Skip to content

Update security policy #955

Update security policy

Update security policy #955

Workflow file for this run

name: Testing
on:
push:
branches:
- main
- dev
- experimental
pull_request:
types: [opened, reopened, synchronize, ready_for_review]
jobs:
# For the setup idea using Docker Buildx, see StackOverflow answer [1].
# [2] and [3] might also be very useful. [4] is generally about Docker
# cache management within GitHub Actions.
#
# [1] https://stackoverflow.com/a/75544124/
# [2] https://depot.dev/blog/docker-layer-caching-in-github-actions#docker-layer-caching-in-github-actions
# [3] https://www.deploysentinel.com/blog/docker-buildx-cache-with-github-actions
# [4] https://docs.docker.com/build/ci/github-actions/cache/
unit-tests:
name: Unit tests
environment: testing
runs-on: ubuntu-latest
permissions: write-all
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
submodules: recursive
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
# see https://github.com/orgs/MaMpf-HD/packages?repo_name=mampf
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build docker images
# As the docker-compose.yml file uses contexts like "./../..", we have
# to change the working directory here.
working-directory: docker/test
run: |
docker buildx bake --file ./docker-compose.yml --file ./../../.github/workflows/docker-compose-cache.json
- name: Run unit tests
working-directory: docker/test
run: |
docker compose run --entrypoint="" mampf sh -c "RAILS_ENV=test bundle exec rspec --format RSpec::Github::Formatter"
- name: Report test coverage to codecov
uses: codecov/codecov-action@v4
with:
fail_ci_if_error: true
files: ./coverage/coverage.xml
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true
# Cypress end-to-end tests
e2e-tests:
name: e2e (Cypress)
environment: testing
runs-on: ubuntu-latest
permissions: write-all
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
submodules: recursive
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
# see https://github.com/orgs/MaMpf-HD/packages?repo_name=mampf
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build docker images
# As the docker-compose.yml file uses contexts like "./../..", we have
# to change the working directory here.
working-directory: docker/test
run: >
docker buildx bake -f ./docker-compose.yml -f ./cypress.yml
-f ./../../.github/workflows/docker-compose-cache.json
- name: Run Cypress tests
working-directory: docker/test
# "cypress run" is defined in the cypress.yml entrypoint
run: docker compose -f ./docker-compose.yml -f ./cypress.yml run cypress