Skip to content

ClamAV in Containers #5745

ClamAV in Containers

ClamAV in Containers #5745

name: Audit Service Tags
on:
pull_request:
branches:
- 'master'
permissions:
contents: read
checks: write
jobs:
audit_service_tags:
name: Audit Service Tags
env:
BUNDLE_ENTERPRISE__CONTRIBSYS__COM: ${{ secrets.BUNDLE_ENTERPRISE__CONTRIBSYS__COM }}
CI: true
RAILS_ENV: test
TERM: xterm-256color
DOCKER_BUILDKIT: 1
COMPOSE_DOCKER_CLI_BUILD: 1
runs-on: ubuntu-16-cores-latest
steps:
- uses: actions/checkout@v4
- uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Setup Environment
run: |
echo "VETS_API_USER_ID=$(id -u)" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker Image
uses: docker/build-push-action@v5
with:
build-args: |
BUNDLE_ENTERPRISE__CONTRIBSYS__COM=${{ env.BUNDLE_ENTERPRISE__CONTRIBSYS__COM }}
USER_ID=${{ env.VETS_API_USER_ID }}
context: .
push: false
load: true
tags: vets-api
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Setup Database
run: |
docker-compose -f docker-compose.test.yml run web bash \
-c "CI=true RAILS_ENV=test DISABLE_BOOTSNAP=true bundle exec parallel_test -n 13 -e 'bin/rails db:reset'"
- name: Get changed files
run: |
FILES=$(gh pr view ${{ github.event.pull_request.number }} --json files -q '[.files[].path | "\"" + . + "\""] | join(",")')
echo "CHANGED_FILES=$FILES" >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run service tags audit controllers task
run: |
docker-compose -f docker-compose.test.yml run -e CHANGED_FILES=${{ env.CHANGED_FILES }} web bash \
-c "CI=true DISABLE_BOOTSNAP=true bundle exec rake service_tags:audit_controllers_ci"