@@ -3,145 +3,48 @@ name: Build / Test / Push
33on :
44 push :
55 branches :
6- - ' **'
6+ - " **"
7+ workflow_call :
78 workflow_dispatch :
89
910env :
1011 BUILD_SUFFIX : -build-${{ github.run_id }}_${{ github.run_attempt }}
11- DOCKER_METADATA_SET_OUTPUT_ENV : ' true'
1212
1313jobs :
14- build :
15- runs-on : ${{ matrix.runner }}
16- outputs :
17- image-arm64 : ${{ steps.gen-output.outputs.image-arm64 }}
18- image-x64 : ${{ steps.gen-output.outputs.image-x64 }}
19- strategy :
20- fail-fast : false
21- matrix :
22- runner :
23- - ubuntu-24.04
24- - ubuntu-24.04-arm
25- steps :
26- - name : Checkout code
27- uses : actions/checkout@v4
28-
29- - name : Set up Docker Buildx
30- uses : docker/setup-buildx-action@v3
31-
32- - name : Login to GitHub Container Registry
33- uses : docker/login-action@v3
34- with :
35- registry : ghcr.io
36- username : ${{ github.actor }}
37- password : ${{ secrets.GITHUB_TOKEN }}
38-
39- - id : build-meta
40- name : Docker meta
41- uses : docker/metadata-action@v5
42- with :
43- images : ghcr.io/${{ github.repository }}
44- tags : type=sha,suffix=${{ env.BUILD_SUFFIX }}
45-
46- # Build cache is shared among all builds of the same architecture
47- - id : cache-meta
48- name : Docker meta
49- uses : docker/metadata-action@v5
50- with :
51- images : ghcr.io/${{ github.repository }}
52- tags : type=raw,value=buildcache-${{ runner.arch }}
53-
54- - id : get-registry
55- name : Get the sanitized registry name
56- run : |
57- echo "registry=$(echo '${{ steps.build-meta.outputs.tags }}' | cut -f1 -d:)" | tee -a "$GITHUB_OUTPUT"
58-
59- - id : build
60- name : Build/push the arch-specific image
61- uses : docker/build-push-action@v6
62- with :
63- cache-from : type=registry,ref=${{ steps.cache-meta.outputs.tags }}
64- cache-to : type=registry,ref=${{ steps.cache-meta.outputs.tags }},mode=max
65- labels : ${{ steps.build-meta.outputs.labels }}
66- provenance : mode=max
67- sbom : true
68- tags : ${{ steps.get-registry.outputs.registry }}
69- outputs : type=image,push-by-digest=true,push=true
70-
71- - id : gen-output
72- name : Write arch-specific image digest to outputs
73- run : |
74- echo "image-${RUNNER_ARCH,,}=${{ steps.get-registry.outputs.registry }}@${{ steps.build.outputs.digest }}" | tee -a "$GITHUB_OUTPUT"
75-
76- merge :
77- runs-on : ubuntu-24.04
78- needs : build
79- env :
80- DOCKER_APP_IMAGE_ARM64 : ${{ needs.build.outputs.image-arm64 }}
81- DOCKER_APP_IMAGE_X64 : ${{ needs.build.outputs.image-x64 }}
82- outputs :
83- image : ${{ steps.meta.outputs.tags }}
84- steps :
85- - name : Checkout code
86- uses : actions/checkout@v4
87-
88- - name : Set up Docker Buildx
89- uses : docker/setup-buildx-action@v3
90-
91- - name : Login to GitHub Container Registry
92- uses : docker/login-action@v3
93- with :
94- registry : ghcr.io
95- username : ${{ github.actor }}
96- password : ${{ secrets.GITHUB_TOKEN }}
97-
98- - id : meta
99- name : Generate tag for the app image
100- uses : docker/metadata-action@v5
101- with :
102- images : ghcr.io/${{ github.repository }}
103- tags : type=sha,suffix=${{ env.BUILD_SUFFIX }}
104-
105- - name : Push the multi-platform app image
106- run : |
107- docker buildx imagetools create \
108- --tag "$DOCKER_METADATA_OUTPUT_TAGS" \
109- "$DOCKER_APP_IMAGE_ARM64" "$DOCKER_APP_IMAGE_X64"
14+ docker-build :
15+ uses : BerkeleyLibrary/.github/.github/workflows/docker-build.yml@v2.0.0
16+ with :
17+ image : ghcr.io/${{ github.repository }}
18+ secrets : inherit
11019
11120 test :
11221 runs-on : ubuntu-24.04
113- needs : merge
22+ needs : docker-build
11423 env :
11524 COMPOSE_FILE : docker-compose.yml:docker-compose.ci.yml
116- DOCKER_APP_IMAGE : ${{ needs.merge .outputs.image }}
25+ DOCKER_APP_IMAGE : ${{ needs.docker-build .outputs.image }}
11726 steps :
11827 - name : Checkout code
119- uses : actions/checkout@v4
28+ uses : actions/checkout@v6
12029
12130 - name : Set up Docker Compose
122- uses : docker/setup-compose-action@v1
31+ uses : docker/setup-compose-action@v2
12332
12433 - name : Login to GitHub Container Registry
125- uses : docker/login-action@v3
34+ uses : docker/login-action@v4
12635 with :
12736 registry : ghcr.io
12837 username : ${{ github.actor }}
12938 password : ${{ secrets.GITHUB_TOKEN }}
130-
13139 - name : Setup the stack
13240 run : |
13341 docker run --quiet --rm "${DOCKER_APP_IMAGE}" rails secret > /tmp/secret_key_base
134- docker compose build --quiet
135- docker compose pull --quiet
13642 docker compose up --wait
13743 docker compose exec -u root app chown -R altmedia:altmedia artifacts
138-
13944 - name : Run RSpec
14045 if : ${{ always() }}
14146 run : |
14247 docker compose exec -e RAILS_ENV=test app rake coverage
143- # docker compose exec -e RAILS_ENV=test app rake check
144- # docker compose exec -e RAILS_ENV=test app rspec --format progress --format html --out artifacts/rspec.html
14548
14649 - name : Run Rubocop
14750 if : ${{ always() }}
@@ -153,11 +56,16 @@ jobs:
15356 run : |
15457 docker compose exec -e RAILS_ENV=test app rake brakeman
15558
156- - name : Run ESLint
59+ - name : Run Bundle Audit
15760 if : ${{ always() }}
15861 run : |
15962 docker compose exec -e RAILS_ENV=test app rake bundle:audit
16063
64+ - name : Run ESLint
65+ if : ${{ always() }}
66+ run : |
67+ docker compose exec -e RAILS_ENV=test app rake js:eslint
68+
16169 - name : Copy out artifacts
16270 if : ${{ always() }}
16371 run : |
@@ -167,41 +75,19 @@ jobs:
16775
16876 - name : Upload the test report
16977 if : ${{ always() }}
170- uses : actions/upload-artifact@v4
78+ uses : actions/upload-artifact@v7
17179 with :
17280 name : Framework Build Report (${{ github.run_id }}_${{ github.run_attempt }})
17381 path : artifacts/*
17482 if-no-files-found : error
17583
17684 push :
177- runs-on : ubuntu-24.04
17885 needs :
179- - merge
86+ - docker-build
18087 - test
181- env :
182- DOCKER_APP_IMAGE : ${{ needs.merge.outputs.image }}
183- steps :
184- - name : Checkout code
185- uses : actions/checkout@v4
186-
187- - name : Login to GitHub Container Registry
188- uses : docker/login-action@v3
189- with :
190- registry : ghcr.io
191- username : ${{ github.actor }}
192- password : ${{ secrets.GITHUB_TOKEN }}
193-
194- - name : Produce permanent image tags
195- uses : docker/metadata-action@v5
196- with :
197- images : ghcr.io/${{ github.repository }}
198- tags : |
199- type=sha
200- type=ref,event=branch
201- type=raw,value=latest,enable={{is_default_branch}}
202-
203- - name : Retag and push the image
204- run : |
205- docker pull "$DOCKER_APP_IMAGE"
206- echo "$DOCKER_METADATA_OUTPUT_TAGS" | tr ' ' '\n' | xargs -n1 docker tag "$DOCKER_APP_IMAGE"
207- docker push --all-tags "$(echo "$DOCKER_APP_IMAGE" | cut -f1 -d:)"
88+ uses : BerkeleyLibrary/.github/.github/workflows/docker-push.yml@v2.0.0
89+ with :
90+ image : ghcr.io/${{ github.repository }}
91+ build-image-arm64 : ${{ needs.docker-build.outputs.image-arm64 }}
92+ build-image-x64 : ${{ needs.docker-build.outputs.image-x64 }}
93+ secrets : inherit
0 commit comments