Remove the need to append /targets to the Composer repository URL
#289
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| push: | |
| branches: ['main'] | |
| pull_request: | |
| branches: ['main'] | |
| schedule: | |
| # Run this workflow at 4 AM UTC every day. | |
| - cron: '0 4 * * *' | |
| workflow_dispatch: | |
| env: | |
| COMPOSER_FLAGS: "--ansi --no-interaction --no-progress --prefer-dist --optimize-autoloader" | |
| jobs: | |
| fixture: | |
| name: Generate test fixture | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 1 | |
| - uses: actions/checkout@v2 | |
| with: | |
| repository: php-tuf/php-tuf | |
| ref: main | |
| path: php-tuf | |
| fetch-depth: 1 | |
| - id: cache-pip | |
| uses: actions/cache@v2 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/Pipfile.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - id: cache-pipenv | |
| uses: actions/cache@v2 | |
| with: | |
| path: ~/.local/share/virtualenvs | |
| key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pipenv- | |
| - name: Set up Python 3.9 | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: 3.9 | |
| - name: Install pip/pipenv | |
| run: | | |
| python -m pip install --upgrade pip | |
| python -m pip install --upgrade pipenv | |
| - name: Copy Pipfile from PHP-TUF and install dependencies via pipenv | |
| run: | | |
| cp -f php-tuf/Pipfile* . | |
| if [ -f Pipfile.lock ]; then pipenv install; fi | |
| - name: Generate fixtures | |
| run: | | |
| pipenv run python generate.py | |
| cp -f ./metadata/root.json ../client/tuf/localhost.json | |
| env: | |
| PIPENV_PIPFILE: ../../Pipfile | |
| working-directory: ./tests/server | |
| - name: Archive fixtures for storage | |
| run: | | |
| tar -c -z -f fixture.tar.gz ./tests/server/metadata ./tests/client/tuf/localhost.json | |
| - name: Store fixtures as artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: fixture | |
| path: fixture.tar.gz | |
| retention-days: 5 | |
| test: | |
| name: Test on ${{ matrix.operating-system }} with Composer ${{ matrix.composer }} and PHP ${{ matrix.php }} | |
| needs: fixture | |
| runs-on: ${{ matrix.operating-system }} | |
| strategy: | |
| fail-fast: false | |
| max-parallel: 10 | |
| matrix: | |
| operating-system: [ubuntu-latest, macos-latest, windows-latest] | |
| php: ['8.0', '8.1', '8.2'] | |
| composer: [2, 2.2] | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 1 | |
| - name: Install PHP and Composer 2 | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: ${{ matrix.php }} | |
| tools: composer:v${{ matrix.composer }} | |
| extensions: sodium, json | |
| - name: Install dependencies | |
| run: | | |
| composer config github-oauth.github.com ${{ secrets.GITHUB_TOKEN }} | |
| composer install ${{ env.COMPOSER_FLAGS }} | |
| - name: Download fixture | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: fixture | |
| - name: Extract fixture | |
| run: tar -x -v -f fixture.tar.gz | |
| - name: Start PHP server and run tests | |
| run: | | |
| php -S localhost:8080 & | |
| vendor/bin/phpunit ./tests --debug | |
| - name: Check dependencies for known security vulnerabilities (legacy) | |
| if: matrix.composer == 2.2 | |
| run: composer require --update-with-all-dependencies roave/security-advisories:dev-latest | |
| - name: Check dependencies for known security vulnerabilities | |
| if: matrix.composer == 2 | |
| run: 'composer audit' |