Add GitHub Actions workflow for CI #223
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Holmes98
force-pushed
the
gh-actions-v2
branch
from
a0bf38e to
53cac28
Compare
Holmes98
changed the title
This changes the permissions of isolock to match isolate, because the GitHub Actions runner user does not appear to be in their own group.
This fixes the following error during rake db:seed on Ubuntu 20.04: BCrypt::Errors::InvalidHash (invalid hash)
Holmes98
force-pushed
the
gh-actions-v2
branch
from
53cac28 to
cb30553
Compare
bagedevimo
previously approved these changes
Dec 30, 2023
Contributor
bagedevimo
left a comment
bagedevimo
left a comment
There was a problem hiding this comment.
This looks great, I can't see any reason not to just merge it - low risk from my point of view.
tom93
reviewed
Dec 30, 2023
tom93
reviewed
Dec 30, 2023
tom93
reviewed
Jan 1, 2024
.github/workflows/ci.yml
Outdated
Comment on lines
13
to
16
| --health-cmd pg_isready | ||
| --health-interval 10s | ||
| --health-timeout 5s | ||
| --health-retries 5 |
Contributor
There was a problem hiding this comment.
I know these health checks are the default from the sample, but I'd like to reduce the interval (maybe in a separate PR) because the 10s interval causes the "Initialize containers" steps to be needlessly slow (~20s). Reducing the interval to 1s (and increasing the retries to compensate) makes it faster (~10s).
(Ideally we would use start interval to set a short interval while waiting for the service to start and a longer interval afterwards to reduce CPU overhead, but --health-start-interval is relatively new and is not available here; need to wait for Docker v25.)
Since this code was originally written, v2 has been released. It natively supports the simplecov format, so it allows us to remove simplecov-lcov. This gives us nice HTML coverage reports when running locally. Also, with v2 we longer have to pass the GitHub token explicitly.
Settings RAILS_ENV=test for all steps is important, because script/install/config.bash only persists it for other install scripts, and failing to set RAILS_ENV can cause some subtle issues; e.g. Rails normally respects the environment variable DATABASE_URL (so we can remove "url" from config/database.yml), but things breaks if RAILS_ENV is not set to "test". This change also matches GitHub's Ruby on Rails CI template.
This was referenced Jan 1, 2024
tom93
reviewed
Jan 1, 2024
tom93
reviewed
Jan 1, 2024
tom93
pushed a commit
that referenced
this pull request
Jan 1, 2024
tom93
added a commit
that referenced
this pull request
Jan 1, 2024
Replace $TRAVIS with $CI, and explicitly propagate the variable to debootstrap.bash via sudo (it wasn't necessary on Travis CI because Travis has a special sudo configuration that preserves certain environment variables[1]). [1] https://github.com/travis-ci/travis-cookbooks/blob/v7.0.0/ci_environment/travis_build_environment/files/default/etc/sudoers/env_keep Co-authored-by: Tom Levy <tomlevy93@gmail.com>
tom93
added a commit
that referenced
this pull request
Jan 1, 2024
Switch from the deprecated coveralls gem to the Coveralls GitHub Action. The coveralls gem fails with SSLError [1] because it sets ssl_version to TLSv1, and its API endpoint is gone (404 Not Found). There is a community-maintained replacement called coveralls-ruby-reborn, but the official integration is through the Coveralls GitHub Action which is easy enough to use so we just switch to that. [1] https://www.github.com/lemurheavy/coveralls-ruby/issues/163 Co-authored-by: Tom Levy <tomlevy93@gmail.com>
tom93
pushed a commit
that referenced
this pull request
Jan 1, 2024
tom93
added a commit
that referenced
this pull request
Jan 1, 2024
Replace $TRAVIS with $CI, and explicitly propagate the variable to debootstrap.bash via sudo (it wasn't necessary on Travis CI because Travis has a special sudo configuration that preserves certain environment variables[1]). [1] https://github.com/travis-ci/travis-cookbooks/blob/v7.0.0/ci_environment/travis_build_environment/files/default/etc/sudoers/env_keep Co-authored-by: Tom Levy <tomlevy93@gmail.com>
tom93
added a commit
that referenced
this pull request
Jan 1, 2024
Switch from the deprecated coveralls gem to the Coveralls GitHub Action. The coveralls gem fails with SSLError [1] because it sets ssl_version to TLSv1, and its API endpoint is gone (404 Not Found). There is a community-maintained replacement called coveralls-ruby-reborn, but the official integration is through the Coveralls GitHub Action which is easy enough to use so we just switch to that. [1] https://www.github.com/lemurheavy/coveralls-ruby/issues/163 Co-authored-by: Tom Levy <tomlevy93@gmail.com>
pg_isready works even if the username is invalid, however it causes the following error message to appear repeatedly in the postgres container log (which is displayed in the "Stop containers" step): ``` FATAL: role "root" does not exist ```
This option was inherited from .travis.yml and causes install.bash to skip the following steps (which are also done during update): - bundle install - script/install/migrate.bash - script/install/whenever.bash - (if in production) script/install/assets.bash The job currently works even without these steps, but it's fragile: the `bundle install` step is only safe to skip because we pass `bundler-cache: true` to ruby/setup-ruby; if we disable the cache then ruby/setup-ruby won't run `bundle install` and the build will fail. So don't use --skip-updates, in order to always run `bundle install` and ensure the build will work even without `bundler-cache: true`. (Running `bundle install` twice doesn't do any harm, it only takes ~0.27s the second time.) Not using --skip-updates has the a additional effect of running migrate.bash, which is probably a good thing because it exercises the migration code. The migrations take ~8s, which is a little slow but not a big deal. Note that the schema is dumped after migrating, so db:test:load will use the dumped schema rather than the one from the repository. We will add a check later on that reports an error if the dumped schema has any differences. Running whenever.bash is quick and doesn't do any harm.
Our install scripts create the database if it doesn't exist, but getting the postgres service to create the database is nicer and more consistent with the GitHub Actions Ruby on Rails CI template.
(Currently this doesn't do much because .standard.yml ignores all the files.)
The only semantic change is switching the postgres image from Debian-based to Alpine-based. There are a couple of differences compared to the GitHub Actions Ruby on Rails CI template: - The template only runs the job on push/pull-request for branch "master", but we run the job for all branches because we want to be able to push commits and have them tested without having to open a pull request. - The template runs on ubuntu-latest but we use ubuntu-20.04 because the build currently fails on ubuntu-latest. - The template doesn't have Docker health checks (for waiting until the services have started). - We have a "redis" service and a custom install script. - The template uses bin/rails etc., which we don't have yet. - The template has pretty step names, which we don't bother with. - The template's lint task uses bundler-audit, brakeman, and rubocop; we use standardrb.
Comment out the setting for now, so that we're actually testing the script that creates the database. Keeping it as a comment because it might be useful when we pare down the install scripts.
It's not required because we run db:migrate earlier. Also, db/schema.rb is slightly incomplete (it doesn't include the index index_users_on_username because of a Rails limitation).
Member
Author
|
Superseded by #246. |
Holmes98
added a commit
that referenced
this pull request
Mar 21, 2025
The RDoc markup for the badges (as link images) wasn't rendered correctly on GitHub, and the file was using `code` for code snippets (Markdown syntax) rather than +code+ (RDoc syntax). Badge updates: - We now use GitHub Actions instead of Travis CI (#223) - Remove Waffle.io badge (the service has shut down)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
MERGED as #246
This is an alternative to #82 that does not use a Dockerfile.
Note that the commands used are mostly copied from our previous CI setup in .travis.yml (which is no longer being used due to #147).