Upgraded drupal/security_review (3.1.0 => 3.1.1) #391
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Main GitHub Actions file for Omnipedia. | |
# | |
# @see https://github.com/shivammathur/setup-php | |
# | |
# @see https://github.com/shivammathur/setup-php/blob/master/examples/symfony-mysql.yml | |
# | |
# @see https://github.com/mglaman/whiskeydex/blob/main/.github/workflows/main.yml | |
name: Main | |
on: | |
push: | |
paths-ignore: | |
- '**.md' | |
# We currently only use DDEV for local development and not production/CI. | |
- '/.ddev/**' | |
# DigitalOcean stuff is not currently relevant to CI. | |
- '/.apache/**' | |
- '/.do/**' | |
- '/.php/**' | |
# Drupal config is not currently used for testing as that's all set up in | |
# modules and in tests. | |
- '/drupal_config/**' | |
- '/drupal_private_files/**' | |
# Drush config is not used for CI. | |
- '/drush/**' | |
# Ignore any changes in aggregated assets and public files directories. | |
- '/web/assets/**' | |
- '/web/sites/*/files/**' | |
pull_request: | |
paths-ignore: | |
- '**.md' | |
# We currently only use DDEV for local development and not production/CI. | |
- '/.ddev/**' | |
# DigitalOcean stuff is not currently relevant to CI. | |
- '/.apache/**' | |
- '/.do/**' | |
- '/.php/**' | |
# Drupal config is not currently used for testing as that's all set up in | |
# modules and in tests. | |
- '/drupal_config/**' | |
- '/drupal_private_files/**' | |
# Drush config is not used for CI. | |
- '/drush/**' | |
# Ignore any changes in aggregated assets and public files directories. | |
- '/web/assets/**' | |
- '/web/sites/*/files/**' | |
env: | |
# shivammathur/setup-php | |
PHP_EXTENSIONS: dom, curl, libxml, mbstring, zip, pdo, mysql, pdo_mysql, pdo_sqlite, bcmath, gd, exif, iconv | |
PHP_VERSION: 8.3 | |
jobs: | |
phpunit: | |
name: PHPUnit | |
runs-on: ubuntu-latest | |
# Docs: https://docs.github.com/en/actions/using-containerized-services | |
services: | |
mysql: | |
image: mysql:latest | |
env: | |
MYSQL_ALLOW_EMPTY_PASSWORD: false | |
MYSQL_ROOT_PASSWORD: db | |
MYSQL_DATABASE: db | |
ports: | |
- 3306/tcp | |
options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: shivammathur/setup-php@v2 | |
with: | |
php-version: ${{ env.PHP_VERSION }} | |
extensions: ${{ env.PHP_EXTENSIONS }} | |
coverage: none | |
tools: composer:v2 | |
- name: Get Composer cache directory | |
id: composer-cache | |
run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
- name: Cache Composer dependencies | |
uses: actions/cache@v4 | |
with: | |
path: ${{ steps.composer-cache.outputs.dir }} | |
# Use composer.json for key if composer.lock is not committed. | |
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
restore-keys: ${{ runner.os }}-composer- | |
# This file is set in our composer.json to not be scaffolded by default | |
# since it's not needed in production and local dev environments. However, | |
# it's not possible to run: | |
# | |
# composer config --unset \ | |
# extra.drupal-scaffold.file-mapping."[web-root]/.ht.router.php" | |
# | |
# because Composer will ignore more than 3 nesting levels passed to the | |
# config command by design. Thankfully, it's possible to get the full | |
# JSON contents of the file-mapping key, which we can then modify with jq | |
# and set regardless of nesting level. | |
# | |
# @see https://getcomposer.org/doc/03-cli.md#modifying-extra-values | |
# Documentation states a max nesting level of 3. | |
# | |
# @see https://jqlang.github.io/jq/manual/ | |
# | |
# @see https://github.com/marketplace/actions/run-jq | |
- name: Read existing Drupal scaffold config from composer.json | |
id: drupal-scaffold-config | |
run: echo 'value='\'$(composer config extra.drupal-scaffold.file-mapping)\' >> $GITHUB_OUTPUT | |
- name: Unset the .ht.router.php Drupal scaffold file mapping | |
uses: sergeysova/jq-action@v2 | |
id: drupal-scaffold-config-modified | |
with: | |
cmd: | | |
echo ${{ steps.drupal-scaffold-config.outputs.value }} | \ | |
jq --compact-output 'del(."[web-root]/.ht.router.php")' | |
- name: Save updated Drupal scaffold file mapping for PHPUnit tests | |
run: | | |
composer config extra.drupal-scaffold.file-mapping --json \ | |
'${{ steps.drupal-scaffold-config-modified.outputs.value }}' | |
- name: Install Composer dependencies | |
run: composer install --no-progress --prefer-dist --optimize-autoloader | |
- name: Run PHP development web server for functional tests | |
run: "cd web && php -S 127.0.0.1:8080 .ht.router.php &" | |
- name: Run Drupal PHPUnit tests | |
env: | |
SIMPLETEST_BASE_URL: http://127.0.0.1:8080 | |
SIMPLETEST_DB: mysql://root:[email protected]:${{ job.services.mysql.ports['3306'] }}/db | |
run: vendor/bin/phpunit --group=omnipedia --verbose | |
yarn: | |
name: Yarn | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: shivammathur/setup-php@v2 | |
with: | |
php-version: ${{ env.PHP_VERSION }} | |
extensions: ${{ env.PHP_EXTENSIONS }} | |
coverage: none | |
tools: composer:v2 | |
- name: Get Composer cache directory | |
id: composer-cache | |
run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
- name: Cache Composer dependencies | |
uses: actions/cache@v4 | |
with: | |
path: ${{ steps.composer-cache.outputs.dir }} | |
# Use composer.json for key if composer.lock is not committed. | |
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
restore-keys: ${{ runner.os }}-composer- | |
- name: Install Composer dependencies | |
run: composer install --no-progress --prefer-dist --optimize-autoloader | |
- name: Set Node.js 20.x | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20.x | |
- name: Enable Corepack | |
run: corepack enable | |
- name: Yarn install | |
uses: borales/actions-yarn@v5 | |
with: | |
cmd: install | |
- name: Yarn build:deploy | |
uses: borales/actions-yarn@v5 | |
with: | |
cmd: build:deploy |