Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Rubocop, brakeman, bundler-audit #236

Merged
merged 13 commits into from
Jan 29, 2024
51 changes: 35 additions & 16 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
name: CI

on:
push:
branches: [ master, community ]
pull_request:
branches: [ master, community ]
branches: [ 'master' ]

jobs:
test:
Expand All @@ -22,20 +20,41 @@ jobs:
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
RAILS_ENV: test
DATABASE_URL: postgres://postgres:postgres@localhost:5432/pia_test
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
ruby-version: '3.3'
- name: Set up database schema
run: bin/rails db:schema:load
- name: Run tests
run: bin/rails test

lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Checkout code
uses: actions/checkout@v3
- name: Setup Ruby
uses: actions/setup-ruby@v1
uses: ruby/setup-ruby@v1
with:
ruby-version: 3.1.x
- name: Build and run tests
env:
DATABASE_URL: postgres://postgres:postgres@localhost:5432/pia_test
RAILS_ENV: test
run: |
sudo apt-get -yqq install libpq-dev
gem install bundler
bundle install --jobs 4 --retry 3
bin/rails db:prepare
bin/rails test
bundler-cache: true
ruby-version: '3.3'

- name: Bundle binstubs
run: bundle install --binstubs

- name: Security audit dependencies
run: bin/bundler-audit --update

- name: Security audit application code
run: bin/brakeman

- name: Lint Ruby files
run: bin/rubocop
15 changes: 9 additions & 6 deletions .rubocop.yml
Original file line number Diff line number Diff line change
@@ -1,8 +1,11 @@
require: rubocop-rails
Style/FrozenStringLiteralComment:
# Omakase Ruby styling for Rails
inherit_gem:
rubocop-rails-omakase: rubocop.yml

# Your own specialized rules go here
Style/StringLiterals:
Enabled: false
Style/Documentation:
Layout/SpaceInsideArrayLiteralBrackets:
Enabled: false
Layout/LineLength:
Max: 140
EnforcedShorthandSyntax: never
Layout/EndAlignment:
EnforcedStyleAlignWith: keyword
2 changes: 1 addition & 1 deletion .ruby-version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
3.1.4
3.3.0
12 changes: 8 additions & 4 deletions Gemfile
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
source 'https://rubygems.org'
git_source(:github) { |repo| "https://github.com/#{repo}.git" }

ruby '~> 3.1.4'
ruby '~> 3.1'

# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'fast_jsonapi'
Expand All @@ -12,8 +12,8 @@ gem 'pg', '>= 0.18', '< 2.0'
gem 'mime-types', '~> 3.3'
gem 'puma', '~> 5.6'

gem 'carrierwave', '~> 2.1.1'
gem 'carrierwave-base64', '~> 2.8.0'
gem 'carrierwave'
gem 'carrierwave-base64'
gem 'dotenv-rails'

# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
Expand Down Expand Up @@ -50,17 +50,21 @@ gem 'rails-i18n'

group :development, :test do
# Call 'byebug' anywhere in the code to stop execution and get a debugger console
gem 'brakeman'
gem 'bundler-audit'
gem 'byebug', platform: %i[mri mingw x64_mingw]
gem 'factory_bot_rails'
gem 'rubocop'
gem 'rubocop-rails', require: false
end

group :development do
# gem 'listen', '~> 3.2.1'
gem 'rubocop-rails', require: false
# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
# gem 'spring'
# gem 'spring-watcher-listen', '~> 2.0.0'
end

# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
gem 'tzinfo-data', platforms: %i[mingw mswin x64_mingw jruby]
gem "rubocop-rails-omakase", require: false, group: [ :development ]
Loading
Loading