Skip to content
CI

Build docker file, push to registry. docker-override.init.yml to setup in one command #859

Sign in to view logs

Build docker file, push to registry. docker-override.init.yml to setup in one command

Build docker file, push to registry. docker-override.init.yml to setup in one command #859

Workflow file for this run

.github/workflows/ci.yml at 14d15df
# This workflow uses actions that are not certified by GitHub. They are
# provided by a third-party and are governed by separate terms of service,
# privacy policy, and support documentation.
#
# This workflow will install a prebuilt Ruby version, install dependencies, and
# run tests and linters.
name: "CI"
on:
push:
branches: [main, deploy/**]
pull_request:
env:
IMAGENAME: registry.digitalocean.com/nsgcr/cobra
jobs:
test:
name: Test
runs-on: ubuntu-latest
services:
postgres:
image: postgres:14.5-alpine
ports:
- "5432:5432"
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
POSTGRES_DB: rails_test
POSTGRES_USER: rails
POSTGRES_PASSWORD: password
env:
POSTGRES_DB: rails_test
POSTGRES_USER: rails
POSTGRES_PASSWORD: password
RAILS_ENV: test
DATABASE_URL: "postgres://rails:password@localhost:5432/rails_test"
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install Ruby and gems
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Set up Rails
run: |
cp config/secrets.example.yml config/secrets.yml
cp config/database.ci.yml config/database.yml
- name: Set up database schema
run: |
bin/rails db:create db:schema:load --trace
- name: Run tests
run: bundle exec rspec
- name: Plan deployment
id: plan-deployment
run: deploy/bin/github-actions-plan-deployment
outputs:
deploy-stack: ${{ steps.plan-deployment.outputs.deploy-stack }}
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install Ruby and gems
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Security audit dependencies
run: bundle exec bundler-audit --update
- name: Security audit application code
run: bundle exec brakeman -q -w2
# - name: Lint Ruby files
# run: bin/rubocop --parallel
build_and_push:
name: Build docker image
needs: [test, lint]
runs-on: ubuntu-latest
steps:
- name: Checkout the repo
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build image
run: docker build -t $IMAGENAME:latest .
- name: Install doctl
if: github.ref == 'refs/heads/main'
uses: digitalocean/action-doctl@v2
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
- name: Log in to DO Container Registry
if: github.ref == 'refs/heads/main'
run: doctl registry login --expiry-seconds 600
- name: Tag image with run id
if: github.ref == 'refs/heads/main'
run: docker tag $IMAGENAME:latest $IMAGENAME:${{ github.run_id }}
- name: Push image to DO Container Registry
if: github.ref == 'refs/heads/main'
run: docker push $IMAGENAME:${{ github.run_id }} && docker push $IMAGENAME:latest
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: [test, lint]
if: needs.test.outputs.deploy-stack != ''
defaults:
run:
working-directory: deploy
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Install dependencies
run: pip install -r requirements.txt
- name: Pulumi up
id: pulumi
uses: pulumi/actions@v3
with:
command: up
stack-name: ${{ needs.test.outputs.deploy-stack }}
work-dir: deploy
refresh: true
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
- name: Wait for cloud-init
run: |
bin/scan-droplet-ssh
bin/wait-for-cloud-init
- name: Deploy code
run: bin/github-actions-deploy-in-droplet