Update GitHub Actions CI configurations

- Add Bullet gem for N+1 query detection
- Add Rails best practices gem
- Creat DB schema with db:migrate
- Add DB schema consistency check
- Setup linters and unit test jobs in CI pipeline

.github/dependabot.yml

@@ -1,12 +1,47 @@
 version: 2
 updates:
+  # Enable version updates for gems using bundler
   - package-ecosystem: bundler
     directory: '/'
     schedule:
       interval: daily
-    open-pull-requests-limit: 10
-  - package-ecosystem: github-actions
+    commit-message:
+      prefix: '[GEM] '
+      include: scope
+    labels:
+      - bundler
+      - dependencies
+
+  # Enable version updates for npm
+  - package-ecosystem: npm
+    directory: '/'
+    schedule:
+      interval: daily
+    commit-message:
+      prefix: '[NPM] '
+      include: scope
+    labels:
+      - npm
+      - dependencies
+
+  # Enable version updates for Docker
+  - package-ecosystem: docker
     directory: '/'
     schedule:
       interval: daily
-    open-pull-requests-limit: 10
+    commit-message:
+      prefix: '[Docker] '
+      include: scope
+    labels:
+      - docker
+
+  # Enable version updates for GitHub Actions
+  - package-ecosystem: github-actions
+    directory: '/'
+    schedule:
+      interval: weekly
+    commit-message:
+      prefix: '[CI] '
+      include: scope
+    labels:
+      - github-actions

.github/workflows/ci.yml

@@ -3,52 +3,220 @@ name: CI
 on:
   pull_request:
   push:
-    branches: [main]
+    branches:
+      - develop
+      - main
+
+# Avoid concurrency on the same branch to prevent parallel runs
+# Skip this for develop and main branches, since we don't want to break releases
+concurrency:
+  group: ${{ (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop') && format('no-concurrency-{0}', github.run_id) || format('{0}-{1}', github.workflow, github.ref) }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }}
+
+env:
+  RUBY_YJIT_ENABLE: 1
 
 jobs:
-  scan_ruby:
+  ## Uncomment this to test the workflows and see CI context
+  #  CI-Context:
+  #    name: CI Context check
+  #
+  #    runs-on: ubuntu-latest
+  #
+  #    steps:
+  #      - name: Dump context
+  #        env:
+  #          GITHUB_CONTEXT: ${{ toJson(github) }}
+  #          JOB_CONTEXT: ${{ toJson(job) }}
+  #          STEPS_CONTEXT: ${{ toJson(steps) }}
+  #        run: |
+  #          echo "$GITHUB_CONTEXT"
+  #          echo "$JOB_CONTEXT"
+  #          echo "$STEPS_CONTEXT"
+
+  rubocop-linters:
+    name: Rubocop Linters
+
     runs-on: ubuntu-latest
 
+    # Important conditions, since all following jobs depend on this job and do not check for these conditions again
+    # Run for any push event or PR but skip draft PRs
+    if: >-
+      ${{
+        github.event_name == 'push' ||
+        (github.event_name == 'pull_request' && github.event.pull_request.draft == false)
+      }}
+
     steps:
-      - name: Checkout code
+      - name: Checkout repository 🛎
         uses: actions/checkout@v4
+        with:
+          show-progress: false
 
-      - name: Set up Ruby
+      - name: Setup Ruby and install gems ⚙️
         uses: ruby/setup-ruby@v1
         with:
           ruby-version: .ruby-version
           bundler-cache: true
 
-      - name: Scan for common Rails security vulnerabilities using static analysis
-        run: bin/brakeman --no-pager
+      - name: Run rubocop linters 🧹
+        run: |
+          bundle exec rubocop --parallel
+
+  non-ruby-linters:
+    name: Non-Ruby Linters
 
-  scan_js:
     runs-on: ubuntu-latest
 
+    # Important conditions, since all following jobs depend on this job and do not check for these conditions again
+    # Run for any push event or PR but skip draft PRs
+    if: >-
+      ${{
+        github.event_name == 'push' ||
+        (github.event_name == 'pull_request' && github.event.pull_request.draft == false)
+      }}
+
     steps:
-      - name: Checkout code
+      - name: Checkout repository 🛎️
         uses: actions/checkout@v4
+        with:
+          show-progress: false
+
+      - name: Setup Node.js ⚙️
+        uses: actions/setup-node@v4
+        with:
+          node-version-file: '.nvmrc'
+          cache: 'npm'
+
+      - name: Install NPM ⚙️
+        run: npm install -g "npm@$(jq -r .engines.npm ./package.json)"
+
+      - name: Print Node.js and NPM context 🖨️
+        run: |
+          echo "Expected Node.js version: $(jq -r .engines.node ./package.json)"
+          echo "Actual Node.js version: $(node -v)"
+          echo "Expected NPM version: $(jq -r .engines.npm ./package.json)"
+          echo "Actual NPM version: $(npm -v)"
+
+      - name: Install dependencies ⚙️
+        run: npm ci --ignore-scripts
+
+      - name: Run linter 🧹
+        run: npm run lint
+
+  rails-best-practices:
+    name: Rails best practices
+
+    runs-on: ubuntu-latest
 
-      - name: Set up Ruby
+    # Important conditions, since all following jobs depend on this job and do not check for these conditions again
+    # Run for any push event or PR but skip draft PRs
+    if: >-
+      ${{
+        github.event_name == 'push' ||
+        (github.event_name == 'pull_request' && github.event.pull_request.draft == false)
+      }}
+
+    steps:
+      - name: Checkout repository 🛎
+        uses: actions/checkout@v4
+        with:
+          show-progress: false
+
+      - name: Setup Ruby and install gems ⚙️
         uses: ruby/setup-ruby@v1
         with:
           ruby-version: .ruby-version
           bundler-cache: true
 
-      - name: Scan for security vulnerabilities in JavaScript dependencies
-        run: bin/importmap audit
+      - name: Rails Best Practices
+        run: bundle exec rails_best_practices
+
+  unit-tests:
+    name: Unit tests
 
-  lint:
     runs-on: ubuntu-latest
+
+    needs:
+      - rubocop-linters
+      - non-ruby-linters
+      - rails-best-practices
+
+    services:
+      redis:
+        image: redis
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 6379:6379
+
+      postgres:
+        image: postgres:16-alpine
+        ports:
+          - 5432:5432
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRESQL_FSYNC: off
+        options: >-
+          --health-cmd "pg_isready -U postgres"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
     steps:
-      - name: Checkout code
+      - name: Install dependent libraries ⚙️
+        run: |
+          sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
+          wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
+          sudo apt update
+          sudo apt-get install -y postgresql-client-16 libpq-dev
+
+      - name: Display openssl versions
+        run: dpkg -l | grep ssl
+
+      - name: Checkout repository 🛎
         uses: actions/checkout@v4
+        with:
+          show-progress: false
 
-      - name: Set up Ruby
+      - name: Setup Ruby and install gems ⚙️
         uses: ruby/setup-ruby@v1
         with:
           ruby-version: .ruby-version
           bundler-cache: true
 
-      - name: Lint code for consistent style
-        run: bin/rubocop -f github
+      - name: Setup DB 💿
+        run: |
+          bundle exec rake db:create
+          bundle exec rake db:schema:load
+        env:
+          RAILS_ENV: test
+          DATABASE_URL: 'postgresql://postgres:postgres@localhost/event_radar_test'
+
+      - name: Enable db reset test
+        run: |
+          mv spec/db_reset spec/db_reset_spec.rb
+
+      - name: Run db reset test
+        run: |
+          bundle exec rspec spec/db_reset_spec.rb
+        env:
+          RAILS_ENV: test
+          DATABASE_URL: 'postgresql://postgres:postgres@localhost/event_radar_test'
+
+      - name: Disable db reset test
+        run: |
+          mv spec/db_reset_spec.rb spec/db_reset_spec
+
+      - name: Run RSpec 🧪
+        run: |
+          bundle exec rspec
+        env:
+          DATABASE_URL: 'postgresql://postgres:postgres@localhost/event_radar_test'
+          REDIS_URL: 'redis://localhost:6379'
+          RAILS_ENV: test
+          VCR_CONSISTENCY_CHECK: true

Gemfile

@@ -89,7 +89,7 @@ group :development, :test do
 
   # ruby-prof is a profiler for MRI Ruby
   gem 'ruby-prof'
-  gem 'test-prof'
+  # gem 'test-prof'
   gem 'stackprof'
 
   # Code quality tools
@@ -106,6 +106,11 @@ group :development, :test do
   gem 'rubocop-rake', '~> 0.6.0'
   gem 'rubocop-rspec', '~> 3.0.4'
   gem 'rubocop-rspec_rails', '~> 2.30.0'
+
+  # Code metric tool
+  gem 'rails_best_practices', require: false
+  # Detects N+1 queries and unused eager loading
+  gem 'bullet', '~> 7'
 end
 
 group :development do

Gemfile.lock

@@ -99,6 +99,11 @@ GEM
     brakeman (6.2.1)
       racc
     builder (3.3.0)
+    bullet (7.2.0)
+      activesupport (>= 3.0.0)
+      uniform_notifier (~> 1.11)
+    code_analyzer (0.5.5)
+      sexp_processor
     coderay (1.1.3)
     concurrent-ruby (1.3.4)
     connection_pool (2.4.1)
@@ -123,6 +128,7 @@ GEM
     drb (2.2.1)
     e2mmap (0.1.0)
     erubi (1.13.0)
+    erubis (2.7.0)
     et-orbi (1.2.11)
       tzinfo
     factory_bot (6.4.6)
@@ -267,6 +273,14 @@ GEM
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
       nokogiri (~> 1.14)
+    rails_best_practices (1.23.2)
+      activesupport
+      code_analyzer (~> 0.5.5)
+      erubis
+      i18n
+      json
+      require_all (~> 3.0)
+      ruby-progressbar
     railties (7.2.1)
       actionpack (= 7.2.1)
       activesupport (= 7.2.1)
@@ -290,6 +304,7 @@ GEM
     regexp_parser (2.9.2)
     reline (0.5.9)
       io-console (~> 0.5)
+    require_all (3.0.0)
     reverse_markdown (2.1.1)
       nokogiri
     rexml (3.3.7)
@@ -368,6 +383,7 @@ GEM
     rufus-scheduler (3.9.1)
       fugit (~> 1.1, >= 1.1.6)
     securerandom (0.3.1)
+    sexp_processor (4.17.2)
     shoulda-matchers (6.4.0)
       activesupport (>= 5.2.0)
     sidekiq (7.3.1)
@@ -423,14 +439,14 @@ GEM
       activerecord (>= 6.1)
     terminal-table (3.0.2)
       unicode-display_width (>= 1.1.1, < 3)
-    test-prof (1.4.2)
     thor (1.3.2)
     tilt (2.4.0)
     timecop (0.9.10)
     timeout (0.4.1)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.5.0)
+    uniform_notifier (1.16.0)
     unparser (0.6.15)
       diff-lcs (~> 1.3)
       parser (>= 3.3.0)
@@ -464,6 +480,7 @@ DEPENDENCIES
   binding_of_caller
   bootsnap
   brakeman
+  bullet (~> 7)
   data_migrate (~> 11.0.0)
   database_cleaner-active_record
   debug
@@ -482,6 +499,7 @@ DEPENDENCIES
   puma (>= 6.4.2)
   rack-cors (~> 2.0.2)
   rails (~> 7.2.1)
+  rails_best_practices
   rake (~> 13.2.1)
   redis (>= 5.3.0)
   rspec (~> 3.13)
@@ -509,7 +527,6 @@ DEPENDENCIES
   spring-watcher-listen
   stackprof
   strong_migrations
-  test-prof
   timecop
   tzinfo-data
   vcr (~> 6.3.1)