- Generate Rails 8.1 app with PostgreSQL and TailwindCSS - Add docker-compose.yml (postgres:17) for local database - Configure database.yml to connect to Dockerized Postgres via env vars - Add Pages#home root route, application layout, and navbar partial
68 lines
1.7 KiB
YAML
68 lines
1.7 KiB
YAML
name: CI
|
|
|
|
on:
|
|
pull_request:
|
|
push:
|
|
branches: [ main ]
|
|
|
|
jobs:
|
|
scan_ruby:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v6
|
|
|
|
- name: Set up Ruby
|
|
uses: ruby/setup-ruby@v1
|
|
with:
|
|
bundler-cache: true
|
|
|
|
- name: Scan for common Rails security vulnerabilities using static analysis
|
|
run: bin/brakeman --no-pager
|
|
|
|
- name: Scan for known security vulnerabilities in gems used
|
|
run: bin/bundler-audit
|
|
|
|
scan_js:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v6
|
|
|
|
- name: Set up Ruby
|
|
uses: ruby/setup-ruby@v1
|
|
with:
|
|
bundler-cache: true
|
|
|
|
- name: Scan for security vulnerabilities in JavaScript dependencies
|
|
run: bin/importmap audit
|
|
|
|
lint:
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
RUBOCOP_CACHE_ROOT: tmp/rubocop
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v6
|
|
|
|
- name: Set up Ruby
|
|
uses: ruby/setup-ruby@v1
|
|
with:
|
|
bundler-cache: true
|
|
|
|
- name: Prepare RuboCop cache
|
|
uses: actions/cache@v4
|
|
env:
|
|
DEPENDENCIES_HASH: ${{ hashFiles('.ruby-version', '**/.rubocop.yml', '**/.rubocop_todo.yml', 'Gemfile.lock') }}
|
|
with:
|
|
path: ${{ env.RUBOCOP_CACHE_ROOT }}
|
|
key: rubocop-${{ runner.os }}-${{ env.DEPENDENCIES_HASH }}-${{ github.ref_name == github.event.repository.default_branch && github.run_id || 'default' }}
|
|
restore-keys: |
|
|
rubocop-${{ runner.os }}-${{ env.DEPENDENCIES_HASH }}-
|
|
|
|
- name: Lint code for consistent style
|
|
run: bin/rubocop -f github
|
|
|