Benzine/Github-Actions-Setup-PHP
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions2

To the tune of "shots": Tests, Tests, Tests, Tests, Tests!

Browse source
This commit is contained in:
Greyscale 2024-05-18 19:59:54 +02:00
parent d3610b8364
commit de0f393f69
15 changed files with 229 additions and 8 deletions

6
.actrc Normal file
View file

@ -0,0 +1,6 @@
--use-new-action-cache
--platform self-hosted=ghcr.io/catthehacker/ubuntu:act-latest
--platform ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest
--platform ubuntu-22.04=ghcr.io/catthehacker/ubuntu:act-22.04
--platform ubuntu-20.04=ghcr.io/catthehacker/ubuntu:act-20.04
--platform ubuntu-18.04=ghcr.io/catthehacker/ubuntu:act-18.04

56
.github/workflows/test.yml vendored Normal file
View file

@ -0,0 +1,56 @@
name: Test
permissions: read-all
on:
push:
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
test-no-composer-file:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.
- run: |
# Verify that PHP is available
if ! command -v php; then
echo "PHP is not available"
exit 1
fi
# Verify composer made it too.
if ! command -v composer; then
echo "Composer is not available"
exit 1
fi
# PHP Version is 8.3 or greater
if [ "$(php -r 'echo PHP_VERSION_ID;')" -lt 80300 ]; then
echo "PHP Version is less than 8.3"
exit 1
fi
test-with-composer-file:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: |
echo '{"require": {"php": ">=7.4"}}' > composer.json
- uses: ./.
- run: |
# Verify that PHP is available
if ! command -v php; then
echo "PHP is not available"
exit 1
fi
# Verify composer made it too.
if ! command -v composer; then
echo "Composer is not available"
exit 1
fi
# PHP Version is equal to 7.4
if [ "$(php -r 'echo PHP_VERSION_ID;')" -gte 70400 && "$(php -r 'echo PHP_VERSION_ID;')" -lt 70500 ]; then
echo "PHP Version is not 7.4. Got $(php -r 'echo PHP_VERSION_ID;') instead of between 70400-70500"
exit 1
fi

31
.github/workflows/trunk.cache.yml vendored Normal file
View file

@ -0,0 +1,31 @@
name: "Quality Control: Trunk Cache"
permissions: read-all
on:
workflow_call:
workflow_dispatch:
push:
branches:
- main
paths:
- .trunk/trunk.yaml
schedule:
- cron: "0 9 * * 1" # 9am Tooling Monday
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
trunk-cache:
name: Trunk Cache
runs-on: ubuntu-latest
permissions:
actions: write
steps:
- uses: actions/checkout@v4
- name: "Trunk Cache"
uses: trunk-io/trunk-action@v1
with:
check-mode: populate_cache_only

28
.github/workflows/trunk.check.yml vendored Normal file
View file

@ -0,0 +1,28 @@
name: "Quality Control: Trunk Check"
permissions: read-all
on:
workflow_call:
workflow_dispatch:
push:
branches:
- main
schedule:
- cron: "0 11 * * 2" # 11am Patch Tuesday
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
trunk-check:
name: Trunk Check Runner
runs-on: ubuntu-latest
permissions:
checks: write # For trunk to post annotations
contents: read # For repo checkout
steps:
- uses: actions/checkout@v4
- name: "Trunk Check"
uses: trunk-io/trunk-action@v1

3
.gitignore vendored
View file

@ -1 +1,2 @@
.idea
/.idea
/.secrets

9
.trunk/.gitignore vendored Normal file
View file

@ -0,0 +1,9 @@
*out
*logs
*actions
*notifications
*tools
plugins
user_trunk.yaml
user.yaml
tmp

3
.trunk/configs/.checkov.yaml Normal file
View file

@ -0,0 +1,3 @@
---
skip-check:
- CKV_SECRET_* # Skip all checks that start with CKV_SECRET, we already have gitleaks doing this.

3
.trunk/configs/.hadolint.yaml Normal file
View file

@ -0,0 +1,3 @@
ignored:
- DL3006
- DL3008

10
.trunk/configs/.markdownlint.yaml Normal file
View file

@ -0,0 +1,10 @@
# Autoformatter friendly markdownlint config (all formatting rules disabled)
default: true
blank_lines: false
bullet: false
html: false
indentation: false
line_length: false
spaces: false
url: false
whitespace: false

1
.trunk/configs/.markdownlintignore Normal file
View file

@ -0,0 +1 @@
LICENCE.md

0
.trunk/configs/.shellcheck Normal file
View file

6
.trunk/configs/.shellcheckrc Normal file
View file

@ -0,0 +1,6 @@
enable=all
source-path=SCRIPTDIR
# If you're having issues with shellcheck following source, disable the errors via:
# disable=SC1090
# disable=SC1091

15
.trunk/configs/.yamllint.yaml Normal file
View file

@ -0,0 +1,15 @@
extends: relaxed
rules:
quoted-strings:
required: only-when-needed
extra-allowed: ["{|*}"]
empty-values:
forbid-in-block-mappings: false
forbid-in-flow-mappings: false
ignore:
- .github/workflows/*.yml
key-duplicates: {}
octal-values:
forbid-implicit-octal: true
document-start: disable
line-length: disable

37
.trunk/trunk.yaml Normal file
View file

@ -0,0 +1,37 @@
# This file controls the behavior of Trunk: https://docs.trunk.io/cli
# To learn more about the format of this file, see https://docs.trunk.io/reference/trunk-yaml
version: 0.1
cli:
version: 1.22.1
# Trunk provides extensibility via plugins. (https://docs.trunk.io/plugins)
plugins:
sources:
- id: trunk
ref: v1.5.0
uri: https://github.com/trunk-io/plugins
# Many linters and tools depend on runtimes - configure them here. (https://docs.trunk.io/runtimes)
runtimes:
enabled:
- node@18.12.1
- python@3.10.8
# This is the section where you manage your linters. (https://docs.trunk.io/check/configuration)
lint:
disabled:
- git-diff-check
enabled:
- actionlint@1.7.0
- checkov@3.2.95
- markdownlint@0.40.0
- prettier@3.2.5
- trivy@0.51.1
- trufflehog@3.76.3
- yamllint@1.35.1
actions:
enabled:
- trunk-announce
- trunk-check-pre-push
- trunk-fmt-pre-commit
- trunk-upgrade-available
tools:
enabled:
- act@0.2.62

29
action.yml
View file

@ -26,7 +26,18 @@ runs:
- id: read-php-version
shell: bash
working-directory: ${{ inputs.working_directory }}
run: echo "php_version=$(jq -r '.require["php"]' composer.json | sed -E 's/[^0-9.]//g')" >> $GITHUB_OUTPUT
run: |
# if composer.json exists, set the php_version output
if [ -f composer.json ]; then
# And that the require php key exists
if jq -e '.require["php"]' composer.json > /dev/null; then
php_version=$(jq -r '.require["php"]' composer.json | sed -E 's/[^0-9.]//g')
echo "Detected PHP version $php_version from composer.json"
echo "php_version=$php_version" >> $GITHUB_OUTPUT
echo "has_composer=true" >> $GITHUB_OUTPUT
exit 0
fi
fi
- uses: shivammathur/setup-php@v2
with:
php-version: ${{ steps.read-php-version.outputs.php_version }}
@ -40,27 +51,31 @@ runs:
echo "restore-key=${{ runner.os }}-${{ inputs.working_directory }}-composer-"
} >> $GITHUB_OUTPUT
- id: composer-cache-restore
if: ${{ steps.read-php-version.outputs.has_composer }}
uses: actions/cache/restore@v4
with:
path: ${{ steps.composer-cache-find.outputs.dir }}
key: ${{ steps.composer-cache-find.outputs.key
restore-keys: ${{ steps.composer-cache-find.outputs.restore-key }}
- working-directory: ${{ inputs.working_directory }}
if: ${{ steps.read-php-version.outputs.has_composer }}
shell: bash
run: composer install --ignore-platform-reqs --prefer-dist
- id: composer-cache-save
if: ${{ steps.read-php-version.outputs.has_composer }}
uses: actions/cache/save@v4
with:
path: ${{ steps.composer-cache-find.outputs.dir }}
key: ${{ steps.composer-cache-find.outputs.key }}
path: ${{ steps.composer-cache-find.outputs.dir }}
key: ${{ steps.composer-cache-find.outputs.key }}
- shell: bash
run: |
echo "PHP Version: ${{ steps.read-php-version.outputs.php_version }}"
echo "PHP Tools: ${{ inputs.php_tools }}"
echo "Composer Cache Dir: ${{ steps.composer-cache-find.outputs.dir }}"
echo "Composer Cache Key: ${{ steps.composer-cache-find.outputs.key }}"
echo "Composer Cache Restore Key: ${{ steps.composer-cache-find.outputs.restore-key }}"
if [ ${{ steps.read-php-version.outputs.has_composer }} == "true" ]; then
echo "Composer Cache Dir: ${{ steps.composer-cache-find.outputs.dir }}"
echo "Composer Cache Key: ${{ steps.composer-cache-find.outputs.key }}"
echo "Composer Cache Restore Key: ${{ steps.composer-cache-find.outputs.restore-key }}"
fi
{
echo "PHP_VERSION=${{ steps.read-php-version.outputs.php_version }}"
} >> $GITHUB_ENV