Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: workflow updates #21

Merged
merged 1 commit into from
Aug 1, 2024
Merged

ci: workflow updates #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 7 additions & 7 deletions .github/workflows/coding-standards.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
pull-requests: read
steps:
- name: 📦 Check out the codebase
uses: actions/[email protected].6
uses: actions/[email protected].7

- name: 🧐 Lint commits using "commitlint"
uses: wagoid/[email protected]
Expand All @@ -45,7 +45,7 @@ jobs:
pull-requests: read
steps:
- name: 📦 Check out the codebase
uses: actions/[email protected].6
uses: actions/[email protected].7

- name: 🧐 Lint YAML files
uses: ibiqlik/[email protected]
Expand All @@ -62,7 +62,7 @@ jobs:
group: markdown-linting-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
steps:
- name: 📦 Check out the codebase
uses: actions/[email protected].6
uses: actions/[email protected].7

- name: 🧐 Lint Markdown files
uses: DavidAnson/[email protected]
Expand Down Expand Up @@ -92,7 +92,7 @@ jobs:
contents: write
steps:
- name: 🛠️ Setup PHP
uses: shivammathur/setup-php@2.30.5
uses: shivammathur/setup-php@2.31.1
with:
php-version: ${{ matrix.php-version }}
extensions: none, ctype, dom, json, mbstring, simplexml, tokenizer, xml, xmlwriter, pdo, curl, fileinfo, pdo_mysql, sockets
Expand All @@ -101,7 +101,7 @@ jobs:
tools: phive

- name: 📦 Check out the codebase
uses: actions/[email protected].6
uses: actions/[email protected].7

- name: 🛠️ Setup problem matchers
run: |
Expand Down Expand Up @@ -162,15 +162,15 @@ jobs:
git config --global core.eol lf

- name: 🛠️ Setup PHP
uses: shivammathur/setup-php@2.30.5
uses: shivammathur/setup-php@2.31.1
with:
php-version: ${{ matrix.php-version }}
extensions: none, ctype, dom, json, mbstring, simplexml, tokenizer, xml, xmlwriter, pdo, curl, fileinfo, pdo_mysql, decimal
ini-values: error_reporting=E_ALL
coverage: none

- name: 📦 Check out the codebase
uses: actions/[email protected].6
uses: actions/[email protected].7

- name: 🛠️ Setup problem matchers
run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/refactoring.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,10 +35,10 @@ jobs:
- locked
steps:
- name: 📦 Check out the codebase
uses: actions/[email protected].6
uses: actions/[email protected].7

- name: 🛠️ Setup PHP
uses: shivammathur/setup-php@2.30.5
uses: shivammathur/setup-php@2.31.1
with:
php-version: ${{ matrix.php-version }}
extensions: none, ctype, dom, json, mbstring, simplexml, tokenizer, xml, xmlwriter, pdo, curl, fileinfo, pdo_mysql, sockets
Expand Down
68 changes: 68 additions & 0 deletions .github/workflows/security-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
---

on: # yamllint disable-line rule:truthy
pull_request:
branches:
- master
- develop

name: 🔐 Security analysis

env:
# Disable docker support in Makefile
APP_RUNNER: 'cd app &&'

jobs:
security-analysis:
timeout-minutes: 4
runs-on: ${{ matrix.os }}
concurrency:
cancel-in-progress: true
group: security-analysis-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
strategy:
fail-fast: true
matrix:
os:
- ubuntu-latest
php-version:
- '8.3'
dependencies:
- locked
steps:
- name: 📦 Check out the codebase
uses: actions/[email protected]

- name: 🛠️ Setup PHP
uses: shivammathur/[email protected]
with:
php-version: ${{ matrix.php-version }}
extensions: none, ctype, dom, json, mbstring, simplexml, tokenizer, xml, xmlwriter, pdo, curl, fileinfo, sockets
ini-values: error_reporting=E_ALL
coverage: none

- name: 🛠️ Setup problem matchers
run: echo "::add-matcher::${{ runner.tool_cache }}/php.json"

- name: 🤖 Validate composer.json and composer.lock
run: make validate-composer

- name: 🔍 Get composer cache directory
uses: wayofdev/gh-actions/actions/composer/[email protected]
with:
working-directory: app

- name: ♻️ Restore cached dependencies installed with composer
uses: actions/[email protected]
with:
path: ${{ env.COMPOSER_CACHE_DIR }}
key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}
restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-

- name: 📥 Install "${{ matrix.dependencies }}" dependencies with composer
uses: wayofdev/gh-actions/actions/composer/[email protected]
with:
working-directory: app
dependencies: ${{ matrix.dependencies }}

- name: 🐛 Check installed packages for security vulnerability advisories
run: make lint-audit
23 changes: 23 additions & 0 deletions .github/workflows/shellcheck.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---

on: # yamllint disable-line rule:truthy
pull_request:
branches:
- master
- develop

name: 🐞 Differential shell-check

permissions:
contents: read

jobs:
shellcheck:
uses: wayofdev/gh-actions/.github/workflows/[email protected]
with:
os: ubuntu-latest
severity: warning
secrets:
token: ${{ secrets.GITHUB_TOKEN }}

...