generated from ghostwriter/wip
-
-
Notifications
You must be signed in to change notification settings - Fork 0
161 lines (145 loc) · 6.5 KB
/
automation.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
name: Automation
on:
pull_request:
push:
branches:
# Default branch
- "main"
# Release branches
## 1.2.x - e.g. Semantic Versioning
- "[0-9]+.[0-9]+.x"
## v1 - e.g. GitHub Actions Versioning
- "v[0-9]+"
schedule:
- cron: "0 * * * *" # Runs hourly
workflow_dispatch:
workflow_run:
workflows: ["Docker Build"]
types:
- completed
workflow_call:
secrets:
CODECOV_TOKEN:
required: false
GPG_PRIVATE_KEY:
required: false
INFECTION_DASHBOARD_API_KEY:
required: false
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
# values: read, write, none
permissions:
# actions: Work with GitHub Actions. For example, actions: write permits an action to cancel a workflow run.
actions: write
# checks: Work with check runs and check suites. For example, checks: write permits an action to create a check run.
checks: write
# contents: Work with the contents of the repository. For example, contents: read permits an action to list the commits, and contents:write allows the action to create a release.
contents: write
# deployments: Work with deployments. For example, deployments: write permits an action to create a new deployment.
deployments: write
# discussions: Work with GitHub Discussions. For example, discussions: write permits an action to close or delete a discussion.
discussions: write
# id-token: Fetch an OpenID Connect (OIDC) token. This requires id-token: write.
id-token: none
# issues: Work with issues. For example, issues: write permits an action to add a comment to an issue.
issues: write
# packages: Work with GitHub Packages. For example, packages: write permits an action to upload and publish packages on GitHub Packages.
packages: write
# pages: Work with GitHub Pages. For example, pages: write permits an action to request a GitHub Pages build.
pages: write
# pull-requests: Work with pull requests. For example, pull-requests: write permits an action to add a label to a pull request.
pull-requests: write
# repository-projects: Work with GitHub projects (classic). For example, repository-projects: write permits an action to add a column to a project (classic).
repository-projects: write
# security-events: Work with GitHub code scanning and Dependabot alerts. For example, security-events: read permits an action to list the Dependabot alerts for the repository, and security-events: write allows an action to update the status of a code scanning alert.
security-events: write
# statuses: Work with commit statuses. For example, statuses:read permits an action to list the commit statuses for a given reference.
statuses: write
jobs:
matrix:
name: Generate job matrix
concurrency:
group: ${{ github.head_ref || github.ref }}-${{ github.event_name }}-${{ github.workflow }}
cancel-in-progress: true
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.matrix.outputs.matrix }}
codecov: ${{ env.CODECOV_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v4
# - name: Determine CI Jobs (dev)
# id: matrix
# if: github.event_name == 'push' || github.event_name == 'pull_request'
# uses: ghostwriter/compliance@v1
# with:
# command: matrix
- name: Determine CI Jobs
id: matrix
uses: docker://ghcr.io/ghostwriter/compliance:v1
qa:
name: "[PHP${{ matrix.php }}][${{ matrix.dependency }}]${{ matrix.name }} on ${{ matrix.os }}"
needs: [matrix]
runs-on: ${{ matrix.os }}-latest
continue-on-error: ${{ matrix.dependency == 'lowest' || matrix.experimental }}
strategy:
fail-fast: false
matrix: ${{ fromJSON(needs.matrix.outputs.matrix) }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup PHP ${{ matrix.php }} with ${{ join(matrix.extensions, ', ') }} extensions.
uses: shivammathur/setup-php@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
coverage: pcov
tools: psalm,phpunit,infection
ini-values: assert.exception=1, zend.assertions=1, error_reporting=-1, log_errors_max_len=0, display_errors=On
php-version: ${{ matrix.php }}
extensions: :php-psr,pcntl, ${{ join(matrix.extensions, ', ') }}
- name: Setup problem matchers
run: |
echo "::add-matcher::${{ runner.tool_cache }}/php.json"
echo "::add-matcher::${{ runner.tool_cache }}/phpunit.json"
- name: Setup Cache Directory
id: composer-cache
run: echo "directory=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
- name: Cache composer dependencies
uses: actions/cache@v4
with:
path: ${{ steps.composer-cache.outputs.directory || matrix.composerCacheFilesDirectory }}
key: ${{ runner.os }}-php-${{ matrix.php }}-composer-${{ matrix.dependency }}-${{ hashFiles('**/composer.lock') }}
restore-keys: ${{ runner.os }}-php-${{ matrix.php }}-composer-${{ matrix.dependency }}-
- name: Validate composer.json file
working-directory: ${{ github.workspace }}
run: ${{ matrix.validateCommand }}
- name: Install ${{ matrix.dependency }} dependencies
working-directory: ${{ github.workspace }}
run: |
composer config --global github-oauth.github.com ${{secrets.GITHUB_TOKEN}};
composer config --no-plugins allow-plugins.ghostwriter/coding-standard true;
${{ matrix.installCommand }};
composer config --global --auth --unset github-oauth.github.com
- name: Run ${{ matrix.name }} command
run: ${{ matrix.runCommand }}
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
INFECTION_DASHBOARD_API_KEY: ${{ secrets.INFECTION_DASHBOARD_API_KEY || secrets.STRYKER_DASHBOARD_API_KEY }}
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v5
if: ${{ matrix.name == 'PHPUnit' }}
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
directory: ${{ github.workspace }}/.cache/phpunit/
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true
- name: Upload test results to Codecov
if: ${{ matrix.name == 'PHPUnit' }}
uses: codecov/test-results-action@v1
with:
directory: ${{ github.workspace }}/.cache/phpunit/
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true