Skip to content
Tests

[StepSecurity] Apply security best practices #188

Sign in to view logs

[StepSecurity] Apply security best practices

[StepSecurity] Apply security best practices #188

Workflow file for this run

.github/workflows/tests.yml at b3f9eea
name: Tests
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
permissions:
contents: read
jobs:
test_gem:
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
with:
egress-policy: audit
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: Set up Ruby
uses: ruby/setup-ruby@a4effe49ee8ee5b8b5091268c473a4628afb5651 # v1.245.0
with:
ruby-version: 3.0.3
bundler-cache: true
- name: Run tests
run: |
bundle exec rspec
test_examples:
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
with:
egress-policy: audit
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: Start dependencies
run: |
docker compose \
-f examples/docker-compose.yml \
up -d
- name: Set up Ruby
uses: ruby/setup-ruby@a4effe49ee8ee5b8b5091268c473a4628afb5651 # v1.245.0
with:
ruby-version: 3.0.3
- name: Bundle install
run: |
cd examples && bundle install --path vendor/bundle
- name: Wait for dependencies to settle
run: |
sleep 10
- name: Register namespace
run: |
cd examples && bin/register_namespace ruby-samples
- name: Wait for namespace to settle
run: |
sleep 10
- name: Boot up worker
run: |
cd examples && bin/worker &
- name: Boot up crypt worker
env:
USE_ENCRYPTION: 1
run: |
cd examples && bin/worker &
- name: Boot up worker for v2 error serialization tests
env:
USE_ERROR_SERIALIZATION_V2: 1
run: |
cd examples && bin/worker &
- name: Run RSpec
env:
USE_ERROR_SERIALIZATION_V2: 1
run: |
cd examples && bundle exec rspec