Skip to content
Test

Step 2: add attestation #1744

Sign in to view logs

Step 2: add attestation

Step 2: add attestation #1744

Workflow file for this run

.github/workflows/test.yml at ff588bf
name: Test
on:
# Run on pushes to `master` and on all pull requests.
# Prevent the build from running when there are only irrelevant changes.
push:
# branches:
# - master
# tags:
# - '**'
# paths-ignore:
# - '**.md'
pull_request:
# Allow manually triggering the workflow.
workflow_dispatch:
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
name: "Build Phar on PHP: 8.0"
permissions:
id-token: write
contents: read
attestations: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.0'
coverage: none
ini-values: phar.readonly=Off, error_reporting=-1, display_errors=On
- name: Build the phar
run: php scripts/build-phar.php
# Provide provenance for generated binaries.
# Only attests the build artifacts which will be used in the published releases as per the guidelines in "what to attest".
# https://docs.github.com/en/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds
- name: Generate artifact attestations
#if: github.ref_type == 'tag'
uses: actions/attest-build-provenance@v1
with:
subject-path: |
${{ github.workspace }}/phpcs.phar
${{ github.workspace }}/phpcbf.phar
- name: Upload the PHPCS phar
uses: actions/upload-artifact@v4
with:
name: phpcs-phar
path: ./phpcs.phar
if-no-files-found: error
retention-days: 28
- name: Upload the PHPCBF phar
uses: actions/upload-artifact@v4
with:
name: phpcbf-phar
path: ./phpcbf.phar
if-no-files-found: error
retention-days: 28
# Both the below only check a file which is rarely changed and therefore unlikely to have issues.
# This test is about testing that the phars are functional, *not* about whether the code style complies.
- name: 'PHPCS: check code style using the Phar file to test the Phar is functional'
run: php phpcs.phar ./scripts
- name: 'PHPCBF: fix code style using the Phar file to test the Phar is functional'
run: php phpcbf.phar ./scripts
test:
runs-on: ubuntu-latest
needs: build
strategy:
# Keys:
# - custom_ini: Whether to run with specific custom ini settings to hit very specific
# code conditions.
matrix:
php: ['5.6', '8.3']
custom_ini: [false]
# include:
# Skip test runs on builds which are also run for in the coverage job.
# Note: the tests on PHP 7.2 will still be run as the coverage build is uses custom_ini for that version.
# - php: '5.4'
# skip_tests: true
# - php: '8.3'
# skip_tests: true
# Extra builds running only the unit tests with different PHP ini settings.
# - php: '5.5'
# custom_ini: true
# - php: '7.0'
# custom_ini: true
name: "PHP: ${{ matrix.php }} ${{ matrix.custom_ini && ' with custom ini settings' || '' }}"
continue-on-error: ${{ matrix.php == '8.4' }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup ini config
id: set_ini
run: |
# Set the "short_open_tag" ini to make sure specific conditions are tested.
# Also turn on error_reporting to ensure all notices are shown.
if [[ ${{ matrix.custom_ini }} == true && "${{ matrix.php }}" == '5.5' ]]; then
echo 'PHP_INI=error_reporting=-1, display_errors=On, date.timezone=Australia/Sydney, short_open_tag=On, asp_tags=On' >> $GITHUB_OUTPUT
elif [[ ${{ matrix.custom_ini }} == true && "${{ matrix.php }}" == '7.0' ]]; then
echo 'PHP_INI=error_reporting=-1, display_errors=On, date.timezone=Australia/Sydney, short_open_tag=On' >> $GITHUB_OUTPUT
else
echo 'PHP_INI=error_reporting=-1, display_errors=On' >> $GITHUB_OUTPUT
fi
- name: Install PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
ini-values: ${{ steps.set_ini.outputs.PHP_INI }}
coverage: none
tools: cs2pr
# This action also handles the caching of the dependencies.
- name: Set up node
if: ${{ matrix.custom_ini == false }}
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Install external tools used in tests
if: ${{ matrix.custom_ini == false }}
run: >
npm install -g --fund false
csslint
eslint
jshint
# Install dependencies and handle caching in one go.
# @link https://github.com/marketplace/actions/install-php-dependencies-with-composer
- name: Install Composer dependencies
uses: "ramsey/composer-install@v3"
with:
composer-options: ${{ matrix.php == '8.4' && '--ignore-platform-req=php' || '' }}
custom-cache-suffix: $(date -u "+%Y-%m")
# Note: The code style check is run multiple times against every PHP version
# as it also acts as an integration test.
- name: 'PHPCS: set the path to PHP'
run: php bin/phpcs --config-set php_path php
- name: 'PHPUnit: run the tests without code coverage'
if: ${{ matrix.skip_tests != true }}
run: vendor/bin/phpunit tests/AllTests.php --no-coverage
- name: 'PHPCS: check code style without cache, no parallel'
if: ${{ matrix.custom_ini == false && matrix.php != '7.4' }}
run: php bin/phpcs --no-cache --parallel=1
- name: 'PHPCS: check code style to show results in PR'
if: ${{ matrix.custom_ini == false && matrix.php == '7.4' }}
id: phpcs
run: php bin/phpcs --no-cache --parallel=1 --report-full --report-checkstyle=./phpcs-report.xml
- name: Show PHPCS results in PR
if: ${{ always() && steps.phpcs.outcome == 'failure' && matrix.php == '7.4' }}
run: cs2pr ./phpcs-report.xml
- name: Download the PHPCS phar
if: ${{ matrix.custom_ini == false }}
uses: actions/download-artifact@v4
with:
name: phpcs-phar
# This test specifically tests that the Phar which will be released works correctly on all PHP versions.
- name: 'PHPCS: check code style using the Phar file'
if: ${{ matrix.custom_ini == false }}
run: php phpcs.phar