Skip to content

Disallow pushing gems with unresolved deps #7813

Disallow pushing gems with unresolved deps

Disallow pushing gems with unresolved deps #7813

Workflow file for this run

name: Docker
on:
pull_request:
push:
branches:
- master
- oidc-api-tokens
permissions:
contents: read
jobs:
build:
name: Docker build (and optional push)
runs-on: ubuntu-24.04
env:
RUBYGEMS_VERSION: "3.6.1"
RUBY_VERSION: "3.3.6"
permissions:
id-token: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # master
- name: Cache Docker layers
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-rubygems-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-rubygems-org
- name: Install and start services (needed for image test)
run: docker compose up -d
- name: Configure AWS credentials from Production account
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
if: github.secret_source != 'None'
with:
role-to-assume: arn:aws:iam::048268392960:role/rubygems-ecr-pusher
aws-region: us-west-2
- name: Login to Amazon ECR
if: github.secret_source != 'None'
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1
- name: build, test and optionally push docker image
run: ./script/build_docker.sh
env:
BUNDLE_PACKAGER__DEV: ${{ secrets.BUNDLE_PACKAGER__DEV }}
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache