: | |
if: github.event_name != 'release' | |
needs: build | |
runs-on: ubuntu-latest | |
container: | |
options: --init | |
image: ${{ needs.build.outputs.build_image }} | |
defaults: | |
run: | |
working-directory: /opt/app | |
services: | |
db: | |
image: postgres | |
env: | |
POSTGRES_USER: root | |
POSTGRES_PASSWORD: root | |
# solr: | |
# image: solr:8 | |
# #restart: always | |
# ports: | |
# - 8983:8983 | |
# volumes: | |
# - ${{ github.workspace }}/solr:/var/solr/data/configsets/solr:delegated | |
steps: | |
- name: Run tests | |
env: | |
RAILS_ENV: test | |
run: bundle exec rake check -t | |
- name: Run style checks | |
run: bundle exec rubocop | |
- name: Validate database migrations | |
env: | |
RAILS_ENV: test | |
DISABLE_DATABASE_ENVIRONMENT_CHECK: 1 | |
run: rails --trace db:drop db:create db:migrate | |
- name: Upload artifacts | |
if: ${{ always() }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: artifacts | |
path: | | |
/opt/app/artifacts/** | |
/tmp/solr*/server/logs | |
# TODO: DRY w/release.yml | |
push: | |
if: github.event_name != 'release' | |
needs: [ setup, build, test ] | |
env: | |
BASE_IMAGE_NAME: ${{ needs.setup.outputs.base_image_name }} | |
BUILD_IMAGE: ${{ needs.build.outputs.build_image }} | |
runs-on: ubuntu-latest | |
permissions: | |
packages: write | |
steps: | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ${{ env.BASE_IMAGE_NAME }} | |
- name: Log in to the Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Tag and push image | |
uses: akhilerm/[email protected] | |
with: | |
src: ${{ env.BUILD_IMAGE }} | |
dst: | | |
${{ steps.meta.outputs.tags }} |