Manage SECRET_KEY_BASE better #30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow uses actions that are not certified by GitHub. They are | |
# provided by a third-party and are governed by separate terms of service, | |
# privacy policy, and support documentation. | |
# | |
# This workflow will install a prebuilt Ruby version, install dependencies, and | |
# run tests and linters. | |
name: "Ruby on Rails CI" | |
on: | |
push: | |
branches: [ "main" ] | |
pull_request: | |
branches: [ "main" ] | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres:11-alpine | |
ports: | |
- "5432:5432" | |
env: | |
POSTGRES_DB: dmarclean_test | |
POSTGRES_USER: rails | |
POSTGRES_PASSWORD: password | |
env: | |
RAILS_ENV: test | |
DATABASE_URL: "postgres://rails:password@localhost:5432/dmarclean_test" | |
DATABASE_USERNAME: rails | |
DATABASE_PASSWORD: password | |
DATABASE_HOST: localhost | |
DATABASE_PORT: 5432 | |
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: rUDelZXwv2ns9cS7PvbJTHOIIVbVbC74 | |
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: 26WEPA1xaK9Rvd500LoLVaAk2R175au2 | |
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: pewCYUtDK3yqnkEJP2FwvCvMJ2qfY3CT | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
# Add or replace dependency steps here | |
- name: Install Ruby and gems | |
uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
# Add or replace database setup steps here | |
- name: Set up database schema | |
run: bin/rails db:schema:load | |
# Add or replace test runners here | |
- name: Run tests | |
run: bin/bundle exec rspec spec/ | |
# Codecov.io upload | |
- name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v3 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
lint: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Install Ruby and gems | |
uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
# Add or replace any other lints here | |
- name: Security audit dependencies | |
run: bin/bundle exec bundler-audit check --update | |
- name: Security audit application code | |
run: bin/bundle exec brakeman -q -w2 | |
- name: Lint Ruby files | |
run: bin/bundle exec rubocop |