Skip to content

Merge pull request #2766 from alphagov/dependabot/bundler/oj-3.16.4 #1394

Merge pull request #2766 from alphagov/dependabot/bundler/oj-3.16.4

Merge pull request #2766 from alphagov/dependabot/bundler/oj-3.16.4 #1394

Workflow file for this run

name: CI
on:
workflow_dispatch: {}
push:
branches:
- main
paths-ignore:
- "Jenkinsfile"
- ".git**"
pull_request:
jobs:
codeql-sast:
name: CodeQL SAST scan
uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
permissions:
security-events: write
dependency-review:
name: Dependency Review scan
uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main
security-analysis:
name: Security Analysis
uses: alphagov/govuk-infrastructure/.github/workflows/brakeman.yml@main
secrets: inherit
permissions:
contents: read
security-events: write
actions: read
lint-ruby:
name: Lint Ruby
uses: alphagov/govuk-infrastructure/.github/workflows/rubocop.yml@main
run-gds-api-adapters-pact-tests:
name: Run GDS API Adapter Pact tests
uses: ./.github/workflows/pact-verify.yml
with:
ref: ${{ github.ref }}
test-ruby:
name: Test Ruby
runs-on: ubuntu-latest
steps:
- name: Setup Postgres
id: setup-postgres
uses: alphagov/govuk-infrastructure/.github/actions/setup-postgres@main
- name: Setup Redis
uses: alphagov/govuk-infrastructure/.github/actions/setup-redis@main
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Initialize database
env:
RAILS_ENV: test
TEST_DATABASE_URL: ${{ steps.setup-postgres.outputs.db-url }}
run: bundle exec rails db:setup
- name: Run RSpec
env:
RAILS_ENV: test
TEST_DATABASE_URL: ${{ steps.setup-postgres.outputs.db-url }}
run: bundle exec rake spec
# We upload the generated pact tests so they can be used in a later action
- name: Create and upload pact test artifact
uses: actions/upload-artifact@v4
with:
name: pacts
path: spec/pacts/*.json
check-schemas-build:
name: Check content schemas are built
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Build content schemas
run: bundle exec rake build_schemas
- name: Check for uncommited changes
run: |
if git diff --exit-code; then
echo "No uncommit changes detected."
else
echo "::error title=Uncommited changes to content schemas::If these are your changes, build the content schemas and commit the changes."
exit 1
fi
run-content-store-pact-tests:
name: Run Content Store Pact tests
needs: test-ruby
uses: alphagov/content-store/.github/workflows/verify-pact.yml@main
with:
ref: main
pact_artifact: pacts
publish-pacts:
needs:
- test-ruby
if: ${{ github.ref == 'refs/heads/main' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- uses: actions/download-artifact@v4
with:
name: pacts
path: tmp/pacts
- run: bundle exec rake pact:publish
env:
PACT_CONSUMER_VERSION: branch-${{ github.ref_name }}
PACT_BROKER_BASE_URL: https://govuk-pact-broker-6991351eca05.herokuapp.com
PACT_BROKER_USERNAME: ${{ secrets.GOVUK_PACT_BROKER_USERNAME }}
PACT_BROKER_PASSWORD: ${{ secrets.GOVUK_PACT_BROKER_PASSWORD }}
PACT_PATTERN: tmp/pacts/*.json