Skip to content

switch to psalm level 3 #294

switch to psalm level 3

switch to psalm level 3 #294

Workflow file for this run

# This file is part of the Zemit Framework.
#
# (c) Zemit Team <contact@zemit.com>
#
# For the full copyright and license information, please view the LICENSE.txt
# file that was distributed with this source code.
name: Zemit CI
on:
schedule:
- cron: '0 2 * * *' # Daily at 02:00 runs only on default branch
push:
paths-ignore:
- '**.md'
- '**.txt'
pull_request:
workflow_dispatch:
env:
# PHP extensions required by Composer
EXTENSIONS: apcu, gettext, gd, igbinary, imagick, intl, json, mbstring, msgpack, memcached, sqlite3, yaml, redis, :memcache, openssl, phalcon5
permissions: { }
jobs:
# PHP SETUP
setup:
runs-on: ubuntu-latest
strategy:
matrix:
php:
# - "8.2"
- "8.3"
dependencies:
# - "lowest"
- "highest"
outputs:
cache-key: ${{ steps.composer-cache.outputs.key }}
steps:
- uses: actions/checkout@v4
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: ${{ env.EXTENSIONS }}
tools: composer, cs2pr
- uses: ramsey/composer-install@v3
with:
dependency-versions: ${{ matrix.dependencies }}
composer-options: ${{ matrix.composer-options }}
custom-cache-suffix: zemit-composer
# PHP CODE SNIFFER
code-sniffer:
needs: setup
runs-on: ubuntu-latest
strategy:
matrix:
php:
# - "8.2"
- "8.3"
dependencies:
# - "lowest"
- "highest"
steps:
- uses: actions/checkout@v4
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: ${{ env.EXTENSIONS }}
tools: composer, cs2pr
- uses: ramsey/composer-install@v3
with:
dependency-versions: ${{ matrix.dependencies }}
composer-options: ${{ matrix.composer-options }}
custom-cache-suffix: zemit-composer
- name: PHP Code Sniffer
run: vendor/bin/phpcs -q --report=checkstyle | cs2pr --graceful-warnings
# PHP STATIC ANALYSIS
static-analysis:
needs: setup
runs-on: ubuntu-latest
strategy:
matrix:
php:
# - "8.2"
- "8.3"
dependencies:
# - "lowest"
- "highest"
steps:
- uses: actions/checkout@v4
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: ${{ env.EXTENSIONS }}
tools: composer, cs2pr
- uses: ramsey/composer-install@v3
with:
dependency-versions: ${{ matrix.dependencies }}
composer-options: ${{ matrix.composer-options }}
custom-cache-suffix: zemit-composer
- name: PHP Stan
run: ./vendor/bin/phpstan
# PHP PSALM
php-security:
needs: setup
runs-on: ubuntu-latest
strategy:
matrix:
php:
# - "8.2"
- "8.3"
dependencies:
# - "lowest"
- "highest"
permissions:
contents: read
security-events: write
actions: read
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: ${{ env.EXTENSIONS }}
tools: composer, psalm
- uses: ramsey/composer-install@v3
with:
dependency-versions: ${{ matrix.dependencies }}
composer-options: ${{ matrix.composer-options }}
custom-cache-suffix: zemit-composer
- name: Run Psalm Security Scan
run: ./vendor/bin/psalm --config=psalm.xml --output-format=sarif > results.sarif
- name: Display SARIF results
run: cat results.sarif
- name: Import Security Analysis results into GitHub Security Code Scanning
if: always()
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif
# PHP UNIT TEST
unit-tests:
needs: setup
strategy:
matrix:
php:
# - "8.2"
- "8.3"
dependencies:
# - "lowest"
- "highest"
services:
mysql:
image: mysql:8.0
env:
MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
MYSQL_DATABASE: zemit_core
ports:
- 3306:3306
options: >-
--health-cmd="mysqladmin ping -h 127.0.0.1"
--health-interval=10s
--health-timeout=5s
--health-retries=3
redis:
image: redis:latest
ports:
- 6379:6379
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Prepare Locale
run: |
sudo locale-gen en_IN.UTF-8
sudo update-locale LANG=en_IN.UTF-8
sudo locale-gen en_CA.UTF-8
sudo update-locale LANG=en_CA.UTF-8
sudo locale-gen fr_CA.UTF-8
sudo update-locale LANG=fr_CA.UTF-8
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: ${{ env.EXTENSIONS }}
tools: composer, cs2pr
- uses: ramsey/composer-install@v3
with:
dependency-versions: ${{ matrix.dependencies }}
composer-options: ${{ matrix.composer-options }}
custom-cache-suffix: zemit-composer
- name: Set permissions and environment
run: |
chmod +x ./bin/* ./vendor/bin/* ./zemit
mkdir .phalcon
touch .env
cp .env.github .env
- name: Run migrations
run: |
./bin/migration-list.sh
./bin/migration-run.sh
- name: PHP Unit
run: ./vendor/bin/phpunit