diff --git a/.github/workflows/CS.yml b/.github/workflows/CS.yml new file mode 100644 index 0000000..03d3cf1 --- /dev/null +++ b/.github/workflows/CS.yml @@ -0,0 +1,57 @@ +name: CS (Code Style) + +on: + workflow_call: + inputs: + php-version: + type: string + required: false + default: '8.4' + composer-validate: + type: boolean + required: false + default: true + php-cs-fixer-args: + type: string + required: false + default: '--diff --dry-run' + +jobs: + cs: + name: "Code Style (PHP ${{ inputs.php-version }})" + runs-on: ubuntu-latest + + steps: + - name: "Checkout repository" + uses: actions/checkout@v4 + + - name: "Setup PHP ${{ inputs.php-version }}" + uses: shivammathur/setup-php@v2 + with: + php-version: ${{ inputs.php-version }} + coverage: none + tools: php-cs-fixer, composer + + - name: "Cache Composer dependencies" + uses: actions/cache@v4 + with: + path: ~/.composer/cache + key: composer-${{ runner.os }}-${{ hashFiles('**/composer.lock') }} + restore-keys: composer-${{ runner.os }}- + + - name: "Composer validate" + if: inputs.composer-validate == true + run: composer validate --strict + + - name: "Composer install" + run: composer install --no-interaction --prefer-dist --no-progress + + - name: "Run PHP-CS-Fixer" + run: | + if [ -x vendor/bin/php-cs-fixer ]; then + BIN=vendor/bin/php-cs-fixer + else + BIN=php-cs-fixer + fi + $BIN -V + $BIN fix ${{ inputs.php-cs-fixer-args }} diff --git a/workflows/SA.yml b/.github/workflows/SA.yml similarity index 95% rename from workflows/SA.yml rename to .github/workflows/SA.yml index 183cdb3..165c74c 100644 --- a/workflows/SA.yml +++ b/.github/workflows/SA.yml @@ -11,9 +11,6 @@ on: type: string required: false default: 'analyse --no-progress --memory-limit=-1' - secrets: - GITHUB_TOKEN: - required: false jobs: sa: diff --git a/.github/workflows/SEC.yml b/.github/workflows/SEC.yml new file mode 100644 index 0000000..9209410 --- /dev/null +++ b/.github/workflows/SEC.yml @@ -0,0 +1,42 @@ +name: SEC (Security) + +on: + workflow_call: + inputs: + php-version: + type: string + required: false + default: '8.4' + composer-audit-args: + type: string + required: false + default: '--no-interaction' + +jobs: + sec: + name: "Security Audit (PHP ${{ inputs.php-version }})" + runs-on: ubuntu-latest + + steps: + - name: "Checkout repository" + uses: actions/checkout@v4 + + - name: "Setup PHP ${{ inputs.php-version }}" + uses: shivammathur/setup-php@v2 + with: + php-version: ${{ inputs.php-version }} + coverage: none + tools: composer + + - name: "Cache Composer dependencies" + uses: actions/cache@v4 + with: + path: ~/.composer/cache + key: composer-${{ runner.os }}-${{ hashFiles('**/composer.lock') }} + restore-keys: composer-${{ runner.os }}- + + - name: "Composer install" + run: composer install --no-interaction --prefer-dist --no-progress + + - name: "Composer audit" + run: composer audit ${{ inputs.composer-audit-args }}