Skip to content

fix: re-state arg from env in Dockerfile #93

fix: re-state arg from env in Dockerfile

fix: re-state arg from env in Dockerfile #93

Workflow file for this run

name: ci
env:
REGISTRY: ghcr.io
IMAGE_NAME: peapescarte/pescarte-plataforma
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
lint:
runs-on: ubuntu-latest
env:
MIX_ENV: dev
strategy:
matrix:
otp: [26.2.5]
elixir: [1.16.2]
steps:
- uses: actions/checkout@v4
- uses: erlef/setup-beam@v1
with:
otp-version: ${{ matrix.otp }}
elixir-version: ${{ matrix.elixir }}
- name: Cache Elixir deps
uses: actions/cache@v1
id: deps-cache
with:
path: deps
key: ${{ runner.os }}-mix-${{ env.MIX_ENV }}-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}
- name: Cache Elixir _build
uses: actions/cache@v1
id: build-cache
with:
path: _build
key: ${{ runner.os }}-build-${{ env.MIX_ENV }}-${{ matrix.otp }}-${{ matrix.elixir }}-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}
- name: Install deps
if: steps.deps-cache.outputs.cache-hit != 'true'
run: |
mix local.rebar --force
mix local.hex --force
mix deps.get --only ${{ env.MIX_ENV }}
- name: Compile deps
if: steps.build-cache.outputs.cache-hit != 'true'
run: mix deps.compile --warnings-as-errors
- name: Run compiler checks
run: mix clean && mix compile --force --warning-as-errors
- name: Run formatter check
run: mix format --check-formatted
- name: Run static analysis
run: mix credo --strict
test:
runs-on: ubuntu-latest
env:
SUPABASE_KEY: "super-ci-key"
SUPABASE_URL: "http://localhost:123"
DATABASE_USER: "peapescarte"
DATABASE_PASS: "peapescarte"
MIX_ENV: test
strategy:
matrix:
otp: [26.2.5]
elixir: [1.16.2]
services:
postgres:
image: postgres:15
ports:
- 5432:5432
env:
POSTGRES_USER: peapescarte
POSTGRES_PASSWORD: peapescarte
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@v4
- uses: erlef/setup-beam@v1
with:
otp-version: ${{ matrix.otp }}
elixir-version: ${{ matrix.elixir }}
- name: Cache Elixir deps
uses: actions/cache@v1
id: deps-cache
with:
path: deps
key: ${{ runner.os }}-mix-${{ env.MIX_ENV }}-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}
- name: Cache Elixir _build
uses: actions/cache@v1
id: build-cache
with:
path: _build
key: ${{ runner.os }}-build-${{ env.MIX_ENV }}-${{ matrix.otp }}-${{ matrix.elixir }}-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}
- name: Install deps
if: steps.deps-cache.outputs.cache-hit != 'true'
run: |
mix local.rebar --force
mix local.hex --force
mix deps.get --only ${{ env.MIX_ENV }}
- name: Compile deps
if: steps.build-cache.outputs.cache-hit != 'true'
run: mix deps.compile --warnings-as-errors
- name: Run tests
run: mix test
build-dev:
runs-on: ubuntu-latest
needs: test
if: success() && github.ref == 'refs/heads/main'
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- uses: actions/checkout@v4
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Build and push Docker image (DEV)
id: push
uses: docker/build-push-action@v6
with:
context: .
from: ./Dockerfile
push: true
tags: ${{ env.IMAGE_NAME }}:dev
build-args: MIX_ENV="dev"
target: builder
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
build-prod:
runs-on: ubuntu-latest
needs: test
if: success() && github.ref == 'refs/heads/main'
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- uses: actions/checkout@v4
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Build and push Docker image (PROD)
id: push
uses: docker/build-push-action@v6
with:
context: .
from: ./Dockerfile
push: true
tags: ${{ env.IMAGE_NAME }}:prod
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true