quality code #23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: API CI | |
| on: | |
| push: | |
| paths: | |
| - '**/app/**' | |
| permissions: | |
| contents: read | |
| id-token: write | |
| packages: write # Allows push and delete GitHub packages | |
| jobs: | |
| security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: 'actions/checkout@v3' | |
| name: Checkout | |
| with: | |
| persist-credentials: false | |
| - name: Validates composer.json file content | |
| run: composer validate | |
| working-directory: './app/api/' | |
| - name: Symfony security checker | |
| uses: 'symfonycorp/security-checker-action@v4' | |
| with: | |
| lock: ./app/api/composer.lock | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: security | |
| # @see https://docs.github.com/fr/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idoutputs | |
| #outputs: | |
| # docker-image-output: ${{ steps.docker-image.outputs.stdout }} | |
| steps: | |
| - uses: 'actions/checkout@v3' | |
| name: Checkout | |
| with: | |
| persist-credentials: false | |
| - name: Login to GitHub Container Registry | |
| uses: 'docker/login-action@v1' | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GH_REPOSITORY_TOKEN }} | |
| - name: Set up Depot CLI | |
| uses: 'depot/setup-action@v1' | |
| # todo: replace ci tag by commit sha | |
| # @see https://github.com/depot/build-push-action | |
| - name: Build docker image for CI | |
| id: 'docker-image' | |
| uses: 'depot/build-push-action@v1' | |
| with: | |
| project: ${{ secrets.DEPOT_PROJECT_ID_API }} | |
| token: ${{ secrets.DEPOT_PROJECT_TOKEN_API }} | |
| push: true | |
| tags: ghcr.io/devgine/company-versioning-api:ci | |
| target: ci | |
| context: ./app | |
| #load: true # (--load) to download the image to local Docker daemon | |
| quality: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| container: | |
| image: ghcr.io/devgine/company-versioning-api:ci | |
| env: | |
| PHP_CS_FIXER_IGNORE_ENV: 1 | |
| steps: | |
| # todo: add cache | |
| - name: PHP code standard fixer (dry run) | |
| working-directory: /var/www/app | |
| run: ./vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.dist.php --dry-run | |
| - name: PHP Mess Detector | |
| working-directory: /var/www/app | |
| run: phpmd src,tests github phpmd.xml.dist | |
| - name: PHP Copy Paste Detector | |
| working-directory: /var/www/app | |
| run: phpcpd src | |
| - name: PHP code static analyses | |
| working-directory: /var/www/app | |
| run: ./vendor/bin/phpstan analyse -c phpstan.neon --memory-limit=256M | |
| tests: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| container: ghcr.io/devgine/company-versioning-api:ci | |
| steps: | |
| # todo: add cache | |
| - name: PHP unit tests | |
| working-directory: /var/www/app | |
| run: ./vendor/bin/phpunit | |
| #uses: docker://ghcr.io/symfony-examples/doctrine-mongodb:ci | |
| packaging: | |
| env: | |
| REPOSITORY: ghcr.io/devgine | |
| IMAGE: company-versioning-api | |
| VERSION: ${{ github.ref_name }} | |
| runs-on: ubuntu-latest | |
| needs: [quality, tests] | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: 'actions/checkout@v3' | |
| - name: Set up Depot CLI | |
| uses: 'depot/setup-action@v1' | |
| - name: Login to GitHub Container Registry | |
| uses: 'docker/login-action@v1' | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GH_REPOSITORY_TOKEN }} | |
| - name: Process builder | |
| shell: bash | |
| run: | | |
| echo "build_version=dev" >> $GITHUB_ENV | |
| echo "my_docker_image=$REPOSITORY/$IMAGE:dev,$REPOSITORY/$IMAGE:${{ github.sha }}" >> $GITHUB_ENV | |
| echo "build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ")" >> $GITHUB_ENV | |
| - name: Docker image build and push | |
| uses: 'depot/build-push-action@v1' | |
| with: | |
| project: ${{ secrets.DEPOT_PROJECT_ID_API }} | |
| token: ${{ secrets.DEPOT_PROJECT_TOKEN_API }} | |
| push: true | |
| tags: ${{ env.my_docker_image }} | |
| target: devenv | |
| context: ./app | |
| build-args: | | |
| VCS_REF=${{ github.sha }} | |
| BUILD_DATE=${{ env.build_date }} | |
| BUILD_VERSION=${{ env.build_version }} |