Merge remote-tracking branch 'upstream/master' #994
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Philomena Build | |
on: [push, pull_request] | |
jobs: | |
build: | |
name: 'Build Elixir app' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Cache mix deps | |
uses: actions/cache@v4 | |
with: | |
path: | | |
_build | |
.cargo | |
deps | |
key: ${{ runner.os }}-deps-2-${{ hashFiles('mix.lock') }} | |
- name: Enable caching | |
run: | | |
# Disable volumes so caching can take effect | |
sed -i -Ee 's/- app_[a-z]+_data:.*$//g' docker-compose.yml | |
# Make ourselves the owner | |
echo "RUN addgroup -g $(id -g) -S appgroup && adduser -u $(id -u) -S appuser -G appgroup" >> docker/app/Dockerfile | |
echo "USER appuser" >> docker/app/Dockerfile | |
echo "RUN mix local.hex --force && mix local.rebar --force" >> docker/app/Dockerfile | |
- run: docker compose pull | |
- run: docker compose build | |
- name: Build and test | |
run: docker compose run app run-test | |
- name: Security lint | |
run: | | |
docker compose run app mix sobelow --config | |
docker compose run app mix deps.audit | |
- name: Dialyzer | |
run: | | |
docker compose run app mix dialyzer | |
typos: | |
name: 'Check for spelling errors' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: crate-ci/typos@master | |
lint-and-test: | |
name: 'JavaScript Linting and Unit Tests' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '20' | |
- name: Cache node_modules | |
id: cache-node-modules | |
uses: actions/cache@v4 | |
with: | |
path: ./assets/node_modules | |
key: node_modules-${{ hashFiles('./assets/package-lock.json') }} | |
- name: Install npm dependencies | |
if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
run: npm ci --ignore-scripts | |
working-directory: ./assets | |
- run: npm run lint | |
working-directory: ./assets | |
- run: npm run test | |
working-directory: ./assets |