Skip to content

Commit

Permalink
Merge branch 'staging' into renovate/ruby-3.x
Browse files Browse the repository at this point in the history
  • Loading branch information
@wilco375
wilco375 authored May 7, 2023
2 parents 9d919a4 + d0555ac commit b7d41a6
Show file tree
Hide file tree
Showing 68 changed files with 818 additions and 242 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/cleanup-registry.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,11 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Delete old versions
uses: snok/container-retention-policy@46881d5f6ddd0509d9646f4565ddcdfdca520707 # tag=v1.4.2
uses: snok/container-retention-policy@482ce28159f65a8bfad986da1fedcef40169aa75 # v2.0.0
with:
image-names: ${{ env.IMAGE_NAMES }}
cut-off: 2 days ago UTC
account-type: org
org-name: ${{ github.repository_owner }}
skip-tags: latest,staging
token: ${{ secrets.PAT }}
token: ${{ secrets.GH_PAT }}
43 changes: 21 additions & 22 deletions .github/workflows/continuous-delivery.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,6 @@ concurrency:

env:
PROJECT_NAME: amber-api
SENTRY_ORG: csvalpha
APP_ID: 152333

jobs:
branch_check:
Expand All @@ -37,7 +35,7 @@ jobs:
stage: ${{ steps.get_metadata.outputs.stage }}
steps:
- name: Checkout code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0

- name: Get metadata
id: get_metadata
Expand All @@ -48,15 +46,15 @@ jobs:
if [ "${INPUT_MERGE,,}" = 'y' ]; then
git fetch origin staging
if ! git diff origin/master origin/staging --exit-code; then
echo '::set-output name=has_diff::true'
echo 'has_diff=true' >> "$GITHUB_OUTPUT"
else
echo '::set-output name=has_diff::false'
echo 'has_diff=false' >> "$GITHUB_OUTPUT"
fi
fi
echo '::set-output name=stage::production'
echo 'stage=production' >> "$GITHUB_OUTPUT"
else
echo '::set-output name=stage::staging'
echo 'stage=staging' >> "$GITHUB_OUTPUT"
fi
merge:
Expand All @@ -82,7 +80,7 @@ jobs:
- name: Checkout code
if: fromJSON(needs.metadata.outputs.has_diff)
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0

- name: Run merge
if: fromJSON(needs.metadata.outputs.has_diff)
Expand All @@ -98,7 +96,7 @@ jobs:
if: fromJSON(needs.metadata.outputs.has_diff)
run: |
git fetch origin master
echo '::set-output name=sha::'"$(git rev-parse origin/master)"
echo 'sha='"$(git rev-parse origin/master)" >> "$GITHUB_OUTPUT"
continuous_integration:
name: Continuous Integration
Expand Down Expand Up @@ -133,29 +131,29 @@ jobs:
id: get_url
run: |
if [ "$GITHUB_REF_NAME" = 'master' ]; then
echo '::set-output name=environment_url::https://csvalpha.nl/api'
echo 'environment_url=https://csvalpha.nl/api' >> "$GITHUB_OUTPUT"
else
echo '::set-output name=environment_url::https://staging.csvalpha.nl/api'
echo 'environment_url=https://staging.csvalpha.nl/api' >> "$GITHUB_OUTPUT"
fi
- name: Checkout code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
ref: ${{ needs.merge.outputs.sha }}

- name: Start deployment
uses: bobheadxi/deployments@11bd6447913c3ffeedb5552bcf6890d1668d9732 # tag=v1.2.0
uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0
id: start_deployment
with:
step: start
env: ${{ needs.metadata.outputs.stage }}

- name: Deploy
uses: appleboy/ssh-action@1d1b21ca96111b1eb4c03c21c14ebb971d2200f6 # tag=v0.1.4
uses: appleboy/ssh-action@b60142998894e495c513803efc6d5d72a72c968a # v0.1.8
env:
STAGE: ${{ needs.metadata.outputs.stage }}
with:
host: csvalpha.nl
host: ssh.csvalpha.nl
username: github-actions
key: ${{ secrets.SSH_PRIVATE_KEY }}
envs: PROJECT_NAME,STAGE
Expand All @@ -166,17 +164,18 @@ jobs:
docker-compose up -d
- name: Finalize Sentry release
uses: getsentry/action-release@744e4b262278339b79fb39c8922efcae71e98e39 # tag=v1.1.6
uses: getsentry/action-release@586b62368d564f25d694ce05fcb9cf53de65ac4f # v1.3.1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }}
SENTRY_PROJECT: ${{ env.PROJECT_NAME }}
with:
environment: ${{ needs.metadata.outputs.stage }}
version: ${{ needs.merge.outputs.sha }}
set_commits: skip

- name: Finish deployment
uses: bobheadxi/deployments@11bd6447913c3ffeedb5552bcf6890d1668d9732 # tag=v1.2.0
uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0
if: steps.start_deployment.conclusion == 'success' && always()
with:
step: finish
Expand All @@ -196,19 +195,19 @@ jobs:
env:
RESULTS: ${{ join(needs.*.result, ' ') }}
run: |
echo '::set-output name=conclusion::success'
echo 'conclusion=success' >> "$GITHUB_OUTPUT"
for RESULT in $RESULTS; do
if [ "$RESULT" = 'cancelled' ] || [ "$RESULT" = 'failure' ]; then
echo '::set-output name=conclusion::'"$RESULT"
echo 'conclusion='"$RESULT" >> "$GITHUB_OUTPUT"
break
fi
done
- name: Update Continuous Delivery check run
uses: guidojw/actions/update-check-run@92f1fbb6058a84135e953d0d49462bccf3e6336a # tag=v1.2.0
uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3
with:
app_id: ${{ env.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
app_id: ${{ vars.GH_APP_ID }}
private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
sha: ${{ needs.merge.outputs.sha }}
name: Continuous Delivery
conclusion: ${{ steps.get_conclusion.outputs.conclusion }}
Expand Down
36 changes: 22 additions & 14 deletions .github/workflows/continuous-integration.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ on:
push:
branches: [staging, master]
pull_request:
merge_group:
workflow_call:
inputs:
sha:
Expand All @@ -21,12 +22,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
ref: ${{ inputs.sha }}

- name: Build test image
uses: guidojw/actions/build-docker-image@92f1fbb6058a84135e953d0d49462bccf3e6336a # tag=v1.2.0
uses: guidojw/actions/build-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3
with:
file: Dockerfile
build-args: |
Expand All @@ -39,7 +40,10 @@ jobs:
needs: build
services:
db:
image: postgres:11.2
image: postgres:14.7
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
Expand All @@ -49,7 +53,7 @@ jobs:
- 5432:5432
steps:
- name: Checkout code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
ref: ${{ inputs.sha }}

Expand All @@ -60,10 +64,10 @@ jobs:
- name: Download actionlint
run: |
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.6.23
- name: Load test image
uses: guidojw/actions/load-docker-image@92f1fbb6058a84135e953d0d49462bccf3e6336a # tag=v1.2.0
uses: guidojw/actions/load-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3
with:
name: app

Expand All @@ -72,9 +76,10 @@ jobs:
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
run: |
EXIT_STATUS=0
./actionlint -ignore 'property "app_private_key" is not defined' -ignore 'SC2153:' || EXIT_STATUS=$?
docker run -e POSTGRES_USER=postgres -e POSTGRES_HOST=localhost -e RAILS_MASTER_KEY --network=host app \
bin/ci.sh lint || EXIT_STATUS=$?
./actionlint -ignore 'property "gh_app_private_key" is not defined' -ignore 'SC2153:' \
-ignore 'property "sha" is not defined in object type {}' || EXIT_STATUS=$?
docker run -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=postgres -e POSTGRES_HOST=localhost -e \
RAILS_MASTER_KEY --network=host app bin/ci.sh lint || EXIT_STATUS=$?
exit $EXIT_STATUS
test:
Expand All @@ -83,7 +88,10 @@ jobs:
needs: build
services:
db:
image: postgres:11.2
image: postgres:14.7
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
Expand All @@ -93,7 +101,7 @@ jobs:
- 5432:5432
steps:
- name: Checkout code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
ref: ${{ inputs.sha }}

Expand All @@ -102,13 +110,13 @@ jobs:
echo '::add-matcher::.github/problem-matchers/rspec.json'
- name: Load test image
uses: guidojw/actions/load-docker-image@92f1fbb6058a84135e953d0d49462bccf3e6336a # tag=v1.2.0
uses: guidojw/actions/load-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3
with:
name: app

- name: Test
env:
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
run: |
docker run -e POSTGRES_USER=postgres -e POSTGRES_HOST=localhost -e RAILS_MASTER_KEY --network=host app \
bin/ci.sh spec
docker run -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=postgres -e POSTGRES_HOST=localhost -e \
RAILS_MASTER_KEY --network=host app bin/ci.sh spec
34 changes: 16 additions & 18 deletions .github/workflows/publish-image.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,6 @@ on:

env:
PROJECT_NAME: amber-api
REGISTRY_URL: ghcr.io
SENTRY_ORG: csvalpha
APP_ID: 152333

jobs:
metadata:
Expand All @@ -35,14 +32,14 @@ jobs:
INPUT_SHA: ${{ inputs.sha }}
run: |
if [ "$GITHUB_REF_NAME" = 'master' ]; then
echo '::set-output name=tag::latest'
echo 'tag=latest' >> "$GITHUB_OUTPUT"
else
echo '::set-output name=tag::'"$GITHUB_REF_NAME"
echo 'tag='"$GITHUB_REF_NAME" >> "$GITHUB_OUTPUT"
fi
if [ "$GITHUB_REF_NAME" = 'staging' ] || [ "$GITHUB_REF_NAME" = 'master' ]; then
BUILD_ARGS='BUILD_HASH='${INPUT_SHA:-$GITHUB_SHA}
echo '::set-output name=build_args::'"$BUILD_ARGS"
echo 'build_args='"$BUILD_ARGS" >> "$GITHUB_OUTPUT"
fi
publish:
Expand All @@ -51,38 +48,39 @@ jobs:
needs: metadata
steps:
- name: Checkout code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
ref: ${{ inputs.sha }}
fetch-depth: 0

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 # tag=v1.7.0
uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 # v2.4.1

- name: Login to GitHub Container Registry
uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 # tag=v1.14.1
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # tag=v2.1.0
with:
registry: ${{ env.REGISTRY_URL }}
registry: ${{ vars.DOCKER_REGISTRY_URL }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build and push image
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a # tag=v2.10.0
uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0
with:
push: true
context: .
build-args: ${{ needs.metadata.outputs.build_args }}
cache-from: type=gha,scope=main
cache-to: type=gha,scope=main
tags: |
${{ env.REGISTRY_URL }}/${{ github.repository_owner }}/${{ env.PROJECT_NAME }}:${{
${{ vars.DOCKER_REGISTRY_URL }}/${{ github.repository_owner }}/${{ env.PROJECT_NAME }}:${{
needs.metadata.outputs.tag }}
- name: Create Sentry release
if: ${{ !(github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image') }}
uses: getsentry/action-release@744e4b262278339b79fb39c8922efcae71e98e39 # tag=v1.1.6
uses: getsentry/action-release@586b62368d564f25d694ce05fcb9cf53de65ac4f # v1.3.1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }}
SENTRY_PROJECT: ${{ env.PROJECT_NAME }}
with:
finalize: false
Expand All @@ -99,19 +97,19 @@ jobs:
env:
RESULTS: ${{ join(needs.*.result, ' ') }}
run: |
echo '::set-output name=conclusion::success'
echo 'conclusion=success' >> "$GITHUB_OUTPUT"
for RESULT in $RESULTS; do
if [ "$RESULT" = 'cancelled' ] || [ "$RESULT" = 'failure' ]; then
echo '::set-output name=conclusion::'"$RESULT"
echo 'conclusion='"$RESULT" >> "$GITHUB_OUTPUT"
break
fi
done
- name: Update Publish Image check run
uses: guidojw/actions/update-check-run@92f1fbb6058a84135e953d0d49462bccf3e6336a # tag=v1.2.0
uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3
with:
app_id: ${{ env.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
app_id: ${{ vars.GH_APP_ID }}
private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
name: Publish Image
conclusion: ${{ steps.get_conclusion.outputs.conclusion }}
details_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
7 changes: 4 additions & 3 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,17 +24,18 @@ gem 'jsonapi-authorization', '~> 3.0'
gem 'jsonapi-resources', '~> 0.9.1.beta2'
gem 'message_bus', '~> 4.0'
gem 'mini_magick', '~> 4.6'
gem 'paper_trail', '~> 12.0'
gem 'paper_trail', '~> 14.0'
gem 'paranoia', '~> 2.2'
gem 'pg', '~> 1.0'
gem 'phonelib'
gem 'puma', '~> 5.0'
gem 'puma', '~> 6.0'
gem 'pundit', '~> 2.0'
gem 'rack-attack', '~> 6.0'
gem 'rack-cors', '~> 1.0', require: 'rack/cors'
gem 'rails', '~> 6.0'
gem 'rails-i18n', '~> 7.0'
gem 'redis', '~> 4.0'
gem 'roo', '~> 2.9'
gem 'ruby-filemagic', '~> 0.7'
gem 'rubyzip', '~> 2.0'
gem 'sentry-raven', '~> 3.0'
Expand All @@ -53,7 +54,7 @@ group :development, :test do
gem 'consistency_fail'
gem 'dotenv-rails'
gem 'factory_bot_rails'
gem 'faker', '~> 2.9'
gem 'faker', '~> 3.0'
gem 'fuubar'
gem 'pry-byebug', require: false
gem 'pry-rails'
Expand Down
Loading

0 comments on commit b7d41a6

Please sign in to comment.