diff --git a/.editorconfig b/.editorconfig index 257221d23d..5e9a93ea50 100644 --- a/.editorconfig +++ b/.editorconfig @@ -12,3 +12,6 @@ trim_trailing_whitespace = true [*.md] trim_trailing_whitespace = false + +[*.yml] +indent_size = 2 diff --git a/.github/actions/php-setup/action.yml b/.github/actions/php-setup/action.yml new file mode 100644 index 0000000000..c31c7646d0 --- /dev/null +++ b/.github/actions/php-setup/action.yml @@ -0,0 +1,83 @@ +--- +name: PHP setup with composer. +description: Setup PHP environment with composer and install dependencies. + +inputs: + composer-command: + description: Composer command (install or update) to run. + default: update + required: false + type: string + composer-flags: + description: Additional composer flags + default: >- + --prefer-dist + --no-interaction + --no-progress + --optimize-autoloader + --ansi + required: false + type: string + composer-version: + description: Composer version to use. + default: + required: false + type: string + coverage-driver: + description: Code coverage driver to use (pcov, xdebug). + default: none + required: false + type: string + extensions: + description: List of extensions to PHP. + default: + required: false + type: string + ignore-platform-reqs: + description: Whether to add --ignore-platform-reqs to composer command. + default: false + required: false + type: boolean + ini-values: + description: Initial values for PHP configuration. + default: date.timezone='UTC' + required: false + type: string + php-version: + description: PHP versions as a JSON array string '["8.4"]'. + default: '["7.4","8.0","8.1","8.2","8.3","8.4"]' + required: false + type: string + tools: + description: Tools to test, separated by comma. + default: pie + required: false + type: string + +runs: + using: composite + steps: + - name: Install PHP + uses: shivammathur/setup-php@v2 + with: + coverage: ${{ inputs.coverage-driver }} + extensions: ${{ inputs.extensions }} + ini-values: ${{ inputs.ini-values }} + php-version: ${{ inputs.php-version }} + tools: ${{ inputs.tools }} + + - name: Update composer. + shell: bash + run: composer self-update ${{ inputs.composer-version }} + + - name: Install dependencies with composer. + shell: bash + run: >- + composer + ${{ inputs.composer-command }} + ${{ inputs.composer-flags }} + ${{ + inputs.ignore-platform-reqs == 'true' + && '--ignore-platform-reqs' + || '' + }} diff --git a/.github/actions/phpunit/action.yml b/.github/actions/phpunit/action.yml new file mode 100644 index 0000000000..873bfe804c --- /dev/null +++ b/.github/actions/phpunit/action.yml @@ -0,0 +1,129 @@ +--- +name: PHPUnit Test Runner. +description: Run PHPUnit tests with coverage and configurable options. + +inputs: + additional-args: + description: Additional PHPUnit arguments. + default: "--verbose" + required: false + type: string + configuration: + description: PHPUnit configuration file. + default: "" + required: false + type: string + coverage-driver: + description: Code coverage driver to use (pcov, xdebug, none). + default: none + required: false + type: string + coverage-file: + description: Coverage output file name. + default: coverage.xml + required: false + type: string + coverage-format: + description: Coverage report format (clover, html, xml). + default: clover + required: false + type: string + coverage-token: + description: Codecov token for uploading coverage. + default: "" + required: false + type: string + debug: + description: Display warnings in phpunit. + default: "" + required: false + type: string + exclude-group: + description: Exclude group from phpunit. + default: "" + required: false + type: string + group: + description: Include specific group in phpunit. + default: "" + required: false + type: string + path: + description: Path to PHPUnit executable. + default: vendor/bin/phpunit + required: false + type: string + test-suite: + description: Specific test suite to run. + default: "" + required: false + type: string + +runs: + using: composite + steps: + - name: Build PHPUnit command. + id: build-cmd + shell: bash + run: | + PATH_INPUT="${{ inputs.path }}" + CONFIG_INPUT="${{ inputs.configuration }}" + SUITE_INPUT="${{ inputs.test-suite }}" + GROUP_INPUT="${{ inputs.group }}" + EXCLUDE_GROUP_INPUT="${{ inputs.exclude-group }}" + DEBUG_INPUT="${{ inputs.debug }}" + ADDITIONAL_ARGS="${{ inputs.additional-args }}" + COVERAGE_DRIVER="${{ inputs.coverage-driver }}" + COVERAGE_FORMAT="${{ inputs.coverage-format }}" + COVERAGE_FILE="${{ inputs.coverage-file }}" + + PHPUNIT_CMD="$PATH_INPUT --colors=always" + + add_param() { + if [ -n "$2" ]; then + PHPUNIT_CMD="$PHPUNIT_CMD $1 $2" + fi + } + + if [ -n "$COVERAGE_DRIVER" ] && [ "$COVERAGE_DRIVER" != "none" ]; then + PHPUNIT_CMD="$PHPUNIT_CMD --coverage-$COVERAGE_FORMAT=$COVERAGE_FILE" + fi + + add_param "--configuration" "$CONFIG_INPUT" + add_param "--testsuite" "$SUITE_INPUT" + add_param "--group" "$GROUP_INPUT" + add_param "--exclude-group" "$EXCLUDE_GROUP_INPUT" + + if [ -n "$DEBUG_INPUT" ]; then + PHPUNIT_CMD="$PHPUNIT_CMD $DEBUG_INPUT" + fi + + if [ -n "$ADDITIONAL_ARGS" ]; then + PHPUNIT_CMD="$PHPUNIT_CMD $ADDITIONAL_ARGS" + fi + + echo "command=$PHPUNIT_CMD" >> $GITHUB_OUTPUT + echo "PHPUnit command: $PHPUNIT_CMD" + + - name: Run PHPUnit tests on Linux. + shell: bash + if: runner.os != 'Windows' + run: ${{ steps.build-cmd.outputs.command }} + + - name: Run PHPUnit tests on Windows. + shell: pwsh + if: runner.os == 'Windows' + run: Invoke-Expression "${{ steps.build-cmd.outputs.command }}" + + - name: Upload test results to Codecov. + if: ${{ !cancelled() && inputs.coverage-driver != 'none' }} + uses: codecov/test-results-action@v1 + with: + token: ${{ inputs.coverage-token }} + + - name: Upload coverage to Codecov. + if: ${{ !cancelled() && inputs.coverage-driver != 'none' }} + uses: codecov/codecov-action@v5 + with: + token: ${{ inputs.coverage-token }} + file: ./${{ inputs.coverage-file }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ddd47c7eed..4f54d9e5a5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,58 +1,105 @@ +--- name: build -on: [push, pull_request] +permissions: + contents: read + pull-requests: write + +on: + - pull_request + - push concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true +env: + PHP_EXTENSIONS: curl, dom, imagick, intl, mbstring, mcrypt, memcached + PHP_INI_VALUES: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC' + PHPUNIT_EXCLUDE_GROUP: db,wincache + XDEBUG_MODE: coverage + jobs: phpunit: name: PHP ${{ matrix.php }} - env: - DEFAULT_COMPOSER_FLAGS: "--prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi" - EXTENSIONS: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, curl, dom, imagick, intl, mbstring, mcrypt, memcached - PHPUNIT_COMMAND: --verbose --exclude-group db,wincache --coverage-clover=coverage.xml --colors=always - XDEBUG_MODE: coverage - runs-on: ubuntu-latest + services: + memcached: + image: memcached:latest + ports: + - 11211:11211 + options: >- + --health-cmd "timeout 5 bash -c 'cat < /dev/null > /dev/tcp/127.0.0.1/11211'" + --health-interval 10s + --health-retries 5 + --health-timeout 5s + strategy: fail-fast: false matrix: - php: [7.4, 8.0, 8.1, 8.2, 8.3, 8.4, 8.5] + php: [7.4, 8.0, 8.1, 8.2, 8.3, 8.4] steps: - - name: Generate french locale. - run: sudo locale-gen fr_FR.UTF-8 - - name: Checkout. uses: actions/checkout@v5 - - name: Install PHP. - uses: shivammathur/setup-php@v2 + - name: Generate french locale. + run: sudo locale-gen fr_FR.UTF-8 + + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - coverage: ${{ matrix.php < 8.1 && 'xdebug' || 'pcov' }} - extensions: ${{ env.EXTENSIONS }} - ini-values: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC', session.save_path="${{ runner.temp }}" + coverage-driver: ${{ matrix.php < 8.1 && 'xdebug' || 'pcov' }} + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" php-version: ${{ matrix.php }} - tools: pie - - name: Install Memcached. - uses: niden/actions-memcached@v7 - - - name: Update composer. - run: composer self-update - - - name: Install dependencies with composer. - run: composer update $DEFAULT_COMPOSER_FLAGS ${{ matrix.php == 8.5 && '--ignore-platform-reqs' || '' }} - - - name: Run tests with PHPUnit. - run: vendor/bin/phpunit ${{ env.PHPUNIT_COMMAND }} - - - name: Upload coverage to Codecov. - uses: codecov/codecov-action@v5 + - name: Run PHPUnit tests. + uses: ./.github/actions/phpunit with: - token: ${{ secrets.CODECOV_TOKEN }} - file: ./coverage.xml + coverage-driver: ${{ matrix.php < 8.1 && 'xdebug' || 'pcov' }} + coverage-token: ${{ secrets.CODECOV_TOKEN }} + exclude-group: ${{ env.PHPUNIT_EXCLUDE_GROUP }} + + phpunit-dev: + name: PHP ${{ matrix.php }} + + runs-on: ubuntu-latest + + services: + memcached: + image: memcached:latest + ports: + - 11211:11211 + options: >- + --health-cmd "timeout 5 bash -c 'cat < /dev/null > /dev/tcp/127.0.0.1/11211'" + --health-interval 10s + --health-retries 5 + --health-timeout 5s + + strategy: + fail-fast: false + matrix: + php: [8.5, 8.6] + + steps: + - name: Checkout. + uses: actions/checkout@v5 + + - name: Generate french locale. + run: sudo locale-gen fr_FR.UTF-8 + + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup + with: + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ignore-platform-reqs: true + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" + php-version: ${{ matrix.php }} + + - name: Run PHPUnit tests. + uses: ./.github/actions/phpunit + with: + exclude-group: ${{ env.PHPUNIT_EXCLUDE_GROUP }} diff --git a/.github/workflows/ci-mariadb.yml b/.github/workflows/ci-mariadb.yml index 2d3f56e3f8..d60e07a9c3 100644 --- a/.github/workflows/ci-mariadb.yml +++ b/.github/workflows/ci-mariadb.yml @@ -1,20 +1,27 @@ +--- +name: ci-mariadb + +permissions: + contents: read + pull-requests: write + on: - pull_request - push -name: ci-mariadb - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: tests: - name: PHP ${{ matrix.php }}-mariadb-${{ matrix.mariadb }} + name: PHP ${{ matrix.php }}-${{ matrix.mariadb }} env: - COVERAGE: ${{ matrix.php == '7.4' && '--coverage-clover=coverage.xml --colors=always' || '--colors=always' }} - EXTENSIONS: curl, intl, pdo, pdo_mysql, ${{ matrix.php == '8.0' && 'xdebug-3.3.2' || 'xdebug' }} + COVERAGE_DRIVER: ${{ matrix.php == 7.4 && 'xdebug' || 'none' }} + PHP_EXTENSIONS: curl, intl, pdo, pdo_mysql + PHP_INI_VALUES: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC' + PHPUNIT_GROUP: mysql XDEBUG_MODE: coverage runs-on: ubuntu-latest @@ -35,33 +42,33 @@ jobs: MARIADB_DATABASE: yiitest ports: - 3306:3306 - options: --health-cmd="mariadb-admin ping" --health-interval=10s --health-timeout=5s --health-retries=3 + options: >- + --name=mariadb + --health-cmd="mariadb-admin ping" + --health-interval=10s + --health-retries=3 + --health-timeout=5s + --mount type=tmpfs,destination=/var/lib/mysql steps: + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 + - name: Checkout. uses: actions/checkout@v5 - - name: Install PHP with extensions. - uses: shivammathur/setup-php@v2 + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - coverage: xdebug - extensions: ${{ env.EXTENSIONS }} - ini-values: date.timezone='UTC' + coverage-driver: ${{ env.COVERAGE_DRIVER }} + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" php-version: ${{ matrix.php }} - tools: pie - - name: Update composer. - run: composer self-update - - - name: Install dependencies. - run: composer update --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi - - - name: Run MariaDB tests with PHPUnit. - run: vendor/bin/phpunit --group mysql ${{ env.COVERAGE }} - - - name: Upload coverage to Codecov. - if: matrix.php == '7.4' - uses: codecov/codecov-action@v5 + - name: Run PHPUnit tests. + uses: ./.github/actions/phpunit with: - token: ${{ secrets.CODECOV_TOKEN }} - file: ./coverage.xml + coverage-driver: ${{ env.COVERAGE_DRIVER }} + coverage-token: ${{ secrets.CODECOV_TOKEN }} + group: ${{ env.PHPUNIT_GROUP }} diff --git a/.github/workflows/ci-mssql.yml b/.github/workflows/ci-mssql.yml index be06bdcb43..4013b01de9 100644 --- a/.github/workflows/ci-mssql.yml +++ b/.github/workflows/ci-mssql.yml @@ -1,9 +1,14 @@ +--- +name: ci-mssql + +permissions: + contents: read + pull-requests: write + on: - pull_request - push -name: ci-mssql - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -13,8 +18,10 @@ jobs: name: PHP ${{ matrix.php }}-mssql-${{ matrix.mssql.version }} env: - COVERAGE: ${{ matrix.php == '7.4' && '--coverage-clover=coverage.xml --colors=always' || '--colors=always' }} - EXTENSIONS: pdo, pdo_sqlsrv, ${{ matrix.php == '8.0' && 'xdebug-3.3.2' || 'xdebug' }} + COVERAGE_DRIVER: ${{ matrix.php == 7.4 && 'xdebug' || 'none' }} + PHP_EXTENSIONS: curl, intl, pdo, pdo_sqlsrv + PHP_INI_VALUES: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC' + PHPUNIT_GROUP: mssql XDEBUG_MODE: coverage runs-on: ubuntu-latest @@ -36,46 +43,45 @@ jobs: services: mssql: - image: mcr.microsoft.com/mssql/${{ matrix.mssql.version }} - env: - SA_PASSWORD: YourStrong!Passw0rd - ACCEPT_EULA: Y - MSSQL_PID: Developer - ports: - - 1433:1433 - options: --name=mssql --health-cmd="${{ matrix.mssql.mssql-tool }} -S localhost -U SA -P 'YourStrong!Passw0rd' -Q 'SELECT 1'" --health-interval=10s --health-timeout=5s --health-retries=3 + image: mcr.microsoft.com/mssql/${{ matrix.mssql.version }} + env: + SA_PASSWORD: YourStrong!Passw0rd + ACCEPT_EULA: Y + MSSQL_PID: Developer + ports: + - 1433:1433 + options: >- + --name=mssql + --health-cmd="${{ matrix.mssql.mssql-tool }} -S localhost -U SA -P 'YourStrong!Passw0rd' -Q 'SELECT 1'" + --health-interval=10s + --health-retries=3 + --health-timeout=5s steps: - - name: Install ODBC driver - run: sudo ACCEPT_EULA=Y apt-get install -y msodbcsql18 + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 - - name: Checkout + - name: Checkout. uses: actions/checkout@v5 - - name: Create MS SQL Database + - name: Install ODBC driver. + run: sudo ACCEPT_EULA=Y apt-get install -y msodbcsql18 + + - name: Create MS SQL Database. run: docker exec -i mssql ${{ matrix.mssql.mssql-tool }} -S localhost -U SA -P 'YourStrong!Passw0rd' -Q 'CREATE DATABASE yiitest' - - name: Install PHP with extensions - uses: shivammathur/setup-php@v2 + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - coverage: xdebug - extensions: ${{ env.EXTENSIONS }} - ini-values: date.timezone='UTC' + coverage-driver: ${{ env.COVERAGE_DRIVER }} + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" php-version: ${{ matrix.php }} - tools: pie - - name: Update composer. - run: composer self-update - - - name: Install dependencies with composer. - run: composer update --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi - - - name: Run tests with PHPUnit. - run: vendor/bin/phpunit --group mssql ${{ env.COVERAGE }} - - - name: Upload coverage to Codecov. - if: matrix.php == '7.4' - uses: codecov/codecov-action@v5 + - name: Run PHPUnit tests. + uses: ./.github/actions/phpunit with: - token: ${{ secrets.CODECOV_TOKEN }} - file: ./coverage.xml + coverage-driver: ${{ env.COVERAGE_DRIVER }} + coverage-token: ${{ secrets.CODECOV_TOKEN }} + group: ${{ env.PHPUNIT_GROUP }} diff --git a/.github/workflows/ci-mysql.yml b/.github/workflows/ci-mysql.yml index 973e016cfa..2275eb9013 100644 --- a/.github/workflows/ci-mysql.yml +++ b/.github/workflows/ci-mysql.yml @@ -1,9 +1,14 @@ +--- +name: ci-mysql + +permissions: + contents: read + pull-requests: write + on: - pull_request - push -name: ci-mysql - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -13,8 +18,10 @@ jobs: name: PHP ${{ matrix.php }}-mysql-${{ matrix.mysql }} env: - COVERAGE: ${{ matrix.php == '7.4' && '--coverage-clover=coverage.xml --colors=always' || '--colors=always' }} - EXTENSIONS: curl, intl, pdo, pdo_mysql, ${{ matrix.php == '8.0' && 'xdebug-3.3.2' || 'xdebug' }} + COVERAGE_DRIVER: ${{ matrix.php == 7.4 && 'xdebug' || 'none' }} + PHP_EXTENSIONS: curl, intl, pdo, pdo_mysql + PHP_INI_VALUES: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC' + PHPUNIT_GROUP: mysql XDEBUG_MODE: coverage runs-on: ubuntu-latest @@ -33,33 +40,33 @@ jobs: MYSQL_DATABASE: yiitest ports: - 3306:3306 - options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3 + options: >- + --name=mysql + --health-cmd="mysqladmin ping" + --health-interval=10s + --health-retries=3 + --health-timeout=5s + --mount type=tmpfs,destination=/var/lib/mysql steps: + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 + - name: Checkout. uses: actions/checkout@v5 - - name: Install PHP with extensions. - uses: shivammathur/setup-php@v2 + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - coverage: xdebug - extensions: ${{ env.EXTENSIONS }} - ini-values: date.timezone='UTC' + coverage-driver: ${{ env.COVERAGE_DRIVER }} + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" php-version: ${{ matrix.php }} - tools: pie - - name: Update composer. - run: composer self-update - - - name: Install dependencies with composer. - run: composer update --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi - - - name: Run MySQL tests with PHPUnit. - run: vendor/bin/phpunit --group mysql ${{ env.COVERAGE }} - - - name: Upload coverage to Codecov. - if: matrix.php == '7.4' - uses: codecov/codecov-action@v5 + - name: Run PHPUnit tests. + uses: ./.github/actions/phpunit with: - token: ${{ secrets.CODECOV_TOKEN }} - file: ./coverage.xml + coverage-driver: ${{ env.COVERAGE_DRIVER }} + coverage-token: ${{ secrets.CODECOV_TOKEN }} + group: ${{ env.PHPUNIT_GROUP }} diff --git a/.github/workflows/ci-node.yml b/.github/workflows/ci-node.yml index df79aacbda..cf96ebb669 100644 --- a/.github/workflows/ci-node.yml +++ b/.github/workflows/ci-node.yml @@ -16,6 +16,10 @@ jobs: runs-on: ubuntu-latest steps: + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 + - name: Checkout. uses: actions/checkout@v5 diff --git a/.github/workflows/ci-oracle.yml b/.github/workflows/ci-oracle.yml index 5b7b05b094..b1f56f7e66 100644 --- a/.github/workflows/ci-oracle.yml +++ b/.github/workflows/ci-oracle.yml @@ -1,19 +1,27 @@ +--- +name: ci-oracle + +permissions: + contents: read + pull-requests: write + on: - pull_request - push -name: ci-oracle - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: tests: - name: PHP ${{ matrix.php }}-${{ matrix.os }} + name: PHP ${{ matrix.php }}-oci env: - EXTENSIONS: oci8, pdo, pdo_oci, ${{ matrix.php == '8.0' && 'xdebug-3.3.2' || 'xdebug' }} + COVERAGE_DRIVER: ${{ matrix.php == 7.4 && 'xdebug' || 'none' }} + PHP_EXTENSIONS: curl, intl, oci8, pdo, pdo_oci + PHP_INI_VALUES: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC' + PHPUNIT_GROUP: oci XDEBUG_MODE: coverage runs-on: ubuntu-latest @@ -24,35 +32,31 @@ jobs: services: oci: - image: wnameless/oracle-xe-11g-r2:latest - ports: - - 1521:1521 - options: --name=oci + image: wnameless/oracle-xe-11g-r2:latest + ports: + - 1521:1521 + options: >- + --name=oci steps: + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 + - name: Checkout. uses: actions/checkout@v5 - - name: Install PHP with extensions. - uses: shivammathur/setup-php@v2 + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - coverage: xdebug - extensions: ${{ env.EXTENSIONS }} - ini-values: date.timezone='UTC' + coverage-driver: ${{ env.COVERAGE_DRIVER }} + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" php-version: ${{ matrix.php }} - tools: pie - - name: Update composer. - run: composer self-update - - - name: Install dependencies with composer. - run: composer update --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi - - - name: Run Oracle tests with PHPUnit. - run: vendor/bin/phpunit --group oci --coverage-clover=coverage.xml --colors=always - - - name: Upload coverage to Codecov. - uses: codecov/codecov-action@v5 + - name: Run PHPUnit tests. + uses: ./.github/actions/phpunit with: - token: ${{ secrets.CODECOV_TOKEN }} - file: ./coverage.xml + coverage-driver: ${{ env.COVERAGE_DRIVER }} + coverage-token: ${{ secrets.CODECOV_TOKEN }} + group: ${{ env.PHPUNIT_GROUP }} diff --git a/.github/workflows/ci-pgsql.yml b/.github/workflows/ci-pgsql.yml index 17bc7ace24..f655db3bdd 100644 --- a/.github/workflows/ci-pgsql.yml +++ b/.github/workflows/ci-pgsql.yml @@ -1,9 +1,14 @@ +--- +name: ci-pgsql + +permissions: + contents: read + pull-requests: write + on: - pull_request - push -name: ci-pgsql - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -13,8 +18,10 @@ jobs: name: PHP ${{ matrix.php }}-pgsql-${{ matrix.pgsql }} env: - COVERAGE: ${{ matrix.php == '7.4' && '--coverage-clover=coverage.xml --colors=always' || '--colors=always' }} - EXTENSIONS: curl, intl, pdo, pdo_pgsql, ${{ matrix.php == '8.0' && 'xdebug-3.3.2' || 'xdebug' }} + COVERAGE_DRIVER: ${{ matrix.php == 7.4 && 'xdebug' || 'none' }} + PHP_EXTENSIONS: curl, intl, pdo, pdo_pgsql + PHP_INI_VALUES: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC' + PHPUNIT_GROUP: pgsql XDEBUG_MODE: coverage runs-on: ubuntu-latest @@ -34,33 +41,33 @@ jobs: POSTGRES_DB: yiitest ports: - 5432:5432 - options: --name=postgres --health-cmd="pg_isready" --health-interval=10s --health-timeout=5s --health-retries=3 + options: >- + --name=postgres + --health-cmd="pg_isready" + --health-interval=10s + --health-retries=3 + --health-timeout=5s + --mount type=tmpfs,destination=/var/lib/postgresql/data steps: + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 + - name: Checkout. uses: actions/checkout@v5 - - name: Install PHP with extensions - uses: shivammathur/setup-php@v2 + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - coverage: xdebug - extensions: ${{ env.EXTENSIONS }} - ini-values: date.timezone='UTC' + coverage-driver: ${{ env.COVERAGE_DRIVER }} + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" php-version: ${{ matrix.php }} - tools: pie - - name: Update composer. - run: composer self-update - - - name: Install dependencies with composer. - run: composer update --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi - - - name: Run Pgsql tests with PHPUnit. - run: vendor/bin/phpunit --group pgsql ${{ env.COVERAGE }} - - - name: Upload coverage to Codecov. - if: matrix.php == '7.4' - uses: codecov/codecov-action@v5 + - name: Run PHPUnit tests. + uses: ./.github/actions/phpunit with: - token: ${{ secrets.CODECOV_TOKEN }} - file: ./coverage.xml + coverage-driver: ${{ env.COVERAGE_DRIVER }} + coverage-token: ${{ secrets.CODECOV_TOKEN }} + group: ${{ env.PHPUNIT_GROUP }} diff --git a/.github/workflows/ci-sqlite.yml b/.github/workflows/ci-sqlite.yml index 19eadf3efe..e6026ebacc 100644 --- a/.github/workflows/ci-sqlite.yml +++ b/.github/workflows/ci-sqlite.yml @@ -1,9 +1,14 @@ +--- +name: ci-sqlite + +permissions: + contents: read + pull-requests: write + on: - pull_request - push -name: ci-sqlite - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -13,8 +18,10 @@ jobs: name: PHP ${{ matrix.php }}-sqlite env: - COVERAGE: ${{ matrix.php == '7.4' && '--coverage-clover=coverage.xml --colors=always' || '--colors=always' }} - EXTENSIONS: pdo, pdo_sqlite, sqlite3, ${{ matrix.php == '8.0' && 'xdebug-3.3.2' || 'xdebug' }} + COVERAGE_DRIVER: ${{ matrix.php == 7.4 && 'xdebug' || 'none' }} + PHP_EXTENSIONS: curl, intl, pdo, pdo_sqlite + PHP_INI_VALUES: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC' + PHPUNIT_GROUP: sqlite XDEBUG_MODE: coverage runs-on: ubuntu-latest @@ -25,30 +32,24 @@ jobs: php: [7.4, 8.0, 8.1, 8.2, 8.3, 8.4] steps: + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 + - name: Checkout. uses: actions/checkout@v5 - - name: Install PHP with extensions. - uses: shivammathur/setup-php@v2 + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - coverage: xdebug - extensions: ${{ env.EXTENSIONS }} - ini-values: date.timezone='UTC' + coverage-driver: ${{ env.COVERAGE_DRIVER }} + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" php-version: ${{ matrix.php }} - tools: pie - - name: Update composer. - run: composer self-update - - - name: Install dependencies with composer. - run: composer update --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi - - - name: Run SQLite tests with PHPUnit. - run: vendor/bin/phpunit --group sqlite ${{ env.COVERAGE }} - - - name: Upload coverage to Codecov. - if: matrix.php == '7.4' - uses: codecov/codecov-action@v5 + - name: Run PHPUnit tests. + uses: ./.github/actions/phpunit with: - token: ${{ secrets.CODECOV_TOKEN }} - file: ./coverage.xml + coverage-driver: ${{ env.COVERAGE_DRIVER }} + coverage-token: ${{ secrets.CODECOV_TOKEN }} + group: ${{ env.PHPUNIT_GROUP }} diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 17e514f958..df3966fb44 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,22 +1,43 @@ +--- name: lint -on: [push, pull_request] +permissions: + contents: read + pull-requests: write + +on: + - pull_request + - push + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true jobs: - phpcs: - runs-on: ubuntu-latest - name: PHP_CodeSniffer - steps: - - uses: actions/checkout@v4 + phpcs: + runs-on: ubuntu-latest - - name: Setup PHP - uses: shivammathur/setup-php@v2 + name: PHP ${{ matrix.php }}-PHP_CodeSniffer + + strategy: + fail-fast: false + matrix: + php: [8.4] + + steps: + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 + + - name: Checkout. + uses: actions/checkout@v5 + + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - php-version: '8.2' - tools: cs2pr + composer-command: install + php-version: ${{ matrix.php }} + tools: cs2pr - - name: Install dependencies - run: composer install --prefer-dist - - - name: Run phpcs + - name: Run PHP_CodeSniffer. run: vendor/bin/phpcs -q --report=checkstyle framework/ | cs2pr diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml index d77a1ca82e..4fe448db77 100644 --- a/.github/workflows/static.yml +++ b/.github/workflows/static.yml @@ -1,51 +1,53 @@ +--- +name: static analysis + +permissions: + contents: read + pull-requests: write + on: - pull_request - push -name: static analysis - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: phpstan: - name: PHP ${{ matrix.php }} + name: PHP ${{ matrix.php }}-PHPStan env: - DEFAULT_COMPOSER_FLAGS: "--prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi" - EXTENSIONS: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, curl, dom, imagick, intl, mbstring, mcrypt, memcached + PHP_EXTENSIONS: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, curl, dom, imagick, intl, mbstring, mcrypt, memcached + PHP_INI_VALUES: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC' runs-on: ubuntu-latest strategy: fail-fast: false matrix: - php: [7.4, 8.0, 8.1, 8.2, 8.3, 8.4, 8.5] + php: [7.4, 8.0, 8.1, 8.2, 8.3, 8.4] steps: + - name: Monitor action permissions. + if: runner.os != 'Windows' + uses: GitHubSecurityLab/actions-permissions/monitor@v1 + - name: Checkout. uses: actions/checkout@v5 - - name: Install PHP. - uses: shivammathur/setup-php@v2 + - name: Setup PHP with Composer. + uses: ./.github/actions/php-setup with: - coverage: none - extensions: ${{ env.EXTENSIONS }} - ini-values: apc.enabled=1,apc.shm_size=32M,apc.enable_cli=1, date.timezone='UTC', session.save_path="${{ runner.temp }}" + extensions: ${{ matrix.php < 8.0 && 'apc' || 'apcu' }}, ${{ env.PHP_EXTENSIONS }} + ini-values: ${{ env.PHP_INI_VALUES }}, session.save_path="${{ runner.temp }}" php-version: ${{ matrix.php }} tools: cs2pr, pie - - name: Update composer. - run: composer self-update - - - name: Install dependencies with composer. - run: composer update $DEFAULT_COMPOSER_FLAGS ${{ matrix.php == 8.5 && '--ignore-platform-reqs' || '' }} - - - name: Static analysis PHP 7.x + - name: Static analysis PHP 7.x. if: matrix.php == '7.3' || matrix.php == '7.4' run: vendor/bin/phpstan analyse --configuration=phpstan-7x.dist.neon --error-format=checkstyle | cs2pr - - name: Static analysis PHP 8.x + - name: Static analysis PHP 8.x. if: matrix.php != '7.3' && matrix.php != '7.4' run: vendor/bin/phpstan analyse --error-format=checkstyle | cs2pr