Skip to content

Automation

Automation #15182

Workflow file for this run

name: Automation
on:
pull_request:
push:
branches:
# Default branch
- "main"
# Release branches
## 1.2.x - e.g. Semantic Versioning
- "[0-9]+.[0-9]+.x"
## v1 - e.g. GitHub Actions Versioning
- "v[0-9]+"
schedule:
- cron: "0 * * * *" # Runs hourly
workflow_dispatch:
workflow_run:
workflows: ["Docker Build"]
types:
- completed
workflow_call:
secrets:
CODECOV_TOKEN:
required: false
GPG_PRIVATE_KEY:
required: false
INFECTION_DASHBOARD_API_KEY:
required: false
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
# values: read, write, none
permissions:
# actions: Work with GitHub Actions. For example, actions: write permits an action to cancel a workflow run.
actions: write
# checks: Work with check runs and check suites. For example, checks: write permits an action to create a check run.
checks: write
# contents: Work with the contents of the repository. For example, contents: read permits an action to list the commits, and contents:write allows the action to create a release.
contents: write
# deployments: Work with deployments. For example, deployments: write permits an action to create a new deployment.
deployments: write
# discussions: Work with GitHub Discussions. For example, discussions: write permits an action to close or delete a discussion.
discussions: write
# id-token: Fetch an OpenID Connect (OIDC) token. This requires id-token: write.
id-token: none
# issues: Work with issues. For example, issues: write permits an action to add a comment to an issue.
issues: write
# packages: Work with GitHub Packages. For example, packages: write permits an action to upload and publish packages on GitHub Packages.
packages: write
# pages: Work with GitHub Pages. For example, pages: write permits an action to request a GitHub Pages build.
pages: write
# pull-requests: Work with pull requests. For example, pull-requests: write permits an action to add a label to a pull request.
pull-requests: write
# repository-projects: Work with GitHub projects (classic). For example, repository-projects: write permits an action to add a column to a project (classic).
repository-projects: write
# security-events: Work with GitHub code scanning and Dependabot alerts. For example, security-events: read permits an action to list the Dependabot alerts for the repository, and security-events: write allows an action to update the status of a code scanning alert.
security-events: write
# statuses: Work with commit statuses. For example, statuses:read permits an action to list the commit statuses for a given reference.
statuses: write
jobs:
matrix:
name: Generate job matrix
concurrency:
group: ${{ github.head_ref || github.ref }}-${{ github.event_name }}-${{ github.workflow }}
cancel-in-progress: true
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.matrix.outputs.matrix }}
codecov: ${{ env.CODECOV_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v4
# - name: Determine CI Jobs (dev)
# id: matrix
# if: github.event_name == 'push' || github.event_name == 'pull_request'
# uses: ghostwriter/compliance@v1
# with:
# command: matrix
- name: Determine CI Jobs
id: matrix
uses: docker://ghcr.io/ghostwriter/compliance:v1
qa:
name: "[PHP${{ matrix.php }}][${{ matrix.dependency }}]${{ matrix.name }} on ${{ matrix.os }}"
needs: [matrix]
runs-on: ${{ matrix.os }}-latest
continue-on-error: ${{ matrix.dependency == 'lowest' || matrix.experimental }}
strategy:
fail-fast: false
matrix: ${{ fromJSON(needs.matrix.outputs.matrix) }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup PHP ${{ matrix.php }} with ${{ join(matrix.extensions, ', ') }} extensions.
uses: shivammathur/setup-php@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
coverage: pcov
tools: psalm,phpunit,infection
ini-values: assert.exception=1, zend.assertions=1, error_reporting=-1, log_errors_max_len=0, display_errors=On
php-version: ${{ matrix.php }}
extensions: :php-psr,pcntl, ${{ join(matrix.extensions, ', ') }}
- name: Setup problem matchers
run: |
echo "::add-matcher::${{ runner.tool_cache }}/php.json"
echo "::add-matcher::${{ runner.tool_cache }}/phpunit.json"
- name: Setup Cache Directory
id: composer-cache
run: echo "directory=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
- name: Cache composer dependencies
uses: actions/cache@v4
with:
path: ${{ steps.composer-cache.outputs.directory || matrix.composerCacheFilesDirectory }}
key: ${{ runner.os }}-php-${{ matrix.php }}-composer-${{ matrix.dependency }}-${{ hashFiles('**/composer.lock') }}
restore-keys: ${{ runner.os }}-php-${{ matrix.php }}-composer-${{ matrix.dependency }}-
- name: Validate composer.json file
working-directory: ${{ github.workspace }}
run: ${{ matrix.validateCommand }}
- name: Install ${{ matrix.dependency }} dependencies
working-directory: ${{ github.workspace }}
run: |
composer config --global github-oauth.github.com ${{secrets.GITHUB_TOKEN}};
composer config --no-plugins allow-plugins.ghostwriter/coding-standard true;
${{ matrix.installCommand }};
composer config --global --auth --unset github-oauth.github.com
- name: Run ${{ matrix.name }} command
run: ${{ matrix.runCommand }}
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
INFECTION_DASHBOARD_API_KEY: ${{ secrets.INFECTION_DASHBOARD_API_KEY || secrets.STRYKER_DASHBOARD_API_KEY }}
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
if: ${{ matrix.name == 'PHPUnit' }}
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
directory: ${{ github.workspace }}/.cache/phpunit/
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true
- name: Upload test results to Codecov
if: ${{ matrix.name == 'PHPUnit' }}
uses: codecov/test-results-action@v1
with:
directory: ${{ github.workspace }}/.cache/phpunit/
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true