Update GitHub Actions workflow boilerplate. #593
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| ref: | |
| description: 'The branch, tag or SHA to checkout' | |
| default: main | |
| type: string | |
| jobs: | |
| snyk-security: | |
| name: SNYK security analysis | |
| uses: alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main | |
| secrets: inherit | |
| permissions: | |
| contents: read | |
| security-events: write | |
| actions: read | |
| codeql-sast: | |
| name: CodeQL SAST scan | |
| uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main | |
| permissions: | |
| security-events: write | |
| dependency-review: | |
| name: Dependency Review scan | |
| uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main | |
| lint-ruby: | |
| name: Lint Ruby | |
| uses: alphagov/govuk-infrastructure/.github/workflows/rubocop.yml@main | |
| security-analysis: | |
| name: Security Analysis | |
| uses: alphagov/govuk-infrastructure/.github/workflows/brakeman.yml@main | |
| secrets: inherit | |
| permissions: | |
| contents: read | |
| security-events: write | |
| actions: read | |
| test-ruby: | |
| name: Test Ruby | |
| runs-on: ubuntu-latest | |
| env: | |
| # As we're running the tests through Rake, we need to make sure they are run in the `test` | |
| # Rails env rather than `development` | |
| RAILS_ENV: test | |
| # All Google client library calls are mocked, but the application needs this set to boot | |
| DISCOVERY_ENGINE_SERVING_CONFIG: not-used | |
| DISCOVERY_ENGINE_DATASTORE_BRANCH: not-used | |
| # Redis running through govuk-infrastructure action | |
| REDIS_URL: redis://localhost:6379 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ inputs.ref || github.ref }} | |
| show-progress: false | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| - name: Setup Redis | |
| uses: alphagov/govuk-infrastructure/.github/actions/setup-redis@main | |
| - run: bin/rake |