AP-733 Ensure Framework pushes multi-arch images (#51) #251
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build / Test / Push | |
| on: | |
| push: | |
| branches: | |
| - "**" | |
| workflow_call: | |
| workflow_dispatch: | |
| env: | |
| BUILD_SUFFIX: -build-${{ github.run_id }}_${{ github.run_attempt }} | |
| jobs: | |
| docker-build: | |
| uses: BerkeleyLibrary/.github/.github/workflows/docker-build.yml@v2.0.0 | |
| with: | |
| image: ghcr.io/${{ github.repository }} | |
| secrets: inherit | |
| test: | |
| runs-on: ubuntu-24.04 | |
| needs: docker-build | |
| env: | |
| COMPOSE_FILE: docker-compose.yml:docker-compose.ci.yml | |
| DOCKER_APP_IMAGE: ${{ needs.docker-build.outputs.image }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Docker Compose | |
| uses: docker/setup-compose-action@v2 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup the stack | |
| run: | | |
| docker run --quiet --rm "${DOCKER_APP_IMAGE}" rails secret > /tmp/secret_key_base | |
| docker compose up --wait | |
| docker compose exec -u root app chown -R altmedia:altmedia artifacts | |
| - name: Run RSpec | |
| if: ${{ always() }} | |
| run: | | |
| docker compose exec -e RAILS_ENV=test app rake coverage | |
| - name: Run Rubocop | |
| if: ${{ always() }} | |
| run: | | |
| docker compose exec -e RAILS_ENV=test app rake rubocop | |
| - name: Run Brakeman | |
| if: ${{ always() }} | |
| run: | | |
| docker compose exec -e RAILS_ENV=test app rake brakeman | |
| - name: Run Bundle Audit | |
| if: ${{ always() }} | |
| run: | | |
| docker compose exec -e RAILS_ENV=test app rake bundle:audit | |
| - name: Run ESLint | |
| if: ${{ always() }} | |
| run: | | |
| docker compose exec -e RAILS_ENV=test app rake js:eslint | |
| - name: Copy out artifacts | |
| if: ${{ always() }} | |
| run: | | |
| docker compose cp app:/opt/app/artifacts ./ || mkdir artifacts | |
| docker compose logs > artifacts/docker-compose-services.log | |
| docker compose config > artifacts/docker-compose.merged.yml | |
| - name: Upload the test report | |
| if: ${{ always() }} | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: Framework Build Report (${{ github.run_id }}_${{ github.run_attempt }}) | |
| path: artifacts/* | |
| if-no-files-found: error | |
| push: | |
| needs: | |
| - docker-build | |
| - test | |
| uses: BerkeleyLibrary/.github/.github/workflows/docker-push.yml@v2.0.0 | |
| with: | |
| image: ghcr.io/${{ github.repository }} | |
| build-image-arm64: ${{ needs.docker-build.outputs.image-arm64 }} | |
| build-image-x64: ${{ needs.docker-build.outputs.image-x64 }} | |
| secrets: inherit |