forked from squizlabs/PHP_CodeSniffer
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
7 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -65,44 +65,34 @@ jobs: | |
| ini-values: error_reporting=-1, display_errors=On | ||
| coverage: none | ||
|
|
||
| - run: wget -O phive.phar https://phar.io/releases/phive.phar | ||
| - run: wget -O phive.phar.asc https://phar.io/releases/phive.phar.asc | ||
| - run: gpg --keyserver hkps://keys.openpgp.org --recv-keys 0x9D8A98B29B2D5D79 | ||
| - run: gpg --verify phive.phar.asc phive.phar | ||
|
|
||
|
|
||
| - name: Verify PHAR file is available and download | ||
| # run: curl --remote-name https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/latest/download/${{ matrix.pharfile }}.phar | ||
| run: wget -O ${{ matrix.pharfile }}.phar https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/latest/download/${{ matrix.pharfile }}.phar | ||
|
|
||
| - name: Verify signature file is available and download | ||
| # run: curl --remote-name https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/latest/download/${{ matrix.pharfile }}.phar.asc | ||
| run: wget -O ${{ matrix.pharfile }}.phar.asc https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/latest/download/${{ matrix.pharfile }}.phar.asc | ||
|
|
||
| - name: "DEBUG: List files" | ||
| run: ls -Rlh | ||
|
|
||
| # - name: Verify attestation of the PHAR file | ||
| # run: gh attestation verify ${{ matrix.pharfile }}.phar -o PHPCSStandards | ||
| # env: | ||
| # GH_TOKEN: ${{ github.token }} | ||
| - name: Verify attestation of the PHAR file | ||
| run: gh attestation verify ${{ matrix.pharfile }}.phar -o PHPCSStandards | ||
| env: | ||
| GH_TOKEN: ${{ github.token }} | ||
|
|
||
| - name: Download public key | ||
| env: | ||
| FINGERPRINT: "0x689DAD778FF08760E046228BA978220305CD5C32" | ||
| # run: gpg --keyserver https://keys.openpgp.org/ --search-keys [email protected] | ||
| # run: gpg --keyserver hkps://keys.openpgp.org --recv-keys 0x689DAD778FF08760E046228BA978220305CD5C32 | ||
| run: gpg --keyserver hkps://keys.openpgp.org --recv-keys $FINGERPRINT | ||
| # run: gpg --keyserver keys.openpgp.org --recv-keys 689DAD778FF08760E046228BA978220305CD5C32 | gpg --import | ||
|
|
||
| - name: "DEBUG: List public keys" | ||
| run: gpg -k | ||
|
|
||
| - name: Verify signature of the PHAR file | ||
| run: gpg --verify ${{ matrix.pharfile }}.phar.asc ${{ matrix.pharfile }}.phar | ||
|
|
||
| # Note: the `.` is in the command to make it work for both PHPCS as well PHPCBF. | ||
| - name: Verify the PHAR is nominally functional | ||
| run: php ${{ matrix.pharfile }}.phar -e --standard=PSR12 | ||
| run: php ${{ matrix.pharfile }}.phar . -e --standard=PSR12 | ||
|
|
||
| - name: Grab the version | ||
| id: asset_version | ||
|
|
@@ -175,6 +165,7 @@ jobs: | |
| env: | ||
| GH_TOKEN: ${{ github.token }} | ||
|
|
||
| # Note: the `.` is in the command to make it work for both PHPCS as well PHPCBF. | ||
| - name: Verify the PHAR is nominally functional | ||
| run: php ./tools/${{ matrix.pharfile }} . -e --standard=PSR12 | ||
|
|
||
|
|
||