Skip to content

Run bundle update brakeman --conservative #1215

Run bundle update brakeman --conservative

Run bundle update brakeman --conservative #1215

Workflow file for this run

name: Verify
on: [push]
env:
HONEYBADGER_API_KEY: ${{ secrets.HONEYBADGER_API_KEY }}
jobs:
lint:
name: Linters
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Ruby and install gems
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
cache: npm
- name: Node version
run: |
node --version
- name: Install npm packages
run: |
npm ci
- name: Install sqlite extensions
run: |
bin/sqlpkg install
- name: Run Ruby linter
run: |
bin/standardrb --parallel
- name: Run ERB linter
run: |
bin/erb_lint --lint-all
- name: Run Bundler audit
run: |
bin/bundler-audit --update
- name: Run security checks
run: |
bin/brakeman -q -w2
test:
name: Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Ruby and install gems
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
cache: npm
- name: Node version
run: |
node --version
- name: Install npm packages
run: |
npm ci
- name: Install sqlite extensions
run: |
bin/sqlpkg install
- name: Setup test database
env:
RAILS_ENV: test
run: |
bin/rails db:setup
- name: Run tests
env:
RAILS_ENV: test
run: bin/rspec
- name: Upload coverage results
uses: actions/upload-artifact@v4
if: always()
with:
name: coverage-report
path: coverage
- name: Keep screenshots from failed system tests
uses: actions/upload-artifact@v4
if: failure()
with:
name: screenshots
path: ${{ github.workspace }}/tmp/capybara
if-no-files-found: ignore
setup:
name: Setup
runs-on: ubuntu-latest
env:
RAILS_ENV: development
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Ruby and install gems
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
cache: npm
- name: Node version
run: |
node --version
- name: Install npm packages
run: |
npm ci
- name: Install sqlite extensions
run: |
bin/sqlpkg install
- name: Run local setup script
run: bin/setup
- name: Run local setup script idempotently
run: bin/setup
npm-test:
name: Tests - JavaScript
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Ruby and install gems
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
cache: npm
- name: Node version
run: |
node --version
- name: Install npm packages
run: |
npm ci
- name: Install sqlite extensions
run: |
bin/sqlpkg install
- name: Run JavaScript unit tests
run: |
npm run test -- --watch=false
assets:
name: Assets
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Ruby and install gems
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
cache: npm
- name: Node version
run: |
node --version
- name: Install npm packages
run: |
npm ci
- name: Install sqlite extensions
run: |
bin/sqlpkg install
- name: Make sure assets compile
run: |
bin/rails assets:precompile
- uses: actions/upload-artifact@v4
with:
name: assets
path: public
retention-days: 1
boot:
name: Boot
runs-on: ubuntu-latest
env:
RAILS_MASTER_PRODUCTION_KEY: ${{ secrets.RAILS_MASTER_PRODUCTION_KEY }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Ruby and install gems
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
cache: npm
- name: Node version
run: |
node --version
- name: Install npm packages
run: |
npm ci
- name: Install sqlite extensions
run: |
bin/sqlpkg install
- name: Start Rails server in the background (test)
run: |
bundle exec puma -b tcp://127.0.0.1:3001 -e test &
- name: Start Rails server in the background (production)
if: ${{ env.RAILS_MASTER_PRODUCTION_KEY != '' }}
run: |
RAILS_MASTER_KEY=$RAILS_MASTER_PRODUCTION_KEY \
RAILS_FORCE_SSL=false bundle exec puma -b tcp://127.0.0.1:3002 -e production &
- name: Wait for the servers to start
run: sleep 10
- name: Make sure the server is running (test)
run: |
bin/up http://127.0.0.1:3001/up
- name: Make sure the server is running (production)
if: ${{ env.RAILS_MASTER_PRODUCTION_KEY != '' }}
run: |
bin/up http://127.0.0.1:3002/up