.github/workflows/rails.yml
name: Rails Build and Test
on:
workflow_dispatch:
pull_request:
branches: [ master ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Ruby 2.6
uses: ruby/setup-ruby@v1
with:
ruby-version: '2.6.10' # Not needed with a .ruby-version file
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y build-essential libpq-dev nodejs \
libsqlite3-dev default-libmysqlclient-dev libxml2-dev
- uses: actions/cache@v3
with:
path: vendor/bundle
key: ${{ runner.os }}-gems-v2-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-v2-
- name: Build and test with Rake
env:
RAILS_ENV: test
run: |
gem install bundler
bundle config path vendor/bundle
bundle install --jobs 4 --retry 3
RUBYOPT=-W0 bundle exec rake db:create
RUBYOPT=-W0 bundle exec rake db:migrate
RUBYOPT=-W0 SECRET_KEY_BASE=Test-Run-123 bundle exec rake test
- name: Brakeman SAST
env:
RAILS_ENV: test
run: |
bundle exec brakeman -4 -w2 -o brakeman-sast-report.html -o /dev/stdout
- name: Archive Brakeman SAST Report
uses: actions/upload-artifact@v3
with:
name: brakeman-sast-report
path: brakeman-sast-report.html