From 352cf389b16819ca0bfe96b9af11d8cfd50824a7 Mon Sep 17 00:00:00 2001 From: damccull <401104+damccull@users.noreply.github.com> Date: Thu, 23 Nov 2023 11:16:33 -1000 Subject: [PATCH] Add github workflows --- .github/workflows/audit.yml | 30 ++++++++++ .github/workflows/coverage.yml | 59 ++++++++++++++++++ .github/workflows/fly.yml | 29 +++++++++ .github/workflows/general.yml | 105 +++++++++++++++++++++++++++++++++ 4 files changed, 223 insertions(+) create mode 100644 .github/workflows/audit.yml create mode 100644 .github/workflows/coverage.yml create mode 100644 .github/workflows/fly.yml create mode 100644 .github/workflows/general.yml diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml new file mode 100644 index 0000000..c4277f3 --- /dev/null +++ b/.github/workflows/audit.yml @@ -0,0 +1,30 @@ +name: Security audit +on: + schedule: + - cron: '0 0 * * *' + push: + paths: + - '**/Cargo.lock' + - '.github/workflows/audit.yml' + pull_request: + paths: + - "**/Cargo.lock" + - '.github/workflows/audit.yml' + +jobs: + security_audit: + runs-on: ubuntu-latest + strategy: + matrix: + checks: + - advisories + - bans licenses sources + + # Prevent sudden announcement of a new advisory from failing ci + continue-on-error: ${{ matrix.checks == 'advisories' }} + + steps: + - uses: actions/checkout@v3 + - uses: EmbarkStudios/cargo-deny-action@v1 + with: + command: check ${{ matrix.checks }} diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml new file mode 100644 index 0000000..884ff9d --- /dev/null +++ b/.github/workflows/coverage.yml @@ -0,0 +1,59 @@ +name: Code coverage + +on: + push: + branches: + - main + pull_request: + types: [ opened, synchronize, reopened ] + branches: + - main + +env: + CARGO_TERM_COLOR: always + SQLX_VERSION: 0.6.3 + SQLX_FEATURES: "rustls,postgres" + +jobs: + coverage: + name: Code coverage + runs-on: ubuntu-latest + services: + postgres: + image: postgres:14 + env: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: password + POSTGRES_DB: postgres + ports: + - 5432:5432 + redis: + image: redis:7 + ports: + - 6379:6379 + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - uses: dtolnay/rust-toolchain@stable + - name: Install libpq + run: sudo apt-get update && sudo apt-get install postgresql-client -y + - uses: Swatinem/rust-cache@v2 + with: + key: sqlx-${{ env.SQLX_VERSION }} + - name: Install tarpaulin + run: cargo install cargo-tarpaulin + - name: Install sqlx-cli + run: + cargo install sqlx-cli + --version=${{ env.SQLX_VERSION }} + --features ${{ env.SQLX_FEATURES }} + --no-default-features + --locked + - name: Migrate database + run: | + cd zero2prod + SKIP_DOCKER=true cargo xtask postgres + - name: Generate code coverage + run: | + cd zero2prod + cargo tarpaulin --verbose diff --git a/.github/workflows/fly.yml b/.github/workflows/fly.yml new file mode 100644 index 0000000..4e97da2 --- /dev/null +++ b/.github/workflows/fly.yml @@ -0,0 +1,29 @@ +name: Fly Deploy +on: + push: + + workflow_run: + workflows: + - CI/CD Prechecks + #disable this workflow. To enable, remove this and uncomment the 'branches' section. + branches-ignore: + - '*' + #branches: + # - main + types: + - completed +jobs: + deploy: + name: Deploy app + runs-on: ubuntu-latest + # Only deploy the app if the `general` workflow was a success. + if: ${{ github.event.workflow_run.conclusion == 'success' }} + steps: + - uses: actions/checkout@v3 + - uses: superfly/flyctl-actions/setup-flyctl@master + - name: Deploy to fly.io + run: | + cd zero2prod + flyctl deploy --remote-only + env: + FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} diff --git a/.github/workflows/general.yml b/.github/workflows/general.yml new file mode 100644 index 0000000..ed4803d --- /dev/null +++ b/.github/workflows/general.yml @@ -0,0 +1,105 @@ +name: CI/CD Prechecks + +on: + push: + branches: + - main + - actix + pull_request: + types: [ opened, synchronize, reopened ] + branches: + - main + - actix + +env: + CARGO_TERM_COLOR: always + SQLX_VERSION: 0.6.3 + SQLX_FEATURES: "rustls,postgres" + +jobs: + test: + name: Test + runs-on: ubuntu-latest + services: + postgres: + image: postgres:14 + env: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: password + POSTGRES_DB: postgres + ports: + - 5432:5432 + redis: + image: redis:7 + ports: + - 6379:6379 + steps: + - uses: actions/checkout@v3 + - uses: dtolnay/rust-toolchain@stable + - uses: Swatinem/rust-cache@v2 + with: + key: sqlx-${{ env.SQLX_VERSION }} + - name: Install sqlx-cli + run: + cargo install sqlx-cli + --version=${{ env.SQLX_VERSION }} + --features ${{ env.SQLX_FEATURES }} + --no-default-features + --locked + - name: Migrate database + run: | + sudo apt-get install libpq-dev -y + cd zero2prod + SKIP_DOCKER=true cargo xtask postgres + - name: Check sqlx-data.json is up-to-date + run: | + cd zero2prod + cargo sqlx prepare --check -- --bin zero2prod + - name: Run tests + run: cargo test + + fmt: + name: Rustfmt + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt + - name: Enforce formatting + run: cargo fmt --check + + clippy: + name: Clippy + runs-on: ubuntu-latest + services: + postgres: + image: postgres:14 + env: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: password + POSTGRES_DB: postgres + ports: + - 5432:5432 + steps: + - uses: actions/checkout@v3 + - uses: dtolnay/rust-toolchain@stable + with: + components: clippy + - uses: Swatinem/rust-cache@v2 + with: + key: sqlx-${{ env.SQLX_VERSION }} + - name: Install sqlx-cli + run: + cargo install sqlx-cli + --version=${{ env.SQLX_VERSION }} + --features ${{ env.SQLX_FEATURES }} + --no-default-features + --locked + - name: Migrate database + run: | + sudo apt-get install libpq-dev -y + cd zero2prod + SKIP_DOCKER=true cargo xtask postgres + - name: Linting + run: cargo clippy -- -D warnings