[CMS 2][Experimental] Install beacon and beacon live admin #15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# source: https://fly.io/docs/elixir/advanced-guides/github-actions-elixir-ci-cd/#continuous-deployment-cd | |
name: Elixir CI | |
# Define workflow that runs when changes are pushed to the | |
# `main` branch or pushed to a PR branch that targets the `main` | |
# branch. Change the branch name if your project uses a | |
# different name for the main branch like "master" or "production". | |
on: | |
push: | |
branches: ["main"] # adapt branch for project | |
pull_request: | |
branches: ["main"] # adapt branch for project | |
# Sets the ENV `MIX_ENV` to `test` for running tests | |
env: | |
MIX_ENV: test | |
permissions: | |
contents: read | |
jobs: | |
test: | |
# Set up a Postgres DB service. By default, Phoenix applications | |
# use Postgres. This creates a database for running tests. | |
# Additional services can be defined here if required. | |
services: | |
db: | |
image: postgres:16.3 | |
ports: ["5432:5432"] | |
env: | |
POSTGRES_PASSWORD: postgres | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
runs-on: ubuntu-latest | |
name: Test on OTP ${{matrix.otp}} / Elixir ${{matrix.elixir}} | |
strategy: | |
# Specify the OTP and Elixir versions to use when building | |
# and running the workflow steps. | |
matrix: | |
otp: ["27.0.1"] # Define the OTP version [required] | |
elixir: ["1.17.2"] # Define the elixir version [required] | |
steps: | |
# Step: Setup Elixir + Erlang image as the base. | |
- name: Set up Elixir | |
uses: erlef/setup-beam@v1 | |
with: | |
otp-version: ${{matrix.otp}} | |
elixir-version: ${{matrix.elixir}} | |
# Step: Check out the code. | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
# Step: Define how to cache deps. Restores existing cache if present. | |
- name: Cache deps | |
id: cache-deps | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-elixir-deps | |
with: | |
path: deps | |
key: ${{ runner.os }}-mix-${{ env.cache-name }}-${{ hashFiles('**/mix.lock') }} | |
restore-keys: | | |
${{ runner.os }}-mix-${{ env.cache-name }}- | |
# Step: Define how to cache the `_build` directory. After the first run, | |
# this speeds up tests runs a lot. This includes not re-compiling our | |
# project's downloaded deps every run. | |
- name: Cache compiled build | |
id: cache-build | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-compiled-build | |
with: | |
path: _build | |
key: ${{ runner.os }}-mix-${{ env.cache-name }}-${{ hashFiles('**/mix.lock') }} | |
restore-keys: | | |
${{ runner.os }}-mix-${{ env.cache-name }}- | |
${{ runner.os }}-mix- | |
# Step: Conditionally bust the cache when job is re-run. | |
# Sometimes, we may have issues with incremental builds that are fixed by | |
# doing a full recompile. In order to not waste dev time on such trivial | |
# issues (while also reaping the time savings of incremental builds for | |
# *most* day-to-day development), force a full recompile only on builds | |
# that are retried. | |
- name: Clean to rule out incremental build as a source of flakiness | |
if: github.run_attempt != '1' | |
run: | | |
mix deps.clean --all | |
mix clean | |
shell: sh | |
# Step: Download project dependencies. If unchanged, uses | |
# the cached version. | |
- name: Install dependencies | |
run: mix deps.get | |
# Step: Compile the project treating any warnings as errors. | |
# Customize this step if a different behavior is desired. | |
- name: Compiles without warnings | |
run: mix compile --warnings-as-errors | |
# Step: Check that the checked in code has already been formatted. | |
# This step fails if something was found unformatted. | |
# Customize this step as desired. | |
- name: Check Formatting | |
run: mix format --check-formatted | |
# Step: Run Credo to check for the consistency of the code. | |
# Credo is a static code analysis tool for the Elixir language with a focus on teaching and code consistency. | |
- name: Check Credo | |
run: mix credo --strict | |
# Step: Run Sobelow to check for the consistency of the code. | |
# Sobelow is a security-focused static analysis tool for Elixir & the Phoenix framework. | |
# For security researchers, it is a useful tool for getting a quick view of points-of-interest. | |
# For project maintainers, it can be used to prevent the introduction of a number of common vulnerabilities. | |
- name: Check Sobelow | |
run: mix sobelow -i Config.HTTPS | |
# Cache key based on Erlang/Elixir version and the mix.lock hash | |
- name: Restore PLT cache | |
id: plt_cache | |
uses: actions/cache/restore@v3 | |
with: | |
key: | | |
plt-${{ runner.os }}-${{ steps.beam.outputs.otp-version }}-${{ steps.beam.outputs.elixir-version }}-${{ hashFiles('**/mix.lock') }} | |
restore-keys: | | |
plt-${{ runner.os }}-${{ steps.beam.outputs.otp-version }}-${{ steps.beam.outputs.elixir-version }}- | |
path: | | |
priv/plts | |
# Create PLTs if no cache was found | |
- name: Create PLTs | |
if: steps.plt_cache.outputs.cache-hit != 'true' | |
run: mix dialyzer --plt | |
# By default, the GitHub Cache action will only save the cache if all steps in the job succeed, | |
# so we separate the cache restore and save steps in case running dialyzer fails. | |
- name: Save PLT cache | |
id: plt_cache_save | |
uses: actions/cache/save@v3 | |
if: steps.plt_cache.outputs.cache-hit != 'true' | |
with: | |
key: | | |
plt-${{ runner.os }}-${{ steps.beam.outputs.otp-version }}-${{ steps.beam.outputs.elixir-version }}-${{ hashFiles('**/mix.lock') }} | |
path: | | |
priv/plts | |
- name: Run dialyzer | |
run: mix dialyzer --format github | |
# Step: Scan a project’s Mix dependencies for known Elixir security vulnerabilities | |
- name: Run mix deps audit | |
run: mix deps.audit | |
# Step: Show all Hex dependencies that have been marked as retired, which the package maintainers no longer recommended using. | |
- name: Run mix hex audit | |
run: mix hex.audit | |
# Step: Checks that the mix.lock file has no unused dependencie | |
- name: Check unused dependencies | |
run: mix deps.unlock --check-unused | |
# Step: Execute tests using ExCoveralls | |
- name: Run ExCoveralls | |
run: mix coveralls |