CI/CD with GitHub actions
Set up GitHub actions to run tests and linters and automerging for certain pull-requests
Used 81 times
T
TobiasBales
Usage
Run this command in your Rails app directory in the terminal:
rails app:template LOCATION="https://railsbytes.com/script/zJosd1"Template Source
Review the code before running this template on your machine.
def create_script(filename, &block)
create_file filename do <<~SH
#!/usr/bin/env bash
set -euo pipefail
#{yield}
SH
end
run `chmod +x #{filename}`
end
def add_to_script_if_installed(package, command)
if file_contains?('Gemfile', package) || file_contains?('package.json', package)
<<~SH
echo "Running #{package}"
#{command}
SH
end
end
def file_contains?(filename, string)
File.foreach(filename).detect { |line| line.include?(string) }
end
create_script 'bin/linters_ci' do <<~SH
#{add_to_script_if_installed 'rubocop', 'bundle exec rubocop'}
#{add_to_script_if_installed 'annotate', 'bundle exec annotate --frozen'}
#{add_to_script_if_installed 'erb_lint', 'bundle exec erblint --lint-all'}
#{add_to_script_if_installed 'rails_best_practices', 'bundle exec rails_best_practices --config rails_best_practices.yml --silent'}
#{add_to_script_if_installed 'database_consistency', 'bundle exec database_consistency'}
#{add_to_script_if_installed 'fasterer', 'bundle exec fasterer'}
#{add_to_script_if_installed 'eslint', 'npx eslint app'}
#{add_to_script_if_installed 'stylelint', 'npx stylelint "app/**/*.?(s)css"'}
SH
end
create_script 'bin/security_checks_ci' do <<~SH
#{add_to_script_if_installed 'brakeman', 'bundle exec brakeman --run-all-checks --routes --no-pager --summary --no-progress --quiet'}
#{add_to_script_if_installed 'bundler-audit', 'bundle exec bundle-audit update'}
#{add_to_script_if_installed 'bundler-audit', 'bundle exec bundle-audit'}
#{add_to_script_if_installed 'strong_versions', 'bundle exec strong_versions'}
SH
end
create_file '.github/workflows/ci.yml' do <<~YAML
name: CI
on: [push]
jobs:
linters:
name: Linters
runs-on: ubuntu-latest
services:
postgres:
image: postgres:11
env:
POSTGRES_USER: #{app_name}
POSTGRES_PASSWORD: #{app_name}
POSTGRES_DB: #{app_name}_test
ports: ["5432:5432"]
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup Ruby
uses: ruby/setup-ruby@v1
- name: Ruby gem cache
uses: actions/cache@v1
with:
path: vendor/bundle
key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-
- name: Install gems
run: |
bundle config path vendor/bundle
bundle config --local build.sassc --disable-march-tune-native
bundle install --jobs 4 --retry 3
- name: Setup Node
uses: actions/setup-node@v1
with:
node-version: 10.13.0
- name: Find yarn cache location
id: yarn-cache
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: JS package cache
uses: actions/cache@v1
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install packages
run: |
yarn install --pure-lockfile
- name: Setup db
run: |
bundle exec rails db:setup
- uses: jwalton/gh-find-current-pr@v1
id: findPr
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Run Pronto
env:
PRONTO_GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PRONTO_PULL_REQUEST_ID: ${{ steps.findPr.outputs.pr }}
run: |
bundle exec pronto run --formatters=github_status github_pr --commit=origin/master --exit-code
- name: Run linters
run: |
bin/linters_ci
- name: Run security checks
run: |
bin/security_checks_ci
tests:
name: Tests
runs-on: ubuntu-latest
services:
postgres:
image: postgres:11
env:
POSTGRES_USER: #{app_name}
POSTGRES_PASSWORD: #{app_name}
POSTGRES_DB: #{app_name}_test
ports: ["5432:5432"]
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Setup Ruby
uses: ruby/setup-ruby@v1
- name: Ruby gem cache
uses: actions/cache@v1
with:
path: vendor/bundle
key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-
- name: Install gems
run: |
bundle config path vendor/bundle
bundle config --local build.sassc --disable-march-tune-native
bundle install --jobs 4 --retry 3
- name: Setup Node
uses: actions/setup-node@v1
with:
node-version: 10.13.0
- name: Find yarn cache location
id: yarn-cache
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: JS package cache
uses: actions/cache@v1
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install packages
run: |
yarn install --pure-lockfile
- name: Setup test database
env:
RAILS_ENV: test
run: |
bundle exec rails db:setup
- name: Configure inotify
run: |
sudo sysctl fs.inotify.max_user_instances=524288
sudo sysctl fs.inotify.max_user_watches=524288
sudo sysctl fs.inotify.max_queued_events=524288
sudo sysctl -p
- name: Run tests
run: bundle exec rails test
YAML
end
create_file '.github/workflows/automerge' do <<~YAML
name: automerge
on:
pull_request:
types:
- labeled
- unlabeled
- synchronize
- opened
- edited
- ready_for_review
- reopened
- unlocked
pull_request_review:
types:
- submitted
check_suite:
types:
- completed
status: {}
jobs:
automerge:
runs-on: ubuntu-latest
steps:
- name: automerge
uses: "docker://docker.pkg.github.com/pascalgn/automerge-action/automerge-action:c7859ab63774304798c4dd36ed106b59bbf728974117a9f350cac756d80d9e37"
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
MERGE_LABELS: "automerge,!wip"
YAML
end