From e309512206699e063f69d99f04b55ffae35aade3 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Feldis <5403+jbfeldis@users.noreply.github.com> Date: Thu, 23 May 2024 17:55:22 +0200 Subject: [PATCH] Ajoute rubocop et brakeman Local brakeman Missing bundle cache Brakeman bundle exec fun Add specs Add secret test env key Move test key to right place... Try adding rails master key in the test env ActionCable workaround for CI tests --- .github/workflows/lint.yml | 19 +++++++++++++++ .github/workflows/security.yml | 22 ++++++++++++++++++ .github/workflows/specs.yml | 42 ++++++++++++++++++++++++++++++++++ Gemfile | 1 + Gemfile.lock | 3 +++ config/application.rb | 3 ++- 6 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/lint.yml create mode 100644 .github/workflows/security.yml create mode 100644 .github/workflows/specs.yml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 00000000..8843fbbd --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,19 @@ +name: RuboCop + +on: [push] + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + cache-version: 321 + + - name: Run RuboCop + run: bundle exec rubocop --parallel diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 00000000..d23ade0e --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,22 @@ +name: Security + +on: [push] + +jobs: + security: + name: Brakeman (Static security) + if: "${{ github.actor != 'dependabot[bot]' }}" + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + cache-version: 321 + + - name: Run Brakeman + run: bundle exec brakeman -q diff --git a/.github/workflows/specs.yml b/.github/workflows/specs.yml new file mode 100644 index 00000000..41955257 --- /dev/null +++ b/.github/workflows/specs.yml @@ -0,0 +1,42 @@ +name: Tests + +on: + pull_request: + push: + branches: [ main ] + +jobs: + test: + runs-on: ubuntu-latest + + services: + postgres: + image: postgres + env: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + ports: + - 5432:5432 + options: --health-cmd="pg_isready" --health-interval=10s --health-timeout=5s --health-retries=3 + + steps: + - name: Install packages + run: sudo apt-get update && sudo apt-get install --no-install-recommends -y postgresql-client libpq-dev + + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: .ruby-version + bundler-cache: true + cache-version: 321 + + - name: Run tests + env: + RAILS_ENV: test + RAILS_TEST_KEY: ${{ secrets.RAILS_TEST_KEY }} + RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} + DATABASE_URL: postgres://postgres:postgres@localhost:5432 + run: bin/rails db:setup spec diff --git a/Gemfile b/Gemfile index 57b12771..a51720b0 100644 --- a/Gemfile +++ b/Gemfile @@ -70,6 +70,7 @@ group :development do # Speed up commands on slow machines / big apps [https://github.com/rails/spring] gem "spring" gem "spring-commands-rspec" + gem "brakeman" end group :test do diff --git a/Gemfile.lock b/Gemfile.lock index b44fe30c..36cce3a8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -86,6 +86,8 @@ GEM bindex (0.8.1) bootsnap (1.18.3) msgpack (~> 1.2) + brakeman (6.1.2) + racc builder (3.2.4) capybara (3.40.0) addressable @@ -396,6 +398,7 @@ PLATFORMS DEPENDENCIES bootsnap + brakeman capybara config debug diff --git a/config/application.rb b/config/application.rb index 8871a410..9e6920b5 100644 --- a/config/application.rb +++ b/config/application.rb @@ -11,7 +11,8 @@ # require "action_mailbox/engine" # require "action_text/engine" require "action_view/railtie" -# require "action_cable/engine" +# TODO: remove when https://github.com/hotwired/turbo-rails/pull/601 gets released +require "action_cable/engine" require "rails/test_unit/railtie" # Require the gems listed in Gemfile, including any gems