Add (or update) GitHub Actions (GHA) files and related config. #18
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: PHP Quality Assistance | |
| on: | |
| # This event occurs when there is activity on a pull request. The workflow | |
| # will be run against the commits, after merge to the target branch (main). | |
| pull_request: | |
| paths: | |
| - '**.php' | |
| - '.config/phpcs.xml.dist' | |
| - '.config/phpunit.xml.dist' | |
| - '.github/workflows/php.yml' | |
| - 'composer.json' | |
| - 'composer.lock' | |
| branches: [ main ] | |
| types: [ opened, reopened, synchronize ] | |
| # This event occurs when there is a push to the repository. | |
| push: | |
| paths: | |
| - '**.php' | |
| - '.config/phpcs.xml.dist' | |
| - '.config/phpunit.xml.dist' | |
| - '.github/workflows/php.yml' | |
| - 'composer.json' | |
| - 'composer.lock' | |
| # Allow manually triggering the workflow. | |
| workflow_dispatch: | |
| # Cancels all previous workflow runs for the same branch that have not yet completed. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| # Needed to allow the "concurrency" section to cancel a workflow run. | |
| actions: write | |
| jobs: | |
| # 01.preflight.php.lint-syntax.yml | |
| lint-php-syntax: | |
| name: PHP Syntax Linting | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker://pipelinecomponents/php-linter | |
| with: | |
| args: >- | |
| parallel-lint | |
| --exclude .git | |
| --exclude vendor | |
| --no-progress | |
| . | |
| # 01.quality.php.validate.dependencies-file.yml | |
| validate-dependencies-file: | |
| name: Validate dependencies file | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: >- | |
| composer validate | |
| --check-lock | |
| --no-plugins | |
| --no-scripts | |
| --strict | |
| # 03.quality.php.scan.dependencies-vulnerabilities.yml | |
| scan-dependencies-vulnerabilities: | |
| name: Scan Dependencies Vulnerabilities | |
| needs: | |
| - validate-dependencies-file | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: >- | |
| composer audit | |
| --abandoned=report | |
| --locked | |
| --no-dev | |
| --no-plugins | |
| --no-scripts | |
| # 03.quality.php.lint-version-compatibility.yml | |
| php-check-version-compatibility: | |
| name: PHP Version Compatibility | |
| needs: | |
| - lint-php-syntax | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| php: | |
| - '8.0' # from 2020-11 to 2022-11 (2023-11) | |
| - '8.1' # from 2021-11 to 2023-11 (2025-12) | |
| - '8.2' # from 2022-12 to 2024-12 (2026-12) | |
| - '8.3' # from 2023-11 to 2025-12 (2027-12) | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker://pipelinecomponents/php-codesniffer | |
| with: | |
| args: >- | |
| phpcs | |
| -s | |
| --extensions=php | |
| --ignore='*vendor/*' | |
| --runtime-set testVersion ${{ matrix.php }} | |
| --standard=PHPCompatibility | |
| . |