From 784f00e966831f339ceb8e37efc1b1fc65577fef Mon Sep 17 00:00:00 2001 From: Mike Virata-Stone Date: Tue, 24 Dec 2024 15:24:45 -0800 Subject: [PATCH] Switch to GitHub Actions and add brakeman and bundler-audit --- .github/workflows/rails.yml | 61 +++++++++++++++++++++++++++++++++++++ .travis.yml | 28 ----------------- Gemfile | 4 ++- Gemfile.lock | 7 +++++ Rakefile | 9 ------ 5 files changed, 71 insertions(+), 38 deletions(-) create mode 100644 .github/workflows/rails.yml delete mode 100644 .travis.yml diff --git a/.github/workflows/rails.yml b/.github/workflows/rails.yml new file mode 100644 index 00000000..217a3b7f --- /dev/null +++ b/.github/workflows/rails.yml @@ -0,0 +1,61 @@ +# This workflow uses actions that are not certified by GitHub. They are +# provided by a third-party and are governed by separate terms of service, +# privacy policy, and support documentation. +# +# This workflow will install a prebuilt Ruby version, install dependencies, and +# run tests and linters. +name: "Ruby on Rails CI" +on: + push: + branches: ["master"] + pull_request: + branches: ["master"] + +jobs: + test: + runs-on: ubuntu-latest + services: + postgres: + image: postgres:11-alpine + ports: + - "5432:5432" + env: + POSTGRES_DB: stockaid_test + POSTGRES_USER: rails + POSTGRES_PASSWORD: password + env: + DATABASE_URL: "postgres://rails:password@localhost:5432/stockaid_test" + RAILS_ENV: test + STOCKAID_SECRET_KEY_BASE: f152b24044a9dd45656eea8a30f7d7df367497dc4fb53e563425db71c43dc0f959d4d6e62ed54811c6b925db0237a1e16ea9ce1103019ac329660afe40634ead + STOCKAID_SITE_NAME: GitHubActionsStockAid + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Install Ruby and gems + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + - name: Set up database schema + run: bin/rails db:schema:load + - name: Precompile assets + run: bin/rake assets:precompile + - name: Run tests + run: bin/rake spec + + lint: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Install Ruby and gems + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + - name: Generate binstubs + run: bundle binstubs bundler-audit brakeman rubocop + - name: Security audit dependencies + run: bin/bundler-audit --update + - name: Security audit application code + run: bin/brakeman -q -w2 + - name: Lint Ruby files + run: bin/rubocop --parallel diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 505cf26e..00000000 --- a/.travis.yml +++ /dev/null @@ -1,28 +0,0 @@ -language: ruby -rvm: -- 3.3.2 -services: postgresql -bundler_args: "--without production development staging review --jobs=3 --retry=3" -before_install: -- gem install bundler -v 2.5.14 -- nvm install node -- node -v -- npm i -g yarn -- yarn -env: - global: - - STOCKAID_SECRET_KEY_BASE=f152b24044a9dd45656eea8a30f7d7df367497dc4fb53e563425db71c43dc0f959d4d6e62ed54811c6b925db0237a1e16ea9ce1103019ac329660afe40634ead - - STOCKAID_DEVISE_PEPPER=c9437c0aac74ceb06f8d49b1cd1f360d49cc43446a33d5d7e02016038e925c99d6f92afee5ea8b547702c05b5f36ac2cd532516b3e04dac617a430a9cc403472 - - STOCKAID_ENV_SETUP=3 - - STOCKAID_DATABASE_USERNAME=postgres - - STOCKAID_DATABASE_PASSWORD= - - STOCKAID_SITE_NAME=TravisStockAid -script: -- bundle exec rake rubocop -- psql -c 'create database stockaid_test;' -U postgres -- RAILS_ENV=test bundle exec rake db:migrate --trace -- RAILS_ENV=test bundle exec rake assets:precompile -- bundle exec rake spec -notifications: - slack: - secure: B456jmEXALlGTID/n8QQUWSKo5jerIRMrxq+zI+MpVh59IvVrQQcHQiTQx5nJhcI7urV8i+v42z2LRkVWpYDOPIpf1TZ5iV1wCct02rZ7STip5RCdhf6yiqRY8YwFMVKCpq4mHgb6VG9H2cciFbULtSAfBHAXODzZRCMkF+7sS/jyfw/lvbKSDArqWzA5obY9UVA8pN6AaCAXn84RU/DXykJYP9pa0qGhQftjaXRl4gLBWoMWwsu9Z7RyeCVAZYT24Rtn9BANaAZ3GHpjMryAayj/KMjYdrsdrzpczted259mSg6sYUy5xO9o/UcZW6aO/72kBcD6+IvWbWR5hFPktPope3cknuq7+9kcpgLL2I+UncZ1+c099OELOqhsSWkVROV4uO4pbIo94fnsTMGWWfPQagQb4X7cwj0v7jS3nUHRM2352iXEqAG7B4AjjTQGsuOWtGNWHC+atriaNIgsj0+floMCd7+/uDp1Ry0fRF1EJhbcNlH7seojWeFagE2Nub8jTc3EhlkWu8iHTNUmzuzrwhOA+dOH1GpzBGskliDB2tm1KPJOR1J7GtJzijDQtFIGy+5eNZoPV7YSNfiuSPHTzkbF63b7lQW7O4y41IdnqpAZEB1MO8IwXHnPWLz1q1+QKsxehdMvo1WGld2eboopU9YN82XzyGOmqMIQ5Q= diff --git a/Gemfile b/Gemfile index cedde450..59488fe4 100644 --- a/Gemfile +++ b/Gemfile @@ -32,13 +32,15 @@ gem "spreadsheet", "~> 1.1", ">= 1.1.2" gem "stateful_enum" group :development, :test do + gem "brakeman", require: false + gem "bundler-audit", require: false gem "capybara" gem "dotenv" gem "pry-byebug" gem "pry-rails" gem "rails-controller-testing" gem "rspec-rails", "~> 6.0" - gem "rubocop" + gem "rubocop", require: false gem "sdoc", group: :doc end diff --git a/Gemfile.lock b/Gemfile.lock index d528dcd3..97af47ef 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -93,7 +93,12 @@ GEM bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) sassc (>= 2.0.0) + brakeman (6.2.2) + racc builder (3.3.0) + bundler-audit (0.9.2) + bundler (>= 1.2.0, < 3) + thor (~> 1.0) byebug (11.1.3) capybara (3.40.0) addressable @@ -499,6 +504,8 @@ DEPENDENCIES bootsnap bootstrap-datepicker-rails bootstrap-sass (~> 3.4.1) + brakeman + bundler-audit byebug capybara chartkick diff --git a/Rakefile b/Rakefile index a866ac2f..1d92159c 100644 --- a/Rakefile +++ b/Rakefile @@ -3,13 +3,4 @@ require File.expand_path("../config/application", __FILE__) -# Temp Fix from: https://stackoverflow.com/questions/35893584/nomethoderror-undefined-method-last-comment-after-upgrading-to-rake-11 -module TempFixForRakeLastComment - def last_comment - last_description - end -end -Rake::Application.send :include, TempFixForRakeLastComment -# End Temp Fix - Rails.application.load_tasks