Skip to content

Commit

Permalink
Technical debt: Let's Encrypt, Github Actions, Selenium tests (#905)
Browse files Browse the repository at this point in the history
* Cleanup expired Let's Encrypt CA

Let's Encrypt old Certificate Authority expired on Sept 30, 2021.
Most of InSTEDD's infra uses those certificates (as does rails-assets),
so this patch makes new certificates work again.

* Try to guess server's IP when there's more than one

The previous way of guessing the IP address of the server
for Capybara tests failed if we had more than one IP address.

This new way doesn't guarantee to pick the right IP, but it
works strictly better than the previous one.

* Migrate CI to Github Actions

So long, Travis - and thanks for all the fish!

* Fix Selenium Firefox image version

We pin it to the one that was current back when the tests were
re-enabled, in aed2616

Tests were failing due to an error possibly caused by this
image getting updated.

See https://stackoverflow.com/a/63251911/641451
See 4d5f84e

* Update alto_guisso_rails to support Let's Encrypt

The previous versions were using an old, bundled CA trust store.
  • Loading branch information
matiasgarciaisaia authored Nov 15, 2021
1 parent 93935b8 commit 928a8f2
Show file tree
Hide file tree
Showing 9 changed files with 51 additions and 38 deletions.
36 changes: 36 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: CI

on: [push, pull_request]

jobs:
test:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2

- name: Set environment up
run: |
mv docker-compose.ci.yml docker-compose.override.yml
docker-compose pull
docker-compose up -d db elasticsearch redis
docker-compose run --rm --no-deps web bundle
docker-compose run --rm --no-deps web rake db:setup
docker-compose run --rm --no-deps web rake db:test:prepare
- name: Run specs
run: |
docker-compose run --rm web bundle exec rspec spec/ plugins/
docker-compose run --rm web bundle exec rspec -t js spec/integration/
docker-compose run --rm web bundle exec rake jasmine:ci
build:
needs: test
runs-on: ubuntu-20.04
env:
DOCKER_REPOSITORY: 'instedd/resourcemap'
DOCKER_USER: ${{ secrets.DOCKER_USER }}
DOCKER_PASS: ${{ secrets.DOCKER_PASS }}
steps:
- uses: actions/checkout@v2
- name: Build image & push to Docker Hub
run: ./build.sh
33 changes: 0 additions & 33 deletions .travis.yml

This file was deleted.

3 changes: 3 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
FROM ruby:2.3

# Cleanup expired Let's Encrypt CA (Sept 30, 2021)
RUN sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf && update-ca-certificates -f

# Install dependencies
RUN \
apt-get update && \
Expand Down
3 changes: 3 additions & 0 deletions Dockerfile-dev
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
FROM ruby:2.3

# Cleanup expired Let's Encrypt CA (Sept 30, 2021)
RUN sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf && update-ca-certificates -f

RUN \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y libzmq3-dev nodejs && \
Expand Down
1 change: 1 addition & 0 deletions Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ gem "omniauth"
gem "omniauth-openid"
gem 'alto_guisso', :git => "https://github.com/instedd/alto_guisso", branch: 'master'
gem 'alto_guisso_rails', :git => "https://github.com/instedd/alto_guisso_rails", branch: 'master'
gem 'dalli', '~> 2.7' # alto_guisso_rails dependency, dalli >= 3.0 require Ruby 2.5+
gem 'oj', '~> 2.15.0'
gem 'nokogiri'
gem 'carrierwave'
Expand Down
7 changes: 5 additions & 2 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,12 @@ GIT

GIT
remote: https://github.com/instedd/alto_guisso_rails
revision: bd944d08c59e5835285f0d956fb1fb00402fc385
revision: 3324e4e85040b4db6279099309e9cb6f836ee331
branch: master
specs:
alto_guisso_rails (0.0.1)
alto_guisso_rails (0.0.2)
alto_guisso
dalli
omniauth
omniauth-openid
rack-oauth2
Expand Down Expand Up @@ -164,6 +165,7 @@ GEM
columnize (0.8.9)
concurrent-ruby (1.1.4)
daemons (1.2.3)
dalli (2.7.11)
database_cleaner (1.3.0)
debug_inspector (0.0.2)
debugger-linecache (1.2.0)
Expand Down Expand Up @@ -560,6 +562,7 @@ DEPENDENCIES
capybara
carrierwave
coffee-rails (~> 4.0.1)
dalli (~> 2.7)
database_cleaner
decent_exposure
devise
Expand Down
2 changes: 1 addition & 1 deletion travis-build.sh → build.sh
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
#!/bin/bash
set -eo pipefail

source <(curl -s https://raw.githubusercontent.com/manastech/ci-docker-builder/e556ffa1319a966df778d3559a4b29505ca8dceb/travis-build.sh)
source <(curl -s https://raw.githubusercontent.com/manastech/ci-docker-builder/a2d44f8b7f155afe5a9652252cfb262871846a41/build.sh)

dockerSetup
echo $VERSION > VERSION
Expand Down
2 changes: 1 addition & 1 deletion config/initializers/selenium_docker.rb
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@

def setup_capybara_docker_driver_if_needed
unless ENV['SELENIUM_URL'].nil? || ENV['SELENIUM_URL'].empty?
ip = `/sbin/ip route|awk '/scope/ { print $9 }'`.gsub("\n", "")
ip = `/sbin/ip route|awk '/scope/ { print $9 }'`.split("\n").last

Capybara.javascript_driver = :docker_firefox
Capybara.server_port = 55555
Expand Down
2 changes: 1 addition & 1 deletion docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ services:
- 3000:3000

selenium:
image: selenium/standalone-firefox
image: selenium/standalone-firefox:3.11
shm_size: 2g
volumes:
- .:/app
Expand Down

0 comments on commit 928a8f2

Please sign in to comment.