Skip to content

chore(deps-dev): upgrade static analysis tools (#98) #125

chore(deps-dev): upgrade static analysis tools (#98)

chore(deps-dev): upgrade static analysis tools (#98) #125

# GitHub Actions Documentation: https://docs.github.com/en/actions
name: "build"
on:
push:
branches:
- "main"
tags:
- "*"
pull_request:
branches:
- "main"
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
COMPOSER_ROOT_VERSION: "1.99.99"
jobs:
coding-standards:
name: "Coding standards"
runs-on: "ubuntu-latest"
steps:
- name: "Checkout repository"
uses: "actions/[email protected]"
- name: "Install PHP"
uses: "shivammathur/[email protected]"
with:
php-version: "latest"
extensions: "intl-73.2"
coverage: "none"
- name: "Install dependencies (Composer)"
uses: "ramsey/[email protected]"
- name: "Check syntax (php-parallel-lint)"
run: "composer dev:lint:syntax"
- name: "Check coding standards (PHP_CodeSniffer)"
run: "composer dev:lint:style"
static-analysis:
name: "Static analysis"
runs-on: "ubuntu-latest"
steps:
- name: "Checkout repository"
uses: "actions/[email protected]"
- name: "Install PHP"
uses: "shivammathur/[email protected]"
with:
php-version: "latest"
extensions: "intl-73.2"
coverage: "none"
- name: "Install dependencies (Composer)"
uses: "ramsey/[email protected]"
- name: "Statically analyze code (PHPStan)"
run: "composer dev:analyze:phpstan"
- name: "Statically analyze code (Psalm)"
run: "composer dev:analyze:psalm -- --shepherd"
security-analysis:
name: "Security analysis"
needs: ["coding-standards", "static-analysis"]
runs-on: "ubuntu-latest"
steps:
- name: "Checkout repository"
uses: "actions/[email protected]"
- name: "Install PHP"
uses: "shivammathur/[email protected]"
with:
php-version: "latest"
extensions: "intl-73.2"
coverage: "none"
- name: "Install dependencies (Composer)"
uses: "ramsey/[email protected]"
- name: "Analyze security of code (Psalm)"
run: "./vendor/bin/psalm --taint-analysis --report=build/logs/psalm.sarif"
- name: "Upload security analysis results to GitHub"
uses: "github/codeql-action/upload-sarif@v2"
with:
sarif_file: "build/logs/psalm.sarif"
code-coverage:
name: "Code coverage"
needs: ["coding-standards", "static-analysis"]
runs-on: "ubuntu-latest"
steps:
- name: "Checkout repository"
uses: "actions/[email protected]"
- name: "Install PHP"
uses: "shivammathur/[email protected]"
with:
php-version: "latest"
extensions: "intl-73.2"
coverage: "pcov"
ini-values: "memory_limit=-1"
- name: "Install dependencies (Composer)"
uses: "ramsey/[email protected]"
- name: "Run unit tests and generate coverage report (PHPUnit)"
run: "composer dev:test:coverage:ci"
- name: "Publish coverage report to Codecov"
uses: "codecov/[email protected]"
unit-tests:
name: "Unit tests"
needs: ["code-coverage"]
runs-on: "ubuntu-latest"
strategy:
fail-fast: false
matrix:
php-version:
- "7.4"
- "8.0"
- "8.1"
- "8.2"
dependencies:
- "lowest"
- "highest"
steps:
- name: "Checkout repository"
uses: "actions/[email protected]"
- name: "Install PHP"
uses: "shivammathur/[email protected]"
with:
php-version: "${{ matrix.php-version }}"
extensions: "intl-73.2"
coverage: "none"
- name: "Install dependencies (Composer)"
uses: "ramsey/[email protected]"
with:
dependency-versions: "${{ matrix.dependencies }}"
- name: "Run unit tests (PHPUnit)"
run: "composer dev:test:unit"