Set Up GitHub Repository Configuration #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Comprehensive CI | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| name: Test & Quality Checks | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| checks: write | |
| services: | |
| postgres: | |
| image: ghcr.io/pgmq/pg17-pgmq:v1.7.0 | |
| env: | |
| POSTGRES_USER: postgres | |
| POSTGRES_PASSWORD: postgres | |
| POSTGRES_DB: postgres | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Elixir | |
| uses: erlef/setup-beam@v1 | |
| with: | |
| elixir-version: '1.19' | |
| otp-version: '28' | |
| - name: Cache Mix dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: deps | |
| key: ${{ runner.os }}-mix-deps-${{ hashFiles('**/mix.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-mix-deps- | |
| - name: Cache compiled build | |
| uses: actions/cache@v4 | |
| with: | |
| path: _build | |
| key: ${{ runner.os }}-mix-build-${{ env.MIX_ENV }}-${{ hashFiles('**/mix.lock') }}-${{ hashFiles('lib/**/*.ex') }} | |
| restore-keys: | | |
| ${{ runner.os }}-mix-build-${{ env.MIX_ENV }}-${{ hashFiles('**/mix.lock') }}- | |
| ${{ runner.os }}-mix-build-${{ env.MIX_ENV }}- | |
| - name: Cache PLT files | |
| uses: actions/cache@v4 | |
| with: | |
| path: priv/plts | |
| key: ${{ runner.os }}-plt-${{ hashFiles('**/mix.lock') }}-${{ hashFiles('lib/**/*.ex') }} | |
| restore-keys: | | |
| ${{ runner.os }}-plt-${{ hashFiles('**/mix.lock') }}- | |
| ${{ runner.os }}-plt- | |
| - name: Install dependencies | |
| run: mix deps.get | |
| - name: Compile dependencies | |
| run: mix deps.compile | |
| - name: Compile application | |
| run: mix compile --warnings-as-errors | |
| - name: Wait for PostgreSQL | |
| run: | | |
| timeout 30 bash -c 'until pg_isready -h localhost -p 5432 -U postgres; do sleep 1; done' | |
| env: | |
| PGPASSWORD: postgres | |
| - name: Create test database | |
| run: | | |
| psql -h localhost -p 5432 -U postgres -tc "SELECT 1 FROM pg_database WHERE datname = 'singularity_workflow_test'" | grep -q 1 || \ | |
| psql -h localhost -p 5432 -U postgres -c "CREATE DATABASE singularity_workflow_test;" | |
| env: | |
| PGPASSWORD: postgres | |
| - name: Run migrations | |
| run: mix ecto.migrate | |
| env: | |
| MIX_ENV: test | |
| DATABASE_URL: "postgresql://postgres:postgres@localhost:5432/singularity_workflow_test" | |
| - name: Check code formatting | |
| run: mix format --check-formatted | |
| - name: Run Credo (linter) | |
| run: mix credo --strict | |
| - name: Run tests with coverage | |
| run: mix coveralls.json | |
| env: | |
| MIX_ENV: test | |
| DATABASE_URL: "postgresql://postgres:postgres@localhost:5432/singularity_workflow_test" | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| files: ./cover/excoveralls.json | |
| flags: unittests | |
| fail_ci_if_error: false | |
| - name: Run Dialyzer (type checker) | |
| run: mix dialyzer --format github | |
| - name: Run Sobelow (security scanner) | |
| run: mix sobelow --exit-on-warning --skip | |
| - name: Audit dependencies for vulnerabilities | |
| run: mix deps.audit | |
| build-docker: | |
| name: Build Docker Image | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: false | |
| tags: singularity-workflow:test | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max |