-
-
Notifications
You must be signed in to change notification settings - Fork 4
130 lines (118 loc) · 3.43 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: Deploy
on:
push:
branches:
- master
jobs:
ci:
name: CI
runs-on: ubuntu-latest
timeout-minutes: 15
container: golang:1
services:
db:
image: postgres:15
ports:
- 5432:5432
env:
POSTGRES_PASSWORD: password
POSTGRES_USER: postgres
POSTGRES_DB: captcha
options: >-
--health-cmd pg_isready
--health-interval 30s
--health-timeout 20s
--health-retries 5
cache:
image: redis:7
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 30s
--health-timeout 20s
--health-retries 5
mongo:
image: mongo:6
ports:
- 27017:27017
env:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: password
MONGO_INITDB_DATABASE: captcha
options: >-
--health-cmd "echo 'db.runCommand(\"ping\").ok' | mongosh mongodb://localhost:27017/test --quiet"
--health-interval 30s
--health-timeout 20s
--health-retries 5
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: TruffleHog OSS
uses: trufflesecurity/trufflehog@main
with:
path: ./
base: ${{ github.event.repository.default_branch }}
head: HEAD
extra_args: --debug --only-verified
- name: Build
run: go build -buildvcs=false .
- name: Run test & coverage
run: go test -v -coverprofile=coverage.out -covermode=atomic ./...
env:
ENVIRONMENT: development
DATABASE_URL: postgres://postgres:password@db:5432/captcha?sslmode=disable
REDIS_URL: redis://@cache:6379/
MONGO_URL: mongodb://root:password@mongo:27017/captcha?useNewUrlParser=true&useUnifiedTopology=true&authSource=admin
MONGO_DBNAME: captcha
TZ: UTC
- uses: codecov/codecov-action@v3
cd:
name: CD
runs-on: ubuntu-latest
timeout-minutes: 30
needs:
- ci
permissions:
contents: read
packages: write
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to the Container registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4
with:
images: ghcr.io/${{ github.repository }}
flavor: |
latest=false
tags: |
type=edge
type=sha
- name: Build and push Docker image
uses: docker/build-push-action@v3
with:
context: "{{defaultContext}}"
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Create Sentry release
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_TOKEN }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
with:
environment: production
set_commits: skip
version: ${{ github.sha }}