@@ -3,145 +3,44 @@ name: Build / Test / Push
33on :
44 push :
55 branches :
6- - ' **'
6+ - " **"
7+ workflow_call :
78 workflow_dispatch :
89
910env :
1011 BUILD_SUFFIX : -build-${{ github.run_id }}_${{ github.run_attempt }}
11- DOCKER_METADATA_SET_OUTPUT_ENV : ' true'
1212
1313jobs :
14- build :
15- runs-on : ${{ matrix.runner }}
16- outputs :
17- image-arm64 : ${{ steps.gen-output.outputs.image-arm64 }}
18- image-x64 : ${{ steps.gen-output.outputs.image-x64 }}
19- strategy :
20- fail-fast : false
21- matrix :
22- runner :
23- - ubuntu-24.04
24- - ubuntu-24.04-arm
25- steps :
26- - name : Checkout code
27- uses : actions/checkout@v4
28-
29- - name : Set up Docker Buildx
30- uses : docker/setup-buildx-action@v3
31-
32- - name : Login to GitHub Container Registry
33- uses : docker/login-action@v3
34- with :
35- registry : ghcr.io
36- username : ${{ github.actor }}
37- password : ${{ secrets.GITHUB_TOKEN }}
38-
39- - id : build-meta
40- name : Docker meta
41- uses : docker/metadata-action@v5
42- with :
43- images : ghcr.io/${{ github.repository }}
44- tags : type=sha,suffix=${{ env.BUILD_SUFFIX }}
45-
46- # Build cache is shared among all builds of the same architecture
47- - id : cache-meta
48- name : Docker meta
49- uses : docker/metadata-action@v5
50- with :
51- images : ghcr.io/${{ github.repository }}
52- tags : type=raw,value=buildcache-${{ runner.arch }}
53-
54- - id : get-registry
55- name : Get the sanitized registry name
56- run : |
57- echo "registry=$(echo '${{ steps.build-meta.outputs.tags }}' | cut -f1 -d:)" | tee -a "$GITHUB_OUTPUT"
58-
59- - id : build
60- name : Build/push the arch-specific image
61- uses : docker/build-push-action@v6
62- with :
63- cache-from : type=registry,ref=${{ steps.cache-meta.outputs.tags }}
64- cache-to : type=registry,ref=${{ steps.cache-meta.outputs.tags }},mode=max
65- labels : ${{ steps.build-meta.outputs.labels }}
66- provenance : mode=max
67- sbom : true
68- tags : ${{ steps.get-registry.outputs.registry }}
69- outputs : type=image,push-by-digest=true,push=true
70-
71- - id : gen-output
72- name : Write arch-specific image digest to outputs
73- run : |
74- echo "image-${RUNNER_ARCH,,}=${{ steps.get-registry.outputs.registry }}@${{ steps.build.outputs.digest }}" | tee -a "$GITHUB_OUTPUT"
75-
76- merge :
77- runs-on : ubuntu-24.04
78- needs : build
79- env :
80- DOCKER_APP_IMAGE_ARM64 : ${{ needs.build.outputs.image-arm64 }}
81- DOCKER_APP_IMAGE_X64 : ${{ needs.build.outputs.image-x64 }}
82- outputs :
83- image : ${{ steps.meta.outputs.tags }}
84- steps :
85- - name : Checkout code
86- uses : actions/checkout@v4
87-
88- - name : Set up Docker Buildx
89- uses : docker/setup-buildx-action@v3
90-
91- - name : Login to GitHub Container Registry
92- uses : docker/login-action@v3
93- with :
94- registry : ghcr.io
95- username : ${{ github.actor }}
96- password : ${{ secrets.GITHUB_TOKEN }}
97-
98- - id : meta
99- name : Generate tag for the app image
100- uses : docker/metadata-action@v5
101- with :
102- images : ghcr.io/${{ github.repository }}
103- tags : type=sha,suffix=${{ env.BUILD_SUFFIX }}
104-
105- - name : Push the multi-platform app image
106- run : |
107- docker buildx imagetools create \
108- --tag "$DOCKER_METADATA_OUTPUT_TAGS" \
109- "$DOCKER_APP_IMAGE_ARM64" "$DOCKER_APP_IMAGE_X64"
14+ docker-build :
15+ uses : BerkeleyLibrary/.github/.github/workflows/docker-build.yml@v2.0.0
16+ with :
17+ image : ghcr.io/${{ github.repository }}
18+ secrets : inherit
11019
11120 test :
11221 runs-on : ubuntu-24.04
113- needs : merge
22+ needs : docker-build
11423 env :
11524 COMPOSE_FILE : docker-compose.yml:docker-compose.ci.yml
116- DOCKER_APP_IMAGE : ${{ needs.merge .outputs.image }}
25+ DOCKER_APP_IMAGE : ${{ needs.docker-build .outputs.image }}
11726 steps :
11827 - name : Checkout code
119- uses : actions/checkout@v4
28+ uses : actions/checkout@v6
12029
12130 - name : Set up Docker Compose
122- uses : docker/setup-compose-action@v1
31+ uses : docker/setup-compose-action@v2
12332
12433 - name : Login to GitHub Container Registry
125- uses : docker/login-action@v3
34+ uses : docker/login-action@v4
12635 with :
12736 registry : ghcr.io
12837 username : ${{ github.actor }}
12938 password : ${{ secrets.GITHUB_TOKEN }}
13039
131- - name : Setup the stack
132- run : |
133- docker run --quiet --rm "${DOCKER_APP_IMAGE}" rails secret > /tmp/secret_key_base
134- docker compose build --quiet
135- docker compose pull --quiet
136- docker compose up --wait
137- docker compose exec -u root app chown -R altmedia:altmedia artifacts
138-
13940 - name : Run RSpec
14041 if : ${{ always() }}
14142 run : |
14243 docker compose exec -e RAILS_ENV=test app rake coverage
143- # docker compose exec -e RAILS_ENV=test app rake check
144- # docker compose exec -e RAILS_ENV=test app rspec --format progress --format html --out artifacts/rspec.html
14544
14645 - name : Run Rubocop
14746 if : ${{ always() }}
@@ -153,55 +52,38 @@ jobs:
15352 run : |
15453 docker compose exec -e RAILS_ENV=test app rake brakeman
15554
156- - name : Run ESLint
55+ - name : Run Bundle Audit
15756 if : ${{ always() }}
15857 run : |
15958 docker compose exec -e RAILS_ENV=test app rake bundle:audit
16059
60+ - name : Run ESLint
61+ if : ${{ always() }}
62+ run : |
63+ docker compose exec -e RAILS_ENV=test app rake js:eslint
64+
16165 - name : Copy out artifacts
16266 if : ${{ always() }}
16367 run : |
16468 docker compose cp app:/opt/app/artifacts ./ || mkdir artifacts
16569 docker compose logs > artifacts/docker-compose-services.log
166- docker compose config > artifacts/docker-compose.merged .yml
70+ docker compose config > artifacts/docker-compose.docker-buildd .yml
16771
16872 - name : Upload the test report
16973 if : ${{ always() }}
170- uses : actions/upload-artifact@v4
74+ uses : actions/upload-artifact@v7
17175 with :
17276 name : Framework Build Report (${{ github.run_id }}_${{ github.run_attempt }})
17377 path : artifacts/*
17478 if-no-files-found : error
17579
17680 push :
177- runs-on : ubuntu-24.04
17881 needs :
179- - merge
82+ - docker-build
18083 - test
181- env :
182- DOCKER_APP_IMAGE : ${{ needs.merge.outputs.image }}
183- steps :
184- - name : Checkout code
185- uses : actions/checkout@v4
186-
187- - name : Login to GitHub Container Registry
188- uses : docker/login-action@v3
189- with :
190- registry : ghcr.io
191- username : ${{ github.actor }}
192- password : ${{ secrets.GITHUB_TOKEN }}
193-
194- - name : Produce permanent image tags
195- uses : docker/metadata-action@v5
196- with :
197- images : ghcr.io/${{ github.repository }}
198- tags : |
199- type=sha
200- type=ref,event=branch
201- type=raw,value=latest,enable={{is_default_branch}}
202-
203- - name : Retag and push the image
204- run : |
205- docker pull "$DOCKER_APP_IMAGE"
206- echo "$DOCKER_METADATA_OUTPUT_TAGS" | tr ' ' '\n' | xargs -n1 docker tag "$DOCKER_APP_IMAGE"
207- docker push --all-tags "$(echo "$DOCKER_APP_IMAGE" | cut -f1 -d:)"
84+ uses : BerkeleyLibrary/.github/.github/workflows/docker-push.yml@v2.0.0
85+ with :
86+ image : ghcr.io/${{ github.repository }}
87+ build-image-arm64 : ${{ needs.docker-build.outputs.image-arm64 }}
88+ build-image-x64 : ${{ needs.docker-build.outputs.image-x64 }}
89+ secrets : inherit
0 commit comments