From 04b45a14fda29c7462c6107f046a7b70ea97e31e Mon Sep 17 00:00:00 2001 From: Matias Garcia Isaia Date: Wed, 24 May 2023 15:30:48 -0300 Subject: [PATCH 1/5] Fix Debian Stretch repositories Debian Stretch has been archived. This commit fixes the APT repositories. See https://unix.stackexchange.com/a/744408/49371 --- Dockerfile | 6 ++++++ Dockerfile.dev | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/Dockerfile b/Dockerfile index a93f629..7acbd21 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,11 @@ FROM ruby:2.3 +# Cleanup expired Let's Encrypt CA (Sept 30, 2021) +RUN sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf && update-ca-certificates -f + +RUN echo 'deb http://archive.debian.org/debian stretch main\n\ + deb http://archive.debian.org/debian-security stretch/updates main' > /etc/apt/sources.list + RUN \ apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y nodejs && \ diff --git a/Dockerfile.dev b/Dockerfile.dev index aead0d8..e83f9b7 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -1,5 +1,11 @@ FROM ruby:2.3 +# Cleanup expired Let's Encrypt CA (Sept 30, 2021) +RUN sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf && update-ca-certificates -f + +RUN echo 'deb http://archive.debian.org/debian stretch main\n\ + deb http://archive.debian.org/debian-security stretch/updates main' > /etc/apt/sources.list + RUN \ apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y nodejs && \ From 21e4eb8f7f5392b8bc9a2d834c733df068beb50b Mon Sep 17 00:00:00 2001 From: Matias Garcia Isaia Date: Wed, 24 May 2023 15:34:35 -0300 Subject: [PATCH 2/5] Add dev-setup script for docker development --- README.md | 18 +++++------------- dev-setup | 6 ++++++ 2 files changed, 11 insertions(+), 13 deletions(-) create mode 100755 dev-setup diff --git a/README.md b/README.md index efa6495..618fff0 100644 --- a/README.md +++ b/README.md @@ -38,22 +38,14 @@ Development Docker development ------------------ -`docker-compose.yml` file build a development environment mounting the current folder and running rails in development environment. +`docker-compose.yml` file builds a development environment mounting the current folder and running rails in development environment. -Run the following commands to have a stable development environment. +To have a stable development environment, simply run `./dev-setup`. -``` -$ docker-compose run --rm --no-deps web bundle install -$ docker-compose up -d db -$ docker-compose run --rm web rake db:setup -$ docker-compose up -``` - -To setup and run test, once the web container is running: +To run the test suite, once the web container is running (`docker compose up -d web`) run: ``` -$ docker-compose exec web bash -root@web_1 $ rake +docker compose exec web rake ``` API @@ -203,4 +195,4 @@ Pollit will forward any conversation with a logged user identifying them through If you don't want to use Intercom, you can simply omit `INTERCOM_APP_ID` or set it to ''. -To test the feature in development, add the `INTERCOM_APP_ID` variable and its value to the `environment` object inside the `web` service in `docker-compose.yml`. \ No newline at end of file +To test the feature in development, add the `INTERCOM_APP_ID` variable and its value to the `environment` object inside the `web` service in `docker-compose.yml`. diff --git a/dev-setup b/dev-setup new file mode 100755 index 0000000..d9b9cd9 --- /dev/null +++ b/dev-setup @@ -0,0 +1,6 @@ +#!/bin/bash -e +docker compose pull +docker compose build +docker compose run --rm --no-deps web bundle install +docker compose up -d --wait db +docker compose run --rm web rake db:setup From 115f7f826df452c9d867dfa2efe078c4ea6adbc0 Mon Sep 17 00:00:00 2001 From: Matias Garcia Isaia Date: Wed, 24 May 2023 15:35:02 -0300 Subject: [PATCH 3/5] Force use x86_64 Docker images in development We don't support ARM images yet --- docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index ff6879b..eee1f13 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,6 +3,7 @@ version: '2.0' services: db: image: mysql:5.6 + platform: linux/amd64 environment: MYSQL_ALLOW_EMPTY_PASSWORD: 'yes' volumes: @@ -12,6 +13,7 @@ services: build: context: . dockerfile: Dockerfile.dev + platform: linux/amd64 working_dir: /app environment: RAILS_ENV: From 7a84234bb619ec8333b1caf1f1087f4dceca16c4 Mon Sep 17 00:00:00 2001 From: Matias Garcia Isaia Date: Wed, 24 May 2023 16:35:55 -0300 Subject: [PATCH 4/5] Move CI to Github Actions Thanks, Travis, for all the fish --- .github/workflows/ci.yml | 33 +++++++++++++++++++++++++++++++++ build.sh | 15 +++++++++++++++ travis-build.sh | 8 -------- 3 files changed, 48 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/ci.yml create mode 100755 build.sh delete mode 100755 travis-build.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..8f2b229 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,33 @@ +name: CI + +on: [push, pull_request] + +jobs: + test: + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v3 + + - name: Set environment up + run: | + docker compose pull + docker compose up -d db + docker compose run --rm --no-deps web bundle + docker compose run --rm --no-deps web rake db:setup + docker compose run --rm --no-deps web rake db:test:prepare + + - name: Run specs + run: | + docker compose run --rm web bundle exec rspec spec + + build: + needs: test + runs-on: ubuntu-22.04 + env: + DOCKER_REPOSITORY: 'instedd/pollit' + DOCKER_USER: ${{ secrets.DOCKER_USER }} + DOCKER_PASS: ${{ secrets.DOCKER_PASS }} + steps: + - uses: actions/checkout@v3 + - name: Build image & push to Docker Hub + run: ./build.sh diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..d17f65e --- /dev/null +++ b/build.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -eo pipefail + +# This will load the script from this repository. Make sure to point to a specific commit so the build continues to work +# event if breaking changes are introduced in this repository +source /dev/stdin <<< "$(curl -s https://raw.githubusercontent.com/manastech/ci-docker-builder/055890240f6cfd633839bb32f8d4deef83214aed/build.sh)" + +# Prepare the build +dockerSetup + +# Write a VERSION file for the footer +echo $VERSION > VERSION + +# Build and push the Docker image +dockerBuildAndPush diff --git a/travis-build.sh b/travis-build.sh deleted file mode 100755 index da31443..0000000 --- a/travis-build.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -set -eo pipefail - -source <(curl -s https://raw.githubusercontent.com/manastech/ci-docker-builder/e556ffa1319a966df778d3559a4b29505ca8dceb/travis-build.sh) - -dockerSetup -echo $VERSION > VERSION -dockerBuildAndPush From c064ea33eb7a3ad29d6e870f4a9bee6a087a6031 Mon Sep 17 00:00:00 2001 From: Matias Garcia Isaia Date: Wed, 24 May 2023 16:10:59 -0300 Subject: [PATCH 5/5] Disable Devise sign ups if Guisso is enabled If we offload authorisations to Guisso, then avoid local users sign ups. Guisso is CAPTCHA-protected, so we'd rather use it for production than add CATPCHA protections to each InSTEDD app. --- config/routes.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/routes.rb b/config/routes.rb index a6d323e..0e5129e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -29,7 +29,7 @@ scope "(:locale)", :locale => /#{Locales.available.keys.join('|')}/ do - devise_for :users, :controllers => { + devise_for :users, :skip => [ ( :registrations if Guisso.enabled? ) ], :controllers => { :registrations => 'users/registrations', omniauth_callbacks: "omniauth_callbacks", sessions: "sessions"