Merge pull request #2003 from hydephp/dependabot/composer/symfony/htt… #1959
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 🚀 Test & Build | |
| on: | |
| push: | |
| branches: [ "master" ] | |
| jobs: | |
| run-smoke-tests: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: "8.1" | |
| extensions: fileinfo | |
| - uses: actions/checkout@v4 | |
| - name: Validate composer.json and composer.lock | |
| run: composer validate --strict --no-check-all | |
| - name: Cache Composer packages | |
| id: composer-cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: vendor | |
| key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-php- | |
| - name: Install Composer Dependencies | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Set environment to testing | |
| run: echo "ENV=testing" > .env | |
| - name: Output debug information | |
| run: php hyde debug | |
| - name: Execute tests (Unit and Feature tests) via PHPUnit | |
| run: vendor/bin/pest --stop-on-failure --log-junit report.xml | |
| env: | |
| ENV: testing | |
| - name: Ping continuous integration server with test status | |
| if: always() && github.event.repository.full_name == 'hydephp/develop' | |
| run: | | |
| bearerToken="${{ secrets.CI_SERVER_TOKEN }}" | |
| commit="${{ github.sha }}" | |
| url="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| if [ ${{ steps.smoke-tests.outcome }} == "failure" ]; then | |
| status=false | |
| else | |
| status=true | |
| fi | |
| curl -X POST --fail-with-body \ | |
| -H "Authorization: Bearer $bearerToken" \ | |
| -H "Content-Type: application/json" \ | |
| -H "Accept: application/json" \ | |
| -d '{"commit":"'"$commit"'", "status":'$status', "url":"'"$url"'"}' \ | |
| https://ci.hydephp.com/api/test-run-reports | |
| - name: Ping statistics server with test results | |
| run: | | |
| curl https://raw.githubusercontent.com/hydephp/develop/6e9d17f31879f4ccda13a3fec4029c9663bccec0/monorepo/scripts/ping-openanalytics-testrunner.php -o ping.php | |
| php ping.php "Monorepo Smoke Tests" ${{ secrets.OPENANALYTICS_TOKEN }} ${{ github.ref_name }} | |
| test-matrix: | |
| needs: run-smoke-tests | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| php: [8.1, 8.2, 8.3] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: ${{ matrix.php }} | |
| extensions: fileinfo, zip | |
| - uses: actions/checkout@v4 | |
| - name: Install Composer Dependencies | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Execute tests (Unit and Feature tests) via PHPUnit | |
| run: vendor/bin/pest --log-junit report.xml | |
| - name: Ping statistics server with test results | |
| run: | | |
| curl https://raw.githubusercontent.com/hydephp/develop/6e9d17f31879f4ccda13a3fec4029c9663bccec0/monorepo/scripts/ping-openanalytics-testrunner.php -o ping.php | |
| php ping.php "Monorepo CI Matrix" ${{ secrets.OPENANALYTICS_TOKEN }} ${{ github.ref_name }} | |
| system-testing: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| script: [ hyde-cli, project-styles ] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run system tests (${{ matrix.script }}) | |
| run: php monorepo/scripts/tests/${{ matrix.script }}.php | |
| build-hydefront-assets: | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| cache: 'npm' | |
| - name: Install Node.js dependencies | |
| working-directory: 'packages/hydefront' | |
| run: npm ci | |
| - name: Build assets for production | |
| working-directory: 'packages/hydefront' | |
| run: npm run prod | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: 'hydefront' | |
| path: 'packages/hydefront/dist' | |
| - name: Commit changes | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| add: 'packages/hydefront/dist' | |
| message: 'Compile HydeFront assets for production' | |
| new_branch: compile-hydefront | |
| build-tailwindcss: | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| cache: 'npm' | |
| - name: Install Node.js dependencies | |
| run: npm ci | |
| - name: Update Tailwind content path | |
| run: sed -i 's/\.\/vendor\/hyde\/framework\/resources\/views\/\*\*\/\*\.blade\.php/\.\/packages\/framework\/resources\/views\/\*\*\/\*\.blade\.php/' tailwind.config.js | |
| - name: Build assets for production | |
| run: npm run prod | |
| - name: Copy compiled app.css file to HydeFront dist folder | |
| run: cp _media/app.css packages/hydefront/dist/app.css | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: '_media' | |
| path: '_media' | |
| - name: Commit changes | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| add: '["_media/app.css", "packages/hydefront/dist/app.css"]' | |
| message: 'Compile TailwindCSS for production' | |
| new_branch: compile-tailwindcss | |
| push: '--set-upstream origin compile-tailwindcss --force' | |
| # Todo create PR or just push to master? | |
| build-test-coverage: | |
| environment: | |
| name: live-coverage-report | |
| url: https://hydephp.github.io/develop/master/coverage/ | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| steps: | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: "8.1" | |
| coverage: xdebug | |
| extensions: fileinfo | |
| - uses: actions/checkout@v4 | |
| - name: Cache Composer packages | |
| id: composer-cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: vendor | |
| key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-php- | |
| - name: Install Composer Dependencies | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Set environment to testing | |
| run: echo "ENV=testing" > .env | |
| - name: Output debug information | |
| run: php hyde debug | |
| - name: Execute tests (Unit and Feature tests) via PHPUnit with coverage | |
| run: vendor/bin/pest --coverage --coverage-text=build/coverage/report.txt --colors=always --coverage-clover build/coverage/clover.xml --coverage-cobertura build/coverage/cobertura.xml --coverage-crap4j build/coverage/crap4j.xml --coverage-xml build/coverage/coverage-xml --log-junit build/junit.xml --coverage-html build/coverage/html | |
| env: | |
| ENV: testing | |
| - uses: codecov/codecov-action@v4 | |
| with: | |
| files: ./build/coverage/clover.xml,./build/coverage/crap4j.xml,./build/coverage/report.txt,./build/junit.xml | |
| fail_ci_if_error: false # optional (default = false) | |
| verbose: true # optional (default = false) | |
| - name: Ping statistics server with test results | |
| run: | | |
| cp build/junit.xml report.xml | |
| curl https://raw.githubusercontent.com/hydephp/develop/6e9d17f31879f4ccda13a3fec4029c9663bccec0/monorepo/scripts/ping-openanalytics-testrunner.php -o ping.php | |
| php ping.php "Monorepo PR Test" ${{ secrets.OPENANALYTICS_TOKEN }} ${{ github.ref_name }} | |
| - name: Upload coverage artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: "coverage" | |
| path: "build/coverage" | |
| - name: Copy Junit report | |
| run: cp build/junit.xml build/coverage/html/junit.xml | |
| - name: Upload HTML coverage artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: "html-coverage" | |
| path: "build/coverage/html" | |
| build-api-documentation: | |
| environment: | |
| name: internal-api-docs | |
| url: https://hydephp.github.io/develop/master/api-docs/ | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download phpDocumentor | |
| run: | | |
| wget https://phpdoc.org/phpDocumentor.phar | |
| chmod +x phpDocumentor.phar | |
| - name: Run phpDocumentor | |
| run: php phpDocumentor.phar --directory="packages/framework/src" --target="build/api-documentation" --title="API Documentation" | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: 'api-documentation' | |
| path: 'build/api-documentation' | |
| build-upcoming-documentation: | |
| environment: | |
| name: dev-docs | |
| url: https://hydephp.github.io/develop/master/dev-docs/ | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: "8.1" | |
| - name: Cache Composer packages | |
| id: composer-cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: vendor | |
| key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-php- | |
| - name: Install Composer Dependencies | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Copy configuration from configuration directory | |
| run: cp -r monorepo/gh-pages/gh-pages-config-dev-docs/* . | |
| - name: Move documentation files | |
| run: rm -rf _docs && mv -f docs _docs | |
| - name: Compile the static site | |
| run: php hyde build | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: 'dev-docs' | |
| path: '_site/dev-docs' | |
| build-preview-site: | |
| environment: | |
| name: live-preview-site | |
| url: https://hydephp.github.io/develop/master/preview | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: "8.1" | |
| - name: Cache Composer packages | |
| id: composer-cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: vendor | |
| key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-php- | |
| - name: Install Composer Dependencies | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Copy configuration from the configuration directory | |
| run: cp -r monorepo/gh-pages/gh-pages-config/* . | |
| - name: Output the origin reference to file | |
| run: echo ${{ github.sha }} > origin-ref | |
| - name: Publish the post feed homepage | |
| run: php hyde publish:homepage posts -n | |
| - name: Compile the static site | |
| run: php hyde build | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: 'site-preview' | |
| path: '_site' | |
| build-test-fixture-docs: | |
| # environment: | |
| # name: | |
| # url: https://hydephp.github.io/develop/master/test-fixtures/docs | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: "8.1" | |
| - name: Cache Composer packages | |
| id: composer-cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: vendor | |
| key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-php- | |
| - name: Install Composer Dependencies | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Download source files | |
| run: wget https://github.com/caendesilva/hyde-example-documentation-site/archive/master.zip -O source.zip | |
| - name: Unzip source | |
| run: unzip source.zip -d temp | |
| - name: Copy source to root | |
| run: cp -r temp/hyde-example-documentation-site-master/* . | |
| - name: Compile the static site | |
| run: php hyde build | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: 'test-fixture-docs' | |
| path: '_site' | |
| build-git-history-graph: | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| # We need to fetch all history to generate the graph | |
| fetch-depth: 0 | |
| - name: Generate Git history graph | |
| run: php monorepo/scripts/build-git-history-graph.php | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: 'git-history-graph' | |
| path: 'monorepo/scripts/graphs' | |
| upload-generated-reports: | |
| environment: | |
| name: live-reports | |
| url: https://hydephp.github.io/develop/master/ | |
| runs-on: ubuntu-latest | |
| needs: | |
| - run-smoke-tests | |
| - build-test-coverage | |
| - build-api-documentation | |
| - build-upcoming-documentation | |
| - build-preview-site | |
| - build-test-fixture-docs | |
| - build-git-history-graph | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: 'gh-pages' | |
| - name: Reset output directories | |
| run: | | |
| rm -rf master/coverage && mkdir master/coverage | |
| rm -rf master/dev-docs && mkdir master/dev-docs | |
| rm -rf master/api-docs && mkdir master/api-docs | |
| rm -rf master/preview && mkdir master/preview | |
| rm -rf master/test-fixtures && mkdir master/test-fixtures | |
| rm -rf master/git && mkdir master/git | |
| - name: Download coverage report artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: html-coverage | |
| path: master/coverage | |
| - name: Download upcoming documentation artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dev-docs | |
| path: master/dev-docs | |
| - name: Download API documentation artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: api-documentation | |
| path: master/api-docs | |
| - name: Download preview site artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: site-preview | |
| path: master/preview | |
| - name: Download test fixture docs artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: test-fixture-docs | |
| path: master/test-fixtures/docs | |
| - name: Download Git history graph artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: git-history-graph | |
| path: master/git | |
| - name: Create README.md | |
| run: echo '# CI/CD generated reports for [${{ github.sha }}](https://github.com/hydephp/develop/commit/${{ github.sha }})' > master/README.md | |
| # Generate directory listing | |
| - name: Download directory listing generator script | |
| run: wget https://raw.githubusercontent.com/caendesilva/php-directory-listing/a741e74af1a3e5b8d8b730a437c1666945fbedab/directory-listing.php -O .build.php | |
| - name: Check download integrity | |
| run: | | |
| hash=$(sha256sum .build.php | awk '{print $1}') | |
| if [ $hash = "af021b1bef61e31f426dcbc80540aa192e5a7cecf0db4f6b946851ab3101627d" ] ; then echo "Checksum $hash matches"; else echo "Checksum $hash not matching!" && exit 1 ; fi | |
| - name: Set path labels | |
| run: | | |
| echo "hydephp/develop" > .dl-pathlabel | |
| echo "hydephp/develop/master" > master/.dl-pathlabel | |
| - name: Compile static root directory listing | |
| run: php .build.php | |
| - name: Compile static master directory listing | |
| run: cp .build.php master/.build.php && cd master && php .build.php | |
| - name: Compile subdirectory listings | |
| run: | | |
| cd master | |
| for dir in media test-fixtures git; do | |
| cp .build.php $dir/.build.php | |
| cd $dir | |
| php .build.php | |
| cd .. | |
| done | |
| # End directory listing | |
| - name: Commit changes | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| pull: 'origin gh-pages' | |
| add: '["master", "index.html"]' | |
| message: 'Upload live reports from test suite run ${{ github.sha }}' | |
| check-coding-standards: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: "8.1" | |
| - uses: actions/checkout@v4 | |
| - name: Download static analysis tools | |
| run: | | |
| wget https://github.com/php-parallel-lint/PHP-Parallel-Lint/releases/latest/download/parallel-lint.phar | |
| wget https://squizlabs.github.io/PHP_CodeSniffer/phpcs.phar | |
| - name: Check syntax (PHP Parallel Lint) | |
| run: php parallel-lint.phar --colors app config packages tests --show-deprecated | |
| - name: Check coding syntax/standards (PHP CodeSniffer) | |
| run: php phpcs.phar --colors --cache=build/cache/phpcs.cache packages --standard=PSR2 --extensions="php" --ignore="*test.php,*.blade.php,ValidationService.php" || true | |
| run-static-analysis-psalm: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: "8.1" | |
| - uses: actions/checkout@v4 | |
| - name: Install Composer Dependencies | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Run static analysis (Psalm/Shepherd) | |
| run: vendor/bin/psalm --shepherd > psalmout.txt|| true | |
| - name: Ping CI server with type coverage results | |
| run: php monorepo/scripts/ping-ci-server-with-type-coverage.php ${{ secrets.CI_SERVER_TOKEN }} ${{ github.sha }} master ${{ github.run_id }} | |
| run-static-analysis-phpstan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: "8.1" | |
| - uses: actions/checkout@v4 | |
| - name: Install Composer Dependencies | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Run static analysis (PHPStan) | |
| run: vendor/bin/phpstan analyse --ansi --level 1 packages/framework/src || true | |
| devskim-lint: | |
| runs-on: ubuntu-20.04 | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Run DevSkim scanner | |
| uses: microsoft/DevSkim-Action@v1 | |
| - name: Upload DevSkim scan results to GitHub Security tab | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: devskim-results.sarif | |
| analyze: | |
| name: Analyze | |
| runs-on: ubuntu-latest | |
| needs: run-smoke-tests | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| language: [ 'javascript' ] | |
| # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| # Initializes the CodeQL tools for scanning. | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: ${{ matrix.language }} | |
| - name: Autobuild | |
| uses: github/codeql-action/autobuild@v3 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| snyk-security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@master | |
| - name: Run Snyk to check for vulnerabilities | |
| uses: snyk/actions/php@master | |
| continue-on-error: true # To make sure that SARIF upload gets called | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| args: --sarif-file-output=snyk.sarif | |
| - name: Upload result to GitHub Code Scanning | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: snyk.sarif | |
| hydefront-lint: | |
| name: HydeFront Lint | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Run linter | |
| run: php packages/hydefront/.github/scripts/post-build.php | |
| test-monorepo-tools: | |
| runs-on: ubuntu-latest | |
| name: Test monorepo tools can run | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - run: php monorepo/CodeIntelligence/CodeIntelligence.php | |
| - run: php monorepo/scripts/FileFormatter.php |