Add a JSON endpoint for cut conversion rates. (#414) #1321
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow uses actions that are not certified by GitHub. They are | |
| # provided by a third-party and are governed by separate terms of service, | |
| # privacy policy, and support documentation. | |
| # | |
| # This workflow will install a prebuilt Ruby version, install dependencies, and | |
| # run tests and linters. | |
| name: "CI" | |
| on: | |
| push: | |
| branches: [main, deploy/**] | |
| pull_request: | |
| branches: [main] | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| env: | |
| IMAGENAME: registry.digitalocean.com/nsgcr/cobra | |
| jobs: | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:14.5-alpine | |
| ports: | |
| - "5432:5432" | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| env: | |
| POSTGRES_DB: rails_test | |
| POSTGRES_USER: rails | |
| POSTGRES_PASSWORD: password | |
| env: | |
| POSTGRES_DB: rails_test | |
| POSTGRES_USER: rails | |
| POSTGRES_PASSWORD: password | |
| RAILS_ENV: test | |
| DATABASE_URL: "postgres://rails:password@localhost:5432/rails_test" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Ruby and gems | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: 3.3.6 | |
| bundler-cache: true | |
| - name: Set up Rails | |
| run: | | |
| cp config/database.ci.yml config/database.yml | |
| - name: Set up database schema | |
| run: | | |
| bin/rails db:reset --trace | |
| - name: Install NPM | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| - name: Install NPM dependencies | |
| run: npm install | |
| - name: Run rspec tests | |
| run: bundle exec rspec | |
| - name: Run rails tests | |
| run: bundle exec rails test | |
| - name: Plan deployment | |
| id: plan-deployment | |
| run: deploy/bin/github-actions-plan-deployment | |
| outputs: | |
| deploy-stack: ${{ steps.plan-deployment.outputs.deploy-stack }} | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Ruby and gems | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: 3.3.6 | |
| bundler-cache: true | |
| - name: Security audit dependencies | |
| # TODO(plural): Remove the bootstrap issue when we move to 5 or a fix is issued. | |
| run: bundle exec bundler-audit --update --ignore=CVE-2024-6531 | |
| - name: Security audit application code | |
| run: bundle exec brakeman -q -w2 | |
| - name: Lint Ruby files | |
| run: bundle exec rubocop --parallel | |
| build_and_push: | |
| name: Build docker image | |
| if: (github.ref == 'refs/heads/main') || (github.event_name == 'release') | |
| needs: [test, lint] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout the repo | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Install doctl | |
| uses: digitalocean/action-doctl@v2 | |
| with: | |
| token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| - name: Log in to DO Container Registry | |
| run: doctl registry login --expiry-seconds 600 | |
| - name: Build image | |
| env: | |
| IMAGETAG: ${{ github.ref == 'refs/heads/main' && 'latest' || github.ref_name }} | |
| run: docker build -t $IMAGENAME:$IMAGETAG . | |
| - name: Tag image | |
| env: | |
| IMAGETAG: ${{ github.ref == 'refs/heads/main' && 'latest' || github.ref_name }} | |
| run: docker tag $IMAGENAME:$IMAGETAG $IMAGENAME:${{ github.run_id }} | |
| - name: Publish image to container registry | |
| env: | |
| IMAGETAG: ${{ github.ref == 'refs/heads/main' && 'latest' || github.ref_name }} | |
| run: docker push -a $IMAGENAME | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| needs: [ test, lint ] | |
| if: needs.test.outputs.deploy-stack != '' | |
| defaults: | |
| run: | |
| working-directory: deploy | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.10' | |
| - name: Install dependencies | |
| run: pip install -r requirements.txt | |
| - name: Pulumi up | |
| id: pulumi | |
| uses: pulumi/actions@v5 | |
| with: | |
| command: up | |
| stack-name: ${{ needs.test.outputs.deploy-stack }} | |
| work-dir: deploy | |
| refresh: true | |
| env: | |
| PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
| DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }} | |
| - name: Wait for cloud-init | |
| run: | | |
| bin/scan-droplet-ssh | |
| bin/wait-for-cloud-init | |
| - name: Set droplet environment variables | |
| run: bin/github-actions-set-droplet-env | |
| - name: Update Git repositories | |
| run: bin/github-actions-redirect-to-droplet bin/in-droplet/update-git | |
| - name: Deploy NGINX | |
| run: bin/github-actions-redirect-to-droplet bin/in-droplet/deploy-nginx | |
| - name: Configure Cobra | |
| run: bin/github-actions-redirect-to-droplet bin/in-droplet/configure-cobra | |
| - name: Build Cobra | |
| run: bin/github-actions-ssh cobra/bin/build | |
| - name: Deploy Cobra | |
| run: bin/github-actions-ssh cobra/bin/deploy |