Skip to content

Updates to forgery protection for Ruby 3.x #83

Updates to forgery protection for Ruby 3.x

Updates to forgery protection for Ruby 3.x #83

Workflow file for this run

# This workflow uses actions that are not certified by GitHub. They are
# provided by a third-party and are governed by separate terms of service,
# privacy policy, and support documentation.
#
# This workflow will install a prebuilt Ruby version, install dependencies, and
# run tests and linters.
name: "CI"
on: push
jobs:
test:
strategy:
matrix:
# Ensure these stay in sync!
ruby-version: [2.7, 3.0, 3.1, 3.2]
runs-on: ubuntu-latest
services:
postgres:
image: postgres:13-alpine
ports:
- "5432:5432"
env:
POSTGRES_DB: rails_test
POSTGRES_USER: rails
POSTGRES_PASSWORD: password
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
env:
RAILS_ENV: test
DATABASE_URL: "postgres://rails:password@localhost:5432/rails_test"
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Remove Bundler lockfile
run: rm Gemfile.lock
- name: Install Ruby ${{ matrix.ruby-version }} and gems
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby-version }}
bundler-cache: true
- name: Set up database schema
run: bundle exec rails db:create db:schema:load
- name: Run tests
run: bundle exec rails spec
lint:
strategy:
matrix:
# Ensure these stay in sync!
ruby-version: [2.7, 3.0, 3.1, 3.2]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Remove Bundler lockfile
run: rm Gemfile.lock
- name: Install Ruby ${{ matrix.ruby-version }} and gems
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby-version }}
bundler-cache: true
- name: Security audit dependencies
run: bundle exec bundler-audit --update
- name: Security audit application code
run: bundle exec brakeman -q
# - name: Lint Ruby files
# run: bin/rubocop --parallel