ruby-sdk/.github/workflows/main.yml at main · GStrawinsky/ruby-sdk · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
name: CI

on:
  - push
  - pull_request

permissions:
  contents: read

jobs:
  rspec:
    runs-on: ${{ matrix.os }}
    name: Ruby ${{ matrix.ruby }} on ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os:
          - ubuntu-latest
          # NOTE: hold off testing other platforms until we start having native dependencies or running into issues on them
          # - macos-latest
          # - windows-latest
        ruby:
          - "4.0"
          - "3.4"
          - "head"
    continue-on-error: ${{ matrix.ruby == 'head' }}
    env:
      BUNDLE_GEMFILE: Gemfile

    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby }}
      - run: bundle install
      - name: RSpec
        run: bundle exec rspec
      - name: Upload coverage to Codecov
        if: ${{ strategy.job-index == 0 }} # only run codecov on first run
        uses: codecov/codecov-action@v5.5.3
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          fail_ci_if_error: true
          verbose: true
          file: coverage/coverage.xml
  standard:
    name: Standard
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: ruby/setup-ruby@v1
        with:
          ruby-version: "4.0.2"
      - run: bundle install
      - name: Standard
        run: bundle exec rake standard
  cucumber:
    runs-on: ubuntu-latest
    name: Gherkin Conformance
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
          submodules: true
      - uses: ruby/setup-ruby@v1
        with:
          ruby-version: "4.0.2"
      - run: bundle install
      - name: Cucumber
        run: bundle exec cucumber
  steep:
    runs-on: ubuntu-latest
    name: Type Check
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: ruby/setup-ruby@v1
        with:
          ruby-version: "3.4.9"
      - run: bundle install
      - run: bundle exec rbs collection install
      - run: bundle exec steep check
  security:
    runs-on: ubuntu-latest
    name: Security Audit
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: ruby/setup-ruby@v1
        with:
          ruby-version: "4.0.2"
      - name: Bundle Audit
        run: bundle lock && gem install bundler-audit && bundle-audit check --update
  # check the status of other jobs, so we can have a single job dependency for branch protection
  # https://github.com/community/community/discussions/4324#discussioncomment-3477871
  status:
    name: CI Status
    runs-on: ubuntu-latest
    needs: [rspec, standard, cucumber, security, steep]
    if: always()
    steps:
      - name: Successful CI
        if: ${{ !(contains(needs.*.result, 'failure')) }}
        run: exit 0
      - name: Failing CI
        if: ${{ contains(needs.*.result, 'failure') }}
        run: exit 1