Update phpstan/phpstan (#744) #2225
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 0 * * *' # everyday at midnight | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| test: | |
| name: Run tests | |
| env: | |
| # We need these for the setup job where we commit. | |
| GIT_AUTHOR_NAME: violinist-bot | |
| GIT_AUTHOR_EMAIL: [email protected] | |
| GIT_COMMITTER_NAME: violinist-bot | |
| GIT_COMMITTER_EMAIL: [email protected] | |
| runs-on: ubuntu-24.04 | |
| services: | |
| gitlab: | |
| image: gitlab/gitlab-ce | |
| ports: | |
| - 2200:80 | |
| env: | |
| # This password is lifted directly from the GitLab docker docs: | |
| # https://docs.gitlab.com/ee/install/docker/installation.html#install-gitlab-by-using-docker-swarm-mode | |
| GITLAB_OMNIBUS_CONFIG: "gitlab_rails['initial_root_password'] = 'MySuperSecretAndSecurePassw0rd!';" | |
| strategy: | |
| fail-fast: true | |
| max-parallel: 2 | |
| matrix: | |
| php-version: | |
| - "7.3" | |
| - "7.4" | |
| - "8.0" | |
| - "8.1" | |
| - "8.2" | |
| - "8.3" | |
| - "8.4" | |
| composer-version: | |
| - "2" | |
| steps: | |
| - name: Dump matrix context | |
| env: | |
| MATRIX_CONTEXT: ${{ toJSON(matrix) }} | |
| run: echo "$MATRIX_CONTEXT" | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup PHP | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: ${{ matrix.php-version }} | |
| - name: Update composer | |
| run: composer --verbose self-update --${{ matrix.composer-version }} | |
| - name: Dump composer verson | |
| run: composer --version | |
| - name: Validate composer.json | |
| run: composer --verbose validate | |
| - name: Install dependencies | |
| run: composer --verbose install | |
| - name: Configure the GitLab instance | |
| run: | | |
| ./vendor/bin/wait-for-listen 2200 | |
| attempt_counter=0 | |
| max_attempts=60 | |
| while true; do | |
| echo "Waiting for the site to be up" | |
| echo "Attempt number ${attempt_counter}" | |
| if [ ${attempt_counter} -eq ${max_attempts} ];then | |
| echo "Max attempts reached" | |
| exit 1 | |
| fi | |
| # Run a cURL request and check if the status is 200. | |
| status=$(curl -o /dev/null --retry 3 --retry-all-errors -sL -w "%{http_code}\n" http://localhost:2200) | |
| if [ "$status" -eq 200 ]; then | |
| echo "Status is 200" | |
| break | |
| fi | |
| echo $status | |
| attempt_counter=$(($attempt_counter+1)) | |
| sleep 5 | |
| done | |
| # Get an oauth token to use in subsequent calls: | |
| # https://docs.gitlab.com/ee/api/oauth2.html#resource-owner-password-credentials-flow | |
| echo 'grant_type=password&username=root&password=MySuperSecretAndSecurePassw0rd!&scope=api%20write_repository' > auth.txt | |
| export token=$(curl --retry 12 --retry-all-errors --data "@auth.txt" --request POST --fail "http://localhost:2200/oauth/token" | jq -r '.access_token') | |
| echo "Token retrieved" | |
| # Create a super simple composer project and push to our new repo. | |
| mkdir /tmp/test | |
| cd /tmp/test | |
| composer require psr/log 1.0.0 | |
| git init | |
| git branch -m master | |
| git add composer.* | |
| git commit -m init | |
| # We could theoretically use the oauth token here as well, but | |
| # the tests will do that anyway. | |
| git remote add origin http://root:MySuperSecretAndSecurePassw0rd!@localhost:2200/root/new-project | |
| RETRIES_NO=5 | |
| RETRY_DELAY=3 | |
| for i in $(seq 1 $RETRIES_NO); do | |
| git push -u origin master && break | |
| [[ $i -eq $RETRIES_NO ]] && echo "Failed to execute git cmd after $RETRIES_NO retries" && exit 1 | |
| echo "retrying after $RETRY_DELAY" | |
| sleep ${RETRY_DELAY} | |
| done | |
| # One of the tests is with a PAT. So create one: | |
| # https://docs.gitlab.com/ee/api/user_tokens.html | |
| # Todo: Would be nice to instead create a regular user and not use the root | |
| # user here. | |
| export pat=$(curl --retry 12 --retry-all-errors --request POST --fail --header "Authorization: Bearer $token" --data "name=mytoken" \ | |
| --data "scopes[]=api&scopes[]=write_repository" --url "http://localhost:2200/api/v4/users/1/personal_access_tokens" | jq -r '.token') | |
| echo "token=$token" >> "$GITHUB_OUTPUT" | |
| echo "pat=$pat" >> "$GITHUB_OUTPUT" | |
| id: setup | |
| - name: Build test image | |
| run: docker build --build-arg COMPOSER_VERSION=$COMPOSER_VERSION --build-arg PHP_VERSION=$PHP_VERSION -t update-check-runner . | |
| env: | |
| COMPOSER_VERSION: ${{ matrix.composer-version }} | |
| PHP_VERSION: ${{ matrix.php-version }} | |
| - name: Run phpstan | |
| run: composer phpstan | |
| - run: | | |
| git status | |
| export MY_COMMIT=$(git log --format=format:%H -n1) | |
| echo $MY_COMMIT | |
| echo "COMMIT_SHA=$MY_COMMIT" >> $GITHUB_OUTPUT | |
| id: log | |
| - name: Coding style | |
| run: composer phpcs | |
| - name: Dump modules and ensure no diff | |
| run: | | |
| rm auth.txt | |
| docker run --rm update-check-runner php -m > module-list/${{ matrix.php-version }}.txt | |
| git status | |
| cat module-list/${{ matrix.php-version }}.txt | |
| php tests/produce-table.php | |
| if [ $(git status -s | wc -c) -ne 0 ]; then | |
| echo "Working tree is not clean:" | |
| git status | |
| git diff | |
| exit 1 | |
| fi | |
| - name: Run tests | |
| run: ./vendor/bin/phpunit | |
| env: | |
| COMPOSER_VERSION: ${{ matrix.composer-version }} | |
| PHP_VERSION: ${{ matrix.php-version }} | |
| GITHUB_PRIVATE_USER_TOKEN: ${{ secrets.GH_PRIVATE_USER_TOKEN }} | |
| GITHUB_PRIVATE_REPO: ${{ secrets.GH_PRIVATE_REPO }} | |
| GITLAB_PRIVATE_REPO: ${{ secrets.GITLAB_PRIVATE_REPO }} | |
| MY_COMMIT: ${{ steps.log.outputs.COMMIT_SHA }} | |
| SELF_HOSTED_GITLAB_PRIVATE_USER_TOKEN: ${{ steps.setup.outputs.token }} | |
| SELF_HOSTED_GITLAB_PRIVATE_REPO: http://172.17.0.1:2200/root/new-project | |
| BITBUCKET_CLIENT_ID: ${{ secrets.BITBUCKET_CLIENT_ID }} | |
| BITBUCKET_CLIENT_SECRET: ${{ secrets.BITBUCKET_CLIENT_SECRET }} | |
| BITBUCKET_REDIRECT_URI: ${{ secrets.BITBUCKET_REDIRECT_URI }} | |
| BITBUCKET_REFRESH_TOKEN: ${{ secrets.BITBUCKET_REFRESH_TOKEN }} | |
| BITBUCKET_PRIVATE_REPO: ${{ secrets.BITBUCKET_PRIVATE_REPO }} | |
| GITHUB_DRUPAL8_CONTRIB_PRIVATE_REPO: ${{ secrets.GH_DRUPAL8_CONTRIB_PRIVATE_REPO }} | |
| GITLAB_PRIVATE_REPO_NESTED_GROUP: ${{ secrets.GITLAB_PRIVATE_REPO_NESTED_GROUP }} | |
| GITHUB_PUBLIC_REPO: ${{ secrets.GH_PUBLIC_REPO }} | |
| GITHUB_PUBLIC_PROJECT_NID: ${{ secrets.GH_PUBLIC_PROJECT_NID }} | |
| GITHUB_FORK_TO: ${{ secrets.GH_FORK_TO }} | |
| TOKEN_URL: ${{ secrets.TOKEN_URL }} | |
| FORK_USER: ${{ secrets.FORK_USER }} | |
| FORK_MAIL: ${{ secrets.FORK_MAIL }} | |
| GITHUB_BUNDLED_REPO: ${{ secrets.GH_BUNDLED_REPO }} | |
| GITHUB_SECURITY_ONLY_REPO: ${{ secrets.GH_SECURITY_ONLY_REPO }} | |
| GITHUB_CONCURRENT_REPO: ${{ secrets.GH_CONCURRENT_REPO }} | |
| GITLAB_ASSIGNEE_REPO: ${{ secrets.GITLAB_ASSIGNEE_REPO }} | |
| GITHUB_REPO_ENV_REQUIRED: ${{ secrets.GH_REPO_ENV_REQUIRED }} | |
| GITLAB_REPO_GITHUB_DEP: ${{ secrets.GITLAB_REPO_GITHUB_DEP }} | |
| SELF_HOSTED_GITLAB_PERSONAL_ACCESS_TOKEN: ${{ steps.setup.outputs.pat }} | |
| GITHUB_DEFAULT_BRANCH_IN_CONFIG: ${{ secrets.GH_DEFAULT_BRANCH_IN_CONFIG }} | |
| GITHUB_PRIVATE_UPDATE_ALL_REPO: ${{ secrets.GH_PRIVATE_UPDATE_ALL_REPO }} | |
| GITHUB_PRIVATE_INDIRECT_WITH_DIRECT: ${{ secrets.GH_PRIVATE_INDIRECT_WITH_DIRECT }} | |
| GITLAB_SUPER_SECRET_URL_FOR_TOKEN: ${{ secrets.GITLAB_SUPER_SECRET_URL_FOR_TOKEN }} | |
| VALID_CI_LICENCE: ${{ secrets.VALID_CI_LICENCE }} | |
| BITBUCKET_APP_PASSWORD: ${{ secrets.BITBUCKET_APP_PASSWORD }} | |
| BITBUCKET_WITH_PRIVATE_DEP: ${{ secrets.BITBUCKET_WITH_PRIVATE_DEP }} |