Update postgres:16.6 Docker digest to c7afedc #1975
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
- develop | |
pull_request: | |
branches: | |
- main | |
- develop | |
release: | |
types: [published] | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME_RUNTIME: ${{ github.repository }}/runtime | |
jobs: | |
test: | |
name: "Test backpex" | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
elixir: ["1.17", "1.16"] | |
erlang: ["27.1", "26.2"] | |
exclude: | |
- elixir: "1.16" | |
erlang: "27.1" | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- uses: erlef/setup-beam@5304e04ea2b355f03681464e683d92e3b2f18451 # v1 | |
with: | |
otp-version: ${{ matrix.erlang }} | |
elixir-version: ${{ matrix.elixir }} | |
- name: Restore the deps and _build cache | |
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
id: restore-cache | |
env: | |
MIX_LOCK_HASH: ${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }} | |
with: | |
path: | | |
deps | |
_build | |
key: ${{ runner.os }}-${{ matrix.elixir }}-${{ matrix.erlang }}-build-deps-mixlockhash-${{ env.MIX_LOCK_HASH }} | |
restore-keys: ${{ runner.os }}-${{ matrix.elixir }}-${{ matrix.erlang }}-build-deps- | |
- name: Install dependencies | |
if: steps.restore-cache.outputs.cache-hit != 'true' | |
run: mix deps.get | |
- name: Compile dependencies | |
if: steps.restore-cache.outputs.cache-hit != 'true' | |
run: mix deps.compile | |
- name: Run tests | |
run: mix test | |
- name: Check formatting | |
run: mix format --check-formatted | |
- name: Compile with warnings as errors | |
run: mix compile --warnings-as-errors --force | |
- name: Credo | |
run: mix credo | |
- name: Sobelow | |
run: mix sobelow --config | |
- name: Deps Unused | |
run: mix deps.unlock --check-unused | |
- name: Deps Audit | |
continue-on-error: true | |
run: mix deps.audit | |
- name: Gettext Check | |
run: mix gettext.extract --check-up-to-date | |
publish: | |
needs: test | |
if: github.event_name == 'release' | |
name: "Publish package on hex.pm" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- uses: erlef/setup-beam@5304e04ea2b355f03681464e683d92e3b2f18451 # v1 | |
id: beam | |
with: | |
version-file: .tool-versions | |
version-type: strict | |
- name: Install dependencies | |
run: | | |
mix local.hex --force --if-missing | |
mix local.rebar --force --if-missing | |
mix deps.get | |
- name: Publish package on hex.pm | |
env: | |
HEX_API_KEY: ${{ secrets.HEX_API_KEY }} | |
run: mix hex.publish --yes | |
test-demo: | |
name: "Test (Demo)" | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres:16.6@sha256:c7afedc5c15994625b5be4cb4736c030271b55be0360b78a99c90ec2fbe658b6 | |
env: | |
POSTGRES_PASSWORD: postgres | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
- "5432:5432" | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Setup beam | |
uses: erlef/setup-beam@5304e04ea2b355f03681464e683d92e3b2f18451 # v1 | |
id: beam | |
with: | |
version-file: .tool-versions | |
version-type: strict | |
- name: Setup node | |
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 | |
with: | |
node-version: 20 | |
cache: 'yarn' | |
cache-dependency-path: demo/yarn.lock | |
- name: Restore the deps and _build cache | |
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
id: restore-cache | |
env: | |
OTP_VERSION: ${{ steps.beam.outputs.otp-version }} | |
ELIXIR_VERSION: ${{ steps.beam.outputs.elixir-version }} | |
MIX_LOCK_HASH: ${{ hashFiles(format('{0}{1}', github.workspace, '/demo/mix.lock')) }} | |
with: | |
path: | | |
demo/deps | |
demo/_build | |
key: ${{ runner.os }}-${{ env.ELIXIR_VERSION }}-${{ env.OTP_VERSION }}-build-deps-demo-mixlockhash-${{ env.MIX_LOCK_HASH }} | |
restore-keys: ${{ runner.os }}-${{ env.ELIXIR_VERSION }}-${{ env.OTP_VERSION }}-build-deps-demo- | |
- name: Install dependencies | |
if: steps.restore-cache.outputs.cache-hit != 'true' | |
working-directory: demo | |
run: mix deps.get | |
- name: Compile dependencies | |
if: steps.restore-cache.outputs.cache-hit != 'true' | |
working-directory: demo | |
run: mix deps.compile | |
- name: Compile with warnings as errors | |
working-directory: demo | |
run: mix compile --warnings-as-errors --force | |
- name: Install node dependencies | |
working-directory: demo | |
run: yarn install --pure-lockfile | |
- name: lint:mix | |
working-directory: demo | |
run: yarn lint:mix | |
- name: lint:credo | |
working-directory: demo | |
run: yarn lint:credo | |
- name: lint:sobelow | |
working-directory: demo | |
run: yarn lint:sobelow | |
- name: lint:style | |
working-directory: demo | |
run: yarn lint:style | |
- name: lint:standard | |
working-directory: demo | |
run: yarn lint:standard | |
- name: lint:deps-unused | |
working-directory: demo | |
run: yarn lint:deps-unused | |
- name: lint:gettext | |
working-directory: demo | |
run: yarn lint:gettext | |
- name: Run test | |
working-directory: demo | |
env: | |
DB_HOSTNAME: localhost | |
DB_USERNAME: postgres | |
DB_PASSWORD: postgres | |
DB_DATABASE: test | |
run: yarn test | |
- name: Deps audit | |
working-directory: demo | |
continue-on-error: true | |
run: mix deps.audit | |
build-runtime: | |
name: "Build and push image (Demo)" | |
runs-on: ubuntu-latest | |
needs: [test-demo] | |
if: github.event_name == 'push' | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3 | |
- name: Log in to the container registry | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_RUNTIME }} | |
- name: Build container | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6 | |
with: | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME_RUNTIME }}:buildcache | |
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME_RUNTIME }}:buildcache,mode=max | |
target: runtime | |
build-args: | | |
MIX_ENV=prod |