Home Explore Help
Sign In
SMusatov
/
PHP-CS-Fixer
mirror of https://github.com/PHP-CS-Fixer/PHP-CS-Fixer.git
1
0
Fork 0
Files
Tree: d261c828d2
Branches Tags
PHP-CS-Fixer
/
.github
/
workflows
/
sca.yml

sca.yml 4.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132 
  1. name: Static Code Analysis
    2. 

  2. 

  3. on:
    4. 

  4.   - pull_request
    5. 

  5.   - push
    6. 

  6. 

  7. permissions:
    8. 

  8.   contents: read # to fetch code (actions/checkout)
    9. 

  9. 

  10. concurrency:
    11. 

  11.   group: sca-${{ github.head_ref || github.run_id }} # will be canceled on subsequent pushes in pull requests but not branches
    12. 

  12.   cancel-in-progress: true
    13. 

  13. 

  14. jobs:
    15. 

  15.   tests:
    16. 

  16.     strategy:
    17. 

  17.       fail-fast: false
    18. 

  18.       matrix:
    19. 

  19.         operating-system:
    20. 

  20.           - ubuntu-20.04
    21. 

  21.         php-version:
    22. 

  22.           - 8.1
    23. 

  23. 

  24.     name: Static Code Analysis
    25. 

  25. 

  26.     runs-on: ${{ matrix.operating-system }}
    27. 

  27. 

  28.     steps:
    29. 

  29.       - name: Checkout code
    30. 

  30.         uses: actions/checkout@v3
    31. 

  31.         with:
    32. 

  32.           fetch-depth: 0
    33. 

  33. 

  34.       - name: Setup PHP
    35. 

  35.         uses: shivammathur/setup-php@v2
    36. 

  36.         with:
    37. 

  37.           php-version: ${{ matrix.php-version }}
    38. 

  38.           extensions: none, dom, mbstring, opcache, simplexml, tokenizer, xml, xmlwriter
    39. 

  39.           coverage: none # without this Xdebug will be enabled
    40. 

  40.           tools: cs2pr
    41. 

  41. 

  42.       - name: Get Composer cache directory
    43. 

  43.         id: composer-cache
    44. 

  44.         run: echo "dir=$(composer config cache-dir)" >> $GITHUB_OUTPUT
    45. 

  45. 

  46.       - name: Cache dependencies
    47. 

  47.         uses: actions/cache@v3
    48. 

  48.         with:
    49. 

  49.           path: ${{ steps.composer-cache.outputs.dir }}
    50. 

  50.           key: composer-${{ runner.os }}-${{ matrix.php-version }}-${{ hashFiles('**/composer.*') }}-${{ matrix.composer-flags }}
    51. 

  51.           restore-keys: |
    52. 

  52.             composer-${{ runner.os }}-${{ matrix.php-version }}-${{ hashFiles('**/composer.*') }}-
    53. 

  53.             composer-${{ runner.os }}-${{ matrix.php-version }}-
    54. 

  54.             composer-${{ runner.os }}-
    55. 

  55.             composer-
    56. 

  56. 

  57.       - name: Install dependencies
    58. 

  58.         uses: nick-invision/retry@v2
    59. 

  59.         with:
    60. 

  60.           timeout_minutes: 5
    61. 

  61.           max_attempts: 5
    62. 

  62.           retry_wait_seconds: 30
    63. 

  63.           command: composer update --optimize-autoloader --no-interaction --no-progress ${{ matrix.composer-flags }}
    64. 

  64. 

  65.       - name: Report versions
    66. 

  66.         run: composer info -D
    67. 

  67. 

  68.       ## We want to have a lock-file used on PR level, so contributors are not bothered by SCA complains unrelated to their changes,
    69. 

  69.       ## and same time we want to be aware that we are complying with bleeding edge of SCA tools as maintainers observing the push hook.
    70. 

  70.       - name: Unlock dev-tools
    71. 

  71.         if: ${{ github.event_name != 'pull_request' }}
    72. 

  72.         run: rm ./dev-tools/composer.lock
    73. 

  73. 

  74.       - name: Install dev-tools
    75. 

  75.         uses: nick-invision/retry@v2
    76. 

  76.         with:
    77. 

  77.           timeout_minutes: 5
    78. 

  78.           max_attempts: 5
    79. 

  79.           retry_wait_seconds: 30
    80. 

  80.           command: ./dev-tools/install.sh
    81. 

  81. 

  82.       - name: Check - file permissions
    83. 

  83.         run: ./dev-tools/check_file_permissions.sh
    84. 

  84. 

  85.       - name: Check - trailing spaces
    86. 

  86.         run: ./dev-tools/check_trailing_spaces.sh
    87. 

  87. 

  88.       - name: Check - phpstan
    89. 

  89.         run: ./dev-tools/vendor/bin/phpstan analyse --error-format=checkstyle | cs2pr
    90. 

  90. 

  91.       - name: Check - composer-require-checker
    92. 

  92.         run: ./dev-tools/vendor/bin/composer-require-checker check composer.json --config-file .composer-require-checker.json
    93. 

  93. 

  94.       - name: Check - composer normalize
    95. 

  95.         run: |
    96. 

  96.           composer normalize --dry-run --working-dir=./dev-tools ../composer.json
    97. 

  97.           composer normalize --dry-run --working-dir=./dev-tools composer.json
    98. 

  98. 

  99.       - name: Check - shell scripts
    100. 

  100.         run: ./dev-tools/check_shell_scripts.sh
    101. 

  101. 

  102.       - name: Find changed files (for pull request)
    103. 

  103.         if: ${{ github.event_name == 'pull_request' }}
    104. 

  104.         run: |
    105. 

  105.           if git diff origin/$GITHUB_BASE_REF --name-only --diff-filter=ACMRTUXB | grep -E "\.php$"; then
    106. 

  106.             echo 'CHANGED_PHP_FILES<<EOF' >> $GITHUB_ENV
    107. 

  107.             git diff origin/$GITHUB_BASE_REF --name-only --diff-filter=ACMRTUXB | grep -E "\.php$" >> $GITHUB_ENV
    108. 

  108.             echo 'EOF' >> $GITHUB_ENV
    109. 

  109.           fi
    110. 

  110. 

  111.       - name: Find changed files (for push)
    112. 

  112.         if: ${{ github.event_name != 'pull_request' }}
    113. 

  113.         run: |
    114. 

  114.           if git diff --name-only --diff-filter=ACMRTUXB HEAD~..HEAD | grep -E "\.php$"; then
    115. 

  115.             echo 'CHANGED_PHP_FILES<<EOF' >> $GITHUB_ENV
    116. 

  116.             git diff --name-only --diff-filter=ACMRTUXB HEAD~..HEAD | grep -E "\.php$" >> $GITHUB_ENV
    117. 

  117.             echo 'EOF' >> $GITHUB_ENV
    118. 

  118.           fi
    119. 

  119. 

  120.       - name: Check - Mess Detector (phpmd)
    121. 

  121.         if: ${{ env.CHANGED_PHP_FILES }}
    122. 

  122.         run: |
    123. 

  123.           if [ '${{ github.event_name }}' == 'pull_request' ]; then
    124. 

  124.             ./dev-tools/vendor/bin/phpmd `echo "$CHANGED_PHP_FILES" | grep -v /Fixtures/ | xargs | sed 's/ /,/g'` github ./dev-tools/mess-detector/phpmd.xml
    125. 

  125.           else
    126. 

  126.             ./dev-tools/vendor/bin/phpmd `echo "$CHANGED_PHP_FILES" | grep -v /Fixtures/ | xargs | sed 's/ /,/g'` ansi ./dev-tools/mess-detector/phpmd.xml
    127. 

  127.           fi
    128. 

  128. 

  129.       - name: Check - ensure test files are not present in the archive
    130. 

  130.         run: |
    131. 

  131.           git archive -o /dev/null HEAD -v 2>&1 | grep tests | grep \.php \
    132. 

  132.           && (echo "Test files detected in archive" && exit 1) || echo "No test files detected in archive"
    133.