chore: update dependabot to only push minor and patch updates for npm… #547
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: push | |
jobs: | |
hadolint: | |
name: runner / hadolint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: hadolint/[email protected] | |
with: | |
dockerfile: Dockerfile | |
gosec: | |
name: runner / gosec | |
runs-on: ubuntu-latest | |
env: | |
GO111MODULE: on | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Run Gosec Security Scanner | |
uses: securego/gosec@master | |
with: | |
args: -severity medium ./... | |
prettier: | |
name: runner / prettier | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up npm | |
uses: actions/setup-node@v4 | |
- name: Install dependencies | |
working-directory: ./ui | |
run: npm install | |
- name: Prettify code | |
working-directory: ./ui | |
run: npm run prettier | |
typocheck: | |
name: runner / Spell Check with Typos | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Actions Repository | |
uses: actions/checkout@v4 | |
- name: Check for typos | |
uses: crate-ci/typos@master | |
with: | |
config: ./.typos.toml | |
go-staticcheck: | |
name: runner / Go package | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Install Dependencies | |
run: | | |
sudo apt-get install -y libwebp-dev | |
go install honnef.co/go/tools/cmd/staticcheck@latest | |
- name: staticcheck | |
run: | | |
go install honnef.co/go/tools/cmd/staticcheck@latest | |
staticcheck ./... | |
golines: | |
name: runner / golines | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: golines | |
run: | | |
go install github.com/segmentio/golines@latest | |
golines --write-output --ignored-dirs=vendor . | |
go-test-build: | |
name: runner / Go Test Build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Install Dependencies | |
run: | | |
sudo apt-get install -y libwebp-dev | |
- name: build | |
run: go build cmd/*go | |
build-push-songstitch: | |
name: runner / Build and Push SongStitch Image | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
id-token: write | |
env: | |
IMAGE_NAME: song-stitch | |
IMAGE_REGISTRY: ghcr.io | |
IMAGE_REPOSITORY: songstitch | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{env.IMAGE_REGISTRY}}/${{env.IMAGE_REPOSITORY}}/${{env.IMAGE_NAME}} | |
tags: | | |
type=sha | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.IMAGE_REGISTRY }} | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build and push | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
push: true | |
platforms: linux/amd64 # only build X86 for now since arm emulation is slow | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
deploy-dev: | |
name: runner / Deploy dev | |
runs-on: ubuntu-latest | |
needs: build-push-songstitch | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: superfly/flyctl-actions/setup-flyctl@master | |
- run: flyctl deploy --image ghcr.io/songstitch/song-stitch:sha-${GITHUB_SHA::7} -c fly.dev.toml | |
env: | |
FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN_DEV }} | |
test-dev: | |
name: runner / Smoke Test Dev | |
runs-on: ubuntu-latest | |
needs: deploy-dev | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Run Tests | |
run: TEST_DOMAIN=songstitch-dev.fly.dev make test | |
deploy-prod: | |
name: runner / Deploy app | |
runs-on: ubuntu-latest | |
needs: build-push-songstitch | |
if: github.ref == 'refs/heads/main' | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: superfly/flyctl-actions/setup-flyctl@master | |
- run: flyctl deploy --image ghcr.io/songstitch/song-stitch:sha-${GITHUB_SHA::7} | |
env: | |
FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} | |
- name: Purge cache | |
uses: nathanvaughn/actions-cloudflare-purge@master | |
with: | |
cf_zone: ${{ secrets.CLOUDFLARE_ZONE }} | |
cf_auth: ${{ secrets.CLOUDFLARE_TOKEN }} | |
test-prod: | |
name: runner / Smoke Test | |
runs-on: ubuntu-latest | |
needs: deploy-prod | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Run Tests | |
run: make test |