Bump composer/ca-bundle from 1.5.0 to 1.5.4 #4292
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: main | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
jobs: | |
workdir: | |
name: "Prepare working directory" | |
runs-on: ubuntu-22.04 | |
container: | |
image: skaut/lebeda:8.1 | |
steps: | |
- uses: actions/checkout@v4 | |
# Copy & paste from https://github.com/actions/cache/blob/master/examples.md#php---composer | |
- name: Get Composer Cache Directory | |
id: composer-cache | |
run: | | |
echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
- uses: actions/cache@v4 | |
with: | |
path: ${{ steps.composer-cache.outputs.dir }} | |
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
restore-keys: | | |
${{ runner.os }}-composer- | |
- run: composer install | |
- name: Fix permissions | |
run: chown 1000:1000 . -R && chmod 777 . -R | |
- name: Create tarball | |
run: tar -czpf /tmp/workdir.tar.gz . && mv /tmp/workdir.tar.gz . | |
- name: Upload workdir | |
uses: actions/upload-artifact@v4 | |
with: | |
name: workdir | |
path: workdir.tar.gz | |
tests-unit: | |
name: "Run unit tests" | |
runs-on: ubuntu-22.04 | |
container: | |
image: skaut/lebeda:8.1 | |
needs: workdir | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzpf workdir.tar.gz | |
- run: phing tests-unit | |
tests-integration: | |
name: "Run integration tests" | |
runs-on: ubuntu-22.04 | |
needs: workdir | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzpf workdir.tar.gz | |
- name: Start application containers | |
run: docker compose -f docker/docker-compose.yml run -T php-test phing tests-integration | |
collect-code-coverage: | |
name: "Collect code coverage" | |
if: github.ref == 'refs/heads/master' | |
runs-on: ubuntu-22.04 | |
needs: workdir | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzpf workdir.tar.gz | |
- name: Run tests with coverage | |
run: docker compose -f docker/docker-compose.yml run -T php-test phing tests-with-coverage | |
- name: Upload code coverage | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
file: tests/_output/coverage.xml | |
fail_ci_if_error: true | |
tests-acceptance: | |
name: "Run acceptance tests" | |
runs-on: ubuntu-22.04 | |
needs: workdir | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzpf workdir.tar.gz | |
- name: Append to .env file | |
run: echo -e "\nHEADLESS='--headless'" >> .env.test | |
- name: Init app | |
run: docker compose -f docker/docker-compose.yml run -T php-test phing app-init | |
- name: Start selenium container | |
run: docker compose -f docker/docker-compose.yml up -d selenium nginx | |
- run: mv app/config/config.ci.local.neon app/config/config.local.neon | |
- name: Run acceptance tests | |
run: docker compose -f docker/docker-compose.yml run -T php-test phing tests-acceptance | |
- uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: error-output | |
path: tests/_output | |
static-analysis: | |
name: "Run PHPStan analysis" | |
runs-on: ubuntu-22.04 | |
env: | |
DB_HOST: mysql-test | |
DB_USER: hskauting | |
DB_PASSWORD: hskauting | |
DB_NAME: hskauting | |
DB_TEST: true | |
container: | |
image: skaut/lebeda:8.1 | |
needs: workdir | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzpf workdir.tar.gz | |
- name: Generate Codeception helper code | |
run: vendor/bin/codecept build | |
- run: phing static-analysis | |
coding-standard: | |
name: "Check coding standard" | |
runs-on: ubuntu-22.04 | |
container: | |
image: skaut/lebeda:8.1 | |
needs: workdir | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzpf workdir.tar.gz | |
- run: phing coding-standard-ci | |
latte-lint: | |
name: "Lint Latte templates" | |
runs-on: ubuntu-22.04 | |
container: | |
image: skaut/lebeda:8.1 | |
needs: workdir | |
env: | |
DEVELOPMENT_MACHINE: true | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzf workdir.tar.gz | |
- run: mv app/config/config.ci.local.neon app/config/config.local.neon | |
- run: vendor/bin/latte-lint app | |
validate-mapping: | |
name: "Validate mapping against migrations" | |
runs-on: ubuntu-22.04 | |
container: | |
image: skaut/lebeda:8.1 | |
needs: workdir | |
services: | |
mysql-test: | |
image: mysql:5.7 | |
env: | |
MYSQL_ROOT_PASSWORD: 'root' | |
MYSQL_DATABASE: hskauting | |
options: --health-cmd="mysqladmin ping" --health-interval=5s --health-timeout=2s --health-retries=3 | |
env: | |
DEVELOPMENT_MACHINE: true | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzf workdir.tar.gz | |
- run: mv app/config/config.ci.local.neon app/config/config.local.neon | |
- run: bin/console migrations:migrate --no-interaction | |
- run: "! bin/console migrations:diff && bin/console migrations:diff --allow-empty-diff" | |
- uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: migrations | |
path: migrations | |
checks-passed: | |
name: "Wait for all checks" | |
needs: | |
- tests-unit | |
- tests-integration | |
- tests-acceptance | |
- coding-standard | |
- static-analysis | |
- latte-lint | |
- validate-mapping | |
runs-on: ubuntu-22.04 | |
container: | |
image: skaut/lebeda:8.1-ci | |
steps: | |
- run: true | |
deploy-test: | |
name: "Deploy to test-h.skauting.cz" | |
if: github.ref == 'refs/heads/master' | |
needs: [checks-passed] | |
runs-on: ubuntu-22.04 | |
container: | |
image: skaut/lebeda:8.1-ci | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzpf workdir.tar.gz | |
- name: Setup SSH authentication | |
run: .github/workflows/setup_ssh.sh "$DEPLOY_SSH_KEY" "$SSH_KEY_FILE" | |
env: | |
DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }} | |
SSH_KEY_FILE: /root/.ssh/id_key | |
# Copy & paste from https://github.com/actions/cache/blob/master/examples.md#node---yarn | |
- name: Get yarn cache | |
id: yarn-cache | |
run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT | |
- uses: actions/cache@v4 | |
with: | |
path: ${{ steps.yarn-cache.outputs.dir }} | |
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} | |
restore-keys: | | |
${{ runner.os }}-yarn- | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '20' | |
- name: Setup git safe dir | |
run: git config --global --add safe.directory /__w/${GITHUB_REPOSITORY#*/}/${GITHUB_REPOSITORY#*/} | |
- name: Deploy to test-h.skauting.cz | |
run: phing deploy | |
env: | |
ENVIRONMENT: test | |
ROOT_DIR: /home/vu009010 | |
SSH_USERNAME: vu009010 | |
SSH_KEY_FILE: /root/.ssh/id_key | |
CONFIG_DATABASE_PASSWORD: ${{ secrets.CONFIG_TEST_DATABASE_PASSWORD }} | |
CONFIG_GOOGLE_CREDENTIALS: ${{ secrets.CONFIG_TEST_GOOGLE_CREDENTIALS }} | |
deploy-production: | |
name: "Deploy to h.skauting.cz" | |
if: github.ref == 'refs/heads/master' | |
needs: [checks-passed] | |
runs-on: ubuntu-22.04 | |
container: | |
image: skaut/lebeda:8.1-ci | |
steps: | |
- name: Download workdir | |
uses: actions/download-artifact@v4 | |
with: | |
name: workdir | |
path: . | |
- name: Extract workdir | |
run: tar -xzpf workdir.tar.gz | |
- name: Setup SSH authentication | |
run: .github/workflows/setup_ssh.sh "$DEPLOY_SSH_KEY" "$SSH_KEY_FILE" | |
env: | |
DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }} | |
SSH_KEY_FILE: /root/.ssh/id_key | |
# Copy & paste from https://github.com/actions/cache/blob/master/examples.md#node---yarn | |
- name: Get yarn cache | |
id: yarn-cache | |
run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT | |
- uses: actions/cache@v4 | |
with: | |
path: ${{ steps.yarn-cache.outputs.dir }} | |
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} | |
restore-keys: | | |
${{ runner.os }}-yarn- | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '20' | |
- name: Setup git safe dir | |
run: git config --global --add safe.directory /__w/${GITHUB_REPOSITORY#*/}/${GITHUB_REPOSITORY#*/} | |
- name: Deploy to h.skauting.cz | |
run: phing deploy | |
env: | |
ENVIRONMENT: production | |
ROOT_DIR: /home/vu008930 | |
SSH_USERNAME: vu008930 | |
SSH_KEY_FILE: /root/.ssh/id_key | |
CONFIG_DATABASE_PASSWORD: ${{ secrets.CONFIG_PRODUCTION_DATABASE_PASSWORD }} | |
CONFIG_SENTRY_DSN: ${{ secrets.CONFIG_SENTRY_DSN }} | |
CONFIG_GOOGLE_CREDENTIALS: ${{ secrets.CONFIG_PRODUCTION_GOOGLE_CREDENTIALS }} |