Skip to content

docs: add a short guide on security. #1006

docs: add a short guide on security.

docs: add a short guide on security. #1006

name: Elixir Client CI
on:
push:
branches: ["main"]
pull_request:
permissions:
contents: read
jobs:
build:
name: Build and test
runs-on: ubuntu-latest
defaults:
run:
working-directory: packages/elixir-client
env:
MIX_ENV: test
POSTGRES_VERSION: 140006
ELECTRIC_PORT: 3100
PG_PORT: 54323
ELECTRIC_URL: "http://127.0.0.1:3100"
DATABASE_URL: "postgresql://postgres:[email protected]:54323/postgres?sslmode=disable"
services:
postgres:
image: postgres:14-alpine
env:
POSTGRES_PASSWORD: password
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 54323:5432
steps:
- uses: actions/checkout@v4
- name: "Set PG settings"
run: |
docker exec ${{ job.services.postgres.id }} sh -c 'echo "wal_level=logical" >> /var/lib/postgresql/data/postgresql.conf'
docker restart ${{ job.services.postgres.id }}
- uses: erlef/setup-beam@v1
with:
version-type: strict
version-file: ".tool-versions"
- name: Cache elixir-client dependencies
uses: actions/cache@v4
with:
path: packages/elixir-client/deps
key: ${{ runner.os }}-elixir-client-deps-${{ hashFiles('packages/elixir-client/mix.lock') }}
restore-keys: |
${{ runner.os }}-elixir-client-deps-${{ hashFiles('packages/elixir-client/mix.lock') }}
${{ runner.os }}-elixir-client-deps-
- name: Cache elixir-client compiled code
uses: actions/cache@v4
with:
path: |
packages/elixir-client/_build/*/lib
!packages/elixir-client/_build/*/lib/electric_client
key: "${{ runner.os }}-elixir-client-build-[${{ github.ref_name }}]-${{ github.sha }}"
restore-keys: |
${{ runner.os }}-elixir-client-build-[${{ github.ref_name }}]-${{ github.sha }}
${{ runner.os }}-elixir-client-build-[${{ github.ref_name }}]-
${{ runner.os }}-elixir-client-build-
- name: Cache sync-service dependencies
uses: actions/cache@v4
with:
path: packages/sync-service/deps
key: "${{ runner.os }}-sync-service-deps-${{ env.MIX_ENV }}-${{ hashFiles('packages/sync-service/mix.lock') }}"
restore-keys: |
${{ runner.os }}-sync-service-deps-${{ env.MIX_ENV }}-${{ hashFiles('packages/sync-service/mix.lock') }}
${{ runner.os }}-sync-service-deps-${{ env.MIX_ENV }}-
${{ runner.os }}-sync-service-deps-
- name: Cache sync-service compiled code
uses: actions/cache@v4
with:
path: |
packages/sync-service/_build/*/lib
!packages/sync-service/_build/*/lib/electric
key: "${{ runner.os }}-sync-service-build-${{ env.MIX_ENV }}-[${{ github.ref_name }}]-${{ github.sha }}"
restore-keys: |
${{ runner.os }}-sync-service-build-${{ env.MIX_ENV }}-[${{ github.ref_name }}]-${{ github.sha }}
${{ runner.os }}-sync-service-build-${{ env.MIX_ENV }}-[${{ github.ref_name }}]-
${{ runner.os }}-sync-service-build-${{ env.MIX_ENV }}-
${{ runner.os }}-sync-service-build-
- name: Install dependencies
run: mix deps.get && mix deps.compile
- name: Compiles without warnings
run: mix compile --force --all-warnings --warnings-as-errors
- name: Install sync-service dependencies
run: mix deps.get && mix deps.compile
working-directory: packages/sync-service
env:
MIX_ENV: prod
- uses: JarvusInnovations/background-action@v1
name: Bootstrap System Under Test (SUT)
with:
run: |
mix start_dev
env mix run --no-halt &
wait-on: "http://127.0.0.1:3100"
tail: true
log-output-resume: stderr
wait-for: 1m
log-output: true
log-output-if: failure
working-directory: packages/sync-service
env:
MIX_ENV: prod
- name: Run tests
run: mix test
formatting:
name: Check formatting
runs-on: ubuntu-latest
defaults:
run:
working-directory: packages/elixir-client
env:
MIX_ENV: test
steps:
- uses: actions/checkout@v4
- uses: erlef/setup-beam@v1
with:
version-type: strict
version-file: ".tool-versions"
- name: Cache dependencies
id: cache-deps
uses: actions/cache/restore@v4
with:
path: packages/elixir-client/deps
key: ${{ runner.os }}-elixir-client-deps-${{ hashFiles('packages/elixir-client/mix.lock') }}
restore-keys: |
${{ runner.os }}-elixir-client-deps-${{ hashFiles('packages/elixir-client/mix.lock') }}
${{ runner.os }}-elixir-client-deps-
- run: mix deps.get
- run: mix format --check-formatted