Skip to content

Use Secure Log in WordPress Libraries #210

Use Secure Log in WordPress Libraries

Use Secure Log in WordPress Libraries #210

Workflow file for this run

name: Run Tests
# When to run tests.
on:
pull_request:
types:
- opened
- synchronize
push:
branches:
- main
jobs:
tests:
# Name.
name: ${{ matrix.test-groups }} / WordPress ${{ matrix.wp-versions }} / PHP ${{ matrix.php-versions }}
# Virtual Environment to use.
# @see: https://github.com/actions/virtual-environments
runs-on: ubuntu-20.04
# Environment Variables.
# Accessible by using ${{ env.NAME }}
# Use ${{ secrets.NAME }} to include any GitHub Secrets in ${{ env.NAME }}
# The base folder will always be /home/runner/work/github-repo-name/github-repo-name
env:
ROOT_DIR: /home/runner/work/convertkit-gravity-forms/convertkit-gravity-forms/wordpress
PLUGIN_DIR: /home/runner/work/convertkit-gravity-forms/convertkit-gravity-forms/wordpress/wp-content/plugins/convertkit-gravity-forms
DB_NAME: test
DB_USER: root
DB_PASS: root
DB_HOST: localhost
INSTALL_PLUGINS: "disable-welcome-messages-and-tips" # Don't include this repository's Plugin here.
CONVERTKIT_API_KEY: ${{ secrets.CONVERTKIT_API_KEY }} # ConvertKit API Key, stored in the repository's Settings > Secrets
CONVERTKIT_API_SECRET: ${{ secrets.CONVERTKIT_API_SECRET }} # ConvertKit API Secret, stored in the repository's Settings > Secrets
CONVERTKIT_API_KEY_NO_DATA: ${{ secrets.CONVERTKIT_API_KEY_NO_DATA }} # ConvertKit API Key for ConvertKit account with no data, stored in the repository's Settings > Secrets
CONVERTKIT_API_SECRET_NO_DATA: ${{ secrets.CONVERTKIT_API_SECRET_NO_DATA }} # ConvertKit API Secret for ConvertKit account with no data, stored in the repository's Settings > Secrets
GRAVITY_FORMS_LICENSE_KEY: ${{ secrets.GRAVITY_FORMS_LICENSE_KEY }} # Gravity Forms License Key, stored in the repository's Settings > Secrets
# Defines the WordPress and PHP Versions matrix to run tests on
# WooCommerce 5.9.0 requires WordPress 5.6 or greater, so we do not test on earlier versions
# If testing older WordPress versions, ensure they are e.g. 5.7.4, 5.6.6 that have the X3 SSL fix: https://core.trac.wordpress.org/ticket/54207
# For PHP, make sure that an nginx configuration file exists for the required PHP version in this repository at tests/nginx/php-x.x.conf
strategy:
fail-fast: false
matrix:
wp-versions: [ 'latest' ] #[ '6.1.1', 'latest' ]
php-versions: [ '7.4', '8.0', '8.1', '8.2', '8.3' ] #[ '7.4', '8.0', '8.1' ]
# Folder names within the 'tests' folder to run tests in parallel.
test-groups: [
'acceptance/forms',
'acceptance/general',
'acceptance/recommendations',
'wpunit'
]
# Steps to install, configure and run tests
steps:
- name: Start MySQL
run: sudo systemctl start mysql.service
- name: Create MySQL Database
run: |
mysql -e 'CREATE DATABASE test;' -u${{ env.DB_USER }} -p${{ env.DB_PASS }}
mysql -e 'SHOW DATABASES;' -u${{ env.DB_USER }} -p${{ env.DB_PASS }}
# WordPress won't be able to connect to the DB if we don't perform this step.
- name: Permit MySQL Password Auth for MySQL 8.0
run: mysql -e "ALTER USER '${{ env.DB_USER }}'@'${{ env.DB_HOST }}' IDENTIFIED WITH mysql_native_password BY '${{ env.DB_PASS }}';" -u${{ env.DB_USER }} -p${{ env.DB_PASS }}
# Some workflows checkout WordPress from GitHub, but that seems to bring a bunch of uncompiled files with it.
# Instead download from wordpress.org stable.
- name: Download WordPress
run: wget https://wordpress.org/wordpress-${{ matrix.wp-versions }}.tar.gz
- name: Extract WordPress
run: tar xfz wordpress-${{ matrix.wp-versions }}.tar.gz
# Checkout (copy) this repository's Plugin to this VM.
- name: Checkout Plugin
uses: actions/checkout@v4
with:
path: ${{ env.PLUGIN_DIR }}
# We install WP-CLI, as it provides useful commands to setup and install WordPress through the command line.
- name: Install WP-CLI
run: |
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
chmod +x wp-cli.phar
sudo mv wp-cli.phar /usr/local/bin/wp-cli
- name: Setup wp-config.php
working-directory: ${{ env.ROOT_DIR }}
run: wp-cli config create --dbname=${{ env.DB_NAME }} --dbuser=${{ env.DB_USER }} --dbpass=${{ env.DB_PASS }} --dbhost=${{ env.DB_HOST }} --locale=en_DB
- name: Install WordPress
working-directory: ${{ env.ROOT_DIR }}
run: wp-cli core install --url=127.0.0.1 --title=ConvertKit --admin_user=admin --admin_password=password [email protected]
# env.INSTALL_PLUGINS is a list of Plugin slugs, space separated e.g. contact-form-7 woocommerce.
- name: Install Free Third Party WordPress Plugins
working-directory: ${{ env.ROOT_DIR }}
run: wp-cli plugin install ${{ env.INSTALL_PLUGINS }}
# These should be stored as a separated list of URLs in the repository Settings > Secrets > Repository Secret > CONVERTKIT_PAID_PLUGIN_URLS.
# We cannot include the URLs in this file, as they're not Plugins we are permitted to distribute.
- name: Install Paid Third Party WordPress Plugins
working-directory: ${{ env.ROOT_DIR }}
run: wp-cli plugin install ${{ secrets.CONVERTKIT_PAID_PLUGIN_URLS }}
# WP_DEBUG = true is required so all PHP errors are output and caught by tests (E_ALL).
# WP_DEBUG = false for PHP 8.2 and 8.3, otherwise E_DEPRECATED is output due to Gravity Forms.
- name: Enable WP_DEBUG
if: ${{ matrix.php-versions != '8.2' && matrix.php-versions != '8.3' }}
working-directory: ${{ env.ROOT_DIR }}
run: |
wp-cli config set WP_DEBUG true --raw
# FS_METHOD = direct is required for WP_Filesystem to operate without suppressed PHP fopen() errors that trip up tests.
# GF_LICENSE_KEY ensures that Gravity Forms doesn't show errors about being unlicensed.
- name: Enable FS_METHOD
working-directory: ${{ env.ROOT_DIR }}
run: |
wp-cli config set FS_METHOD direct
wp-cli config set GF_LICENSE_KEY ${{ env.GRAVITY_FORMS_LICENSE_KEY }}
# This step is deliberately after WordPress installation and configuration, as enabling PHP 8.x before using WP-CLI results
# in the workflow failing due to incompatibilities between WP-CLI and PHP 8.x.
# By installing PHP at this stage, we can still run our tests against e.g. PHP 8.x.
- name: Install PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
coverage: xdebug
# Make sure that an nginx configuration file exists in this repository at tests/nginx/php-x.x.conf.
# Refer to an existing .conf file in this repository if you need to create a new one e.g. for a new PHP version.
- name: Copy nginx configuration file
run: sudo cp ${{ env.PLUGIN_DIR }}/tests/nginx/php-${{ matrix.php-versions }}.conf /etc/nginx/conf.d/php-${{ matrix.php-versions }}.conf
- name: Test nginx
run: sudo nginx -t
- name: Start nginx
run: sudo systemctl start nginx.service
- name: Install chromedriver
uses: nanasess/setup-chromedriver@master
- name: Start chromedriver
run: |
export DISPLAY=:99
chromedriver --url-base=/wd/hub &
sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 & # optional
# Write any secrets, such as API keys, to the .env.dist.testing file now.
# Make sure your committed .env.dist.testing file ends with a newline.
# The formatting of the contents to include a blank newline is deliberate.
- name: Define GitHub Secrets in .env.dist.testing
uses: DamianReeves/[email protected]
with:
path: ${{ env.PLUGIN_DIR }}/.env.dist.testing
contents: |
CONVERTKIT_API_KEY=${{ env.CONVERTKIT_API_KEY }}
CONVERTKIT_API_SECRET=${{ env.CONVERTKIT_API_SECRET }}
CONVERTKIT_API_KEY_NO_DATA=${{ env.CONVERTKIT_API_KEY_NO_DATA }}
CONVERTKIT_API_SECRET_NO_DATA=${{ env.CONVERTKIT_API_SECRET_NO_DATA }}
write-mode: append
# Installs wp-browser, Codeception, PHP CodeSniffer and anything else needed to run tests.
- name: Run Composer
working-directory: ${{ env.PLUGIN_DIR }}
run: composer update
- name: Build PHP Autoloader
working-directory: ${{ env.PLUGIN_DIR }}
run: composer dump-autoload
# This ensures the Plugin's log file can be written to.
# We don't recursively do this, as it'll prevent Codeception from writing to the /tests/_output directory.
- name: Set Permissions for Plugin Directory
run: |
sudo chmod g+w ${{ env.PLUGIN_DIR }}
sudo chown www-data:www-data ${{ env.PLUGIN_DIR }}
# Build Codeception Tests.
- name: Build Tests
working-directory: ${{ env.PLUGIN_DIR }}
run: php vendor/bin/codecept build
# Run Codeception Acceptance Tests.
- name: Run tests/${{ matrix.test-groups }}
working-directory: ${{ env.PLUGIN_DIR }}
run: php vendor/bin/codecept run tests/${{ matrix.test-groups }} --fail-fast
# Artifacts are data generated by this workflow that we want to access, such as log files, screenshots, HTML output.
# The if: always() directive means that this will run when the workflow fails e.g. if a test fails, which is needed
# because we want to see why a test failed.
- name: Upload Test Results to Artifact
if: always()
uses: actions/upload-artifact@v2
with:
name: test-results
path: ${{ env.PLUGIN_DIR }}/tests/_output/
- name: Upload Plugin Log File to Artifact
if: always()
uses: actions/upload-artifact@v2
with:
name: log.txt
path: ${{ env.PLUGIN_DIR }}/log.txt