ci setup on GH #2
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: main | |
paths-ignore: | |
- "*.md" | |
pull_request: | |
branches: main | |
paths-ignore: | |
- "*.md" | |
jobs: | |
test: | |
env: | |
MIX_ENV: test | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
runs-on: ubuntu-latest | |
services: | |
db: | |
image: postgres:latest | |
ports: ["5432:5432"] | |
env: | |
POSTGRES_PASSWORD: postgres | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: erlef/setup-beam@v1 | |
with: | |
otp-version: "24.3.2" | |
elixir-version: "1.14.2" | |
- name: Cache deps Directory | |
id: cache-deps | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-elixir-deps | |
with: | |
path: deps | |
key: ${{ runner.os }}-mix-${{ env.cache-name }}-${{ hashFiles('**/mix.lock') }} | |
restore-keys: | | |
${{ runner.os }}-mix-${{ env.cache-name }}- | |
- name: Cache Compiled build Directiory | |
id: cache-build | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-compiled-build | |
with: | |
path: _build | |
key: ${{ runner.os }}-mix-${{ env.cache-name }}-${{ hashFiles('**/mix.lock') }} | |
restore-keys: | | |
${{ runner.os }}-mix-${{ env.cache-name }}- | |
${{ runner.os }}-mix- | |
- name: Fetch Dependencies | |
run: mix deps.get | |
- name: Check Retired Dependencies | |
run: mix hex.audit | |
- name: Check Unused Dependencies | |
run: mix deps.unlock --check-unused | |
- name: Security Audit for Dependencies | |
run: mix deps.audit | |
- name: Code Formatting | |
run: mix format --check-formatted --dry-run | |
- name: Check Compilation | |
run: mix compile --all-warnings --warnings-as-errors | |
- name: Verify Migrations | |
run: mix ecto.create && mix ecto.migrate && mix ecto.rollback --all | |
- name: Static Code Analysis | |
run: mix credo --strict | |
- name: Security Analysis | |
run: mix sobelow -i Config.HTTPS | |
- name: Restore PLT Cache | |
uses: actions/cache@v3 | |
id: plt_cache | |
with: | |
key: | | |
${{ runner.os }}-${{ steps.beam.outputs.elixir-version }}-${{ steps.beam.outputs.otp-version }}-plt | |
restore-keys: | | |
${{ runner.os }}-${{ steps.beam.outputs.elixir-version }}-${{ steps.beam.outputs.otp-version }}-plt | |
path: | | |
priv/pltsas | |
- name: Create PLTs | |
if: steps.plt_cache.outputs.cache-hit != 'true' | |
run: mix dialyzer --plt | |
- name: Static Analysis for Types | |
run: mix dialyzer | |
- name: Run Tests and Coverage Report | |
run: mix coveralls.lcov | |
- name: Code Coverage | |
uses: zgosalvez/github-actions-report-lcov@v1 | |
with: | |
coverage-files: cover/lcov.info | |
minimum-coverage: 50 | |
artifact-name: code-coverage-report | |
github-token: ${{ secrets.GITHUB_TOKEN }} |