about summary refs log tree commit diff
path: root/.github/workflows
diff options
context:
space:
mode:
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/build-image.yml9
-rw-r--r--.github/workflows/haml-lint-problem-matcher.json17
-rw-r--r--.github/workflows/lint-haml.yml44
-rw-r--r--.github/workflows/rebase-needed.yml6
-rw-r--r--.github/workflows/test-migrations-one-step.yml4
-rw-r--r--.github/workflows/test-migrations-two-step.yml4
-rw-r--r--.github/workflows/test-ruby.yml141
7 files changed, 219 insertions, 6 deletions
diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml
index c254418ea..97a363d1e 100644
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@@ -25,12 +25,15 @@ jobs:
       - uses: hadolint/hadolint-action@v3.1.0
       - uses: docker/setup-qemu-action@v2
       - uses: docker/setup-buildx-action@v2
-      - uses: docker/login-action@v2
+
+      - name: Log in to the Github Container registry
+        uses: docker/login-action@v2
         with:
           registry: ghcr.io
-          username: ${{ github.repository_owner }}
+          username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
         if: github.event_name != 'pull_request'
+
       - uses: docker/metadata-action@v4
         id: meta
         with:
@@ -39,6 +42,7 @@ jobs:
             type=raw,value=latest,enable={{is_default_branch}}
             type=edge,branch=main
             type=sha,prefix=,format=long
+
       - uses: docker/build-push-action@v4
         with:
           context: .
@@ -47,5 +51,6 @@ jobs:
           builder: ${{ steps.buildx.outputs.name }}
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
diff --git a/.github/workflows/haml-lint-problem-matcher.json b/.github/workflows/haml-lint-problem-matcher.json
new file mode 100644
index 000000000..3523ea295
--- /dev/null
+++ b/.github/workflows/haml-lint-problem-matcher.json
@@ -0,0 +1,17 @@
+{
+  "problemMatcher": [
+    {
+      "owner": "haml-lint",
+      "severity": "warning",
+      "pattern": [
+        {
+          "regexp": "^(.*):(\\d+)\\s\\[W]\\s(.*):\\s(.*)$",
+          "file": 1,
+          "line": 2,
+          "code": 3,
+          "message": 4
+        }
+      ]
+    }
+  ]
+}
diff --git a/.github/workflows/lint-haml.yml b/.github/workflows/lint-haml.yml
new file mode 100644
index 000000000..a2b22a659
--- /dev/null
+++ b/.github/workflows/lint-haml.yml
@@ -0,0 +1,44 @@
+name: Haml Linting
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+    paths:
+      - '.github/workflows/haml-lint-problem-matcher.json'
+      - '.github/workflows/lint-haml.yml'
+      - '.haml-lint*.yml'
+      - '.rubocop*.yml'
+      - '.ruby-version'
+      - '**/*.haml'
+      - 'Gemfile*'
+
+  pull_request:
+    paths:
+      - '.github/workflows/haml-lint-problem-matcher.json'
+      - '.github/workflows/lint-haml.yml'
+      - '.haml-lint*.yml'
+      - '.rubocop*.yml'
+      - '.ruby-version'
+      - '**/*.haml'
+      - 'Gemfile*'
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone repository
+        uses: actions/checkout@v3
+
+      - name: Install native Ruby dependencies
+        run: sudo apt-get install -y libicu-dev libidn11-dev
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: .ruby-version
+          bundler-cache: true
+
+      - name: Run haml-lint
+        run: |
+          echo "::add-matcher::.github/workflows/haml-lint-problem-matcher.json"
+          bundle exec haml-lint
diff --git a/.github/workflows/rebase-needed.yml b/.github/workflows/rebase-needed.yml
index 99b224ec6..6a8035210 100644
--- a/.github/workflows/rebase-needed.yml
+++ b/.github/workflows/rebase-needed.yml
@@ -2,7 +2,13 @@ name: PR Needs Rebase
 
 on:
   push:
+    branches-ignore:
+      - 'dependabot/**'
+      - 'l10n_main'
   pull_request_target:
+    branches-ignore:
+      - 'dependabot/**'
+      - 'l10n_main'
     types: [synchronize]
 
 permissions:
diff --git a/.github/workflows/test-migrations-one-step.yml b/.github/workflows/test-migrations-one-step.yml
index 8f070697c..a3594e553 100644
--- a/.github/workflows/test-migrations-one-step.yml
+++ b/.github/workflows/test-migrations-one-step.yml
@@ -25,7 +25,7 @@ jobs:
 
     services:
       postgres:
-        image: postgres:14.5
+        image: postgres:14-alpine
         env:
           POSTGRES_PASSWORD: postgres
           POSTGRES_USER: postgres
@@ -38,7 +38,7 @@ jobs:
           - 5432:5432
 
       redis:
-        image: redis:7.0
+        image: redis:7-alpine
         options: >-
           --health-cmd "redis-cli ping"
           --health-interval 10s
diff --git a/.github/workflows/test-migrations-two-step.yml b/.github/workflows/test-migrations-two-step.yml
index 2fdce8025..f357bc9f6 100644
--- a/.github/workflows/test-migrations-two-step.yml
+++ b/.github/workflows/test-migrations-two-step.yml
@@ -25,7 +25,7 @@ jobs:
 
     services:
       postgres:
-        image: postgres:14.5
+        image: postgres:14-alpine
         env:
           POSTGRES_PASSWORD: postgres
           POSTGRES_USER: postgres
@@ -37,7 +37,7 @@ jobs:
         ports:
           - 5432:5432
       redis:
-        image: redis:7.0
+        image: redis:7-alpine
         options: >-
           --health-cmd "redis-cli ping"
           --health-interval 10s
diff --git a/.github/workflows/test-ruby.yml b/.github/workflows/test-ruby.yml
new file mode 100644
index 000000000..bfdabd4ea
--- /dev/null
+++ b/.github/workflows/test-ruby.yml
@@ -0,0 +1,141 @@
+name: Ruby Testing
+
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request:
+
+env:
+  BUNDLE_CLEAN: true
+  BUNDLE_FROZEN: true
+  BUNDLE_WITHOUT: 'development production'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    env:
+      RAILS_ENV: test
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v3
+        with:
+          cache: yarn
+          node-version-file: '.nvmrc'
+
+      - name: Install native Ruby dependencies
+        run: sudo apt-get install -y libicu-dev libidn11-dev
+
+      - name: Set up bundler cache
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: .ruby-version
+          bundler-cache: true
+
+      - run: yarn install --frozen-lockfile
+      - name: Precompile assets
+        # Previously had set this, but it's not supported
+        # export NODE_OPTIONS=--openssl-legacy-provider
+        run: |-
+          ./bin/rails assets:precompile
+
+      - uses: actions/upload-artifact@v3
+        with:
+          path: |-
+            ./public/assets
+            ./public/packs-test
+          name: ${{ github.sha }}
+          retention-days: 0
+
+  test:
+    runs-on: ubuntu-latest
+
+    needs:
+      - build
+
+    services:
+      postgres:
+        image: postgres:14-alpine
+        env:
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_USER: postgres
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+
+      redis:
+        image: redis:7-alpine
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 6379:6379
+
+    env:
+      DB_HOST: localhost
+      DB_USER: postgres
+      DB_PASS: postgres
+      DISABLE_SIMPLECOV: true
+      RAILS_ENV: test
+      ALLOW_NOPAM: true
+      PAM_ENABLED: true
+      PAM_DEFAULT_SERVICE: pam_test
+      PAM_CONTROLLED_SERVICE: pam_test_controlled
+      BUNDLE_WITH: 'pam_authentication'
+      CI_JOBS: ${{ matrix.ci_job }}/4
+
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby-version:
+          - '2.7'
+          - '3.0'
+          - '3.1'
+          - '.ruby-version'
+        ci_job:
+          - 1
+          - 2
+          - 3
+          - 4
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/download-artifact@v3
+        with:
+          path: './public'
+          name: ${{ github.sha }}
+
+      - name: Install native Ruby dependencies
+        run: sudo apt-get install -y libicu-dev libidn11-dev
+
+      - name: Install additional system dependencies
+        run: sudo apt-get install -y ffmpeg imagemagick libpam-dev
+
+      - name: Set up bundler cache
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version}}
+          bundler-cache: true
+
+      - name: Update system gems
+        if: matrix.ruby-version == '2.7'
+        run: gem update --system
+
+      - name: Load database schema
+        run: './bin/rails db:create db:schema:load db:seed'
+
+      - run: bundle exec rake rspec_chunked