ghostci / automation
Compliance - CI/CD & QA Test Automation for PHP via GitHub Actions.
Fund package maintenance!
ghostwriter
Requires
- php: ^8.3
- composer-plugin-api: ^2.2.2
- composer-runtime-api: ^2.2.2
- ext-json: *
- ext-mbstring: *
- ext-pcov: *
- composer/semver: ^3.4
- ghostwriter/clock: ^2.0
- ghostwriter/collection: ^2.0
- ghostwriter/config: ^0.4
- ghostwriter/container: ^2.0
- ghostwriter/event-dispatcher: ^3.0
- ghostwriter/json: ^2.0
- ghostwriter/option: ^1.5
- symfony/console: ^7.0
Requires (Dev)
- ghostwriter/coding-standard: dev-main
- ghostwriter/psalm-plugin: >=0.2
This package is auto-updated.
Last update: 2024-03-09 23:34:04 UTC
README
Compliance
- CI/CD
& QA Testing
Test Automation for PHP
via GitHub Actions
.
Caution
This project is not finished yet, work in progress.
Todo
-
check the composer scripts section to see if the commands exists,
- and report error/warning if not
- and skip the job if not
-
all tools should have a matching composer script name, i have already hardcoded the composer script for now, but this should be configurable (kebab case)
- the command will be
composer compliance:composer-require-checker
- or
composer compliance:phpunit
- I like the
compliance:
prefix, that way if you have aphpunit
script, - it will not cause a conflict with the
compliance:phpunit
script
- I like the
- or
- the command will be
-
I will import the release automation into this project
-
we will import the
composer.json
andcomposer.lock
validation into this project- we will use the extensions field from the
composer.json
file to determine which PHP extensions to install - pass the extensions list as an argument to the docker image/workflow via shivammathur/setup-php@v2 (looks like this part is already done, but we need to test it.)
- i did most of this... but i need to test it.
- we have everything we need to extract information from both composer files
- we will use the extensions field from the
[!INFO]
Woot woot!! we did it! we have a working prototype! 🎉
-- we need to import gpg keys from GitHub secrets GPG_KEY
,GPG_FINGERPRINT
--- to tag the release with a gpg signature
--- to sign binaries with a gpg signature
--- to sign the git commit with a gpg signature (automated composer.json update, if all tests pass)
- we need to add a command to add these commannds to the users composer.json file,
for each supported tools they have in their composer.json file [
require
andrequire-dev
]. - if it does not exist, we will add it to the
scripts
section. - if it exists, continue.
{ "scripts": { "compliance:composer-require-checker": [ "composer-require-checker check --config-file=composer-require-checker.json" ], "compliance:phpunit": [ "@phpunit --configuration=phpunit.xml --coverage-clover=coverage.xml" ] } }
Workflow
# .github/workflows/compliance.yml name: Compliance on: pull_request: push: branches: - "main" - "[0-9]+.[0-9]+.x" # 1.2.x - "v[0-9]+" # v1 schedule: - cron: "0 * * * *" # Runs hourly workflow_dispatch: # Manually Trigger workflow jobs: automation: uses: ghostwriter/compliance/.github/workflows/automation.yml@v1 secrets: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} INFECTION_DASHBOARD_API_KEY: ${{ secrets.INFECTION_DASHBOARD_API_KEY }}
Installation
You can install the package via composer:
composer require ghostwriter/compliance --dev
Usage
# Determine CI Jobs for GitHub Actions # compliance matrix (old) compliance run matrix compliance run check compliance run workflow # --workspace|w : Specify the workspace directory # --debug|d : Enable debug mode # --help|h : Display this help message # Executes a specific Job compliance check {job}
Docker
# Install from the command line: docker pull ghcr.io/ghostwriter/compliance:v2 # Usage from the command line: docker run -v $(PWD):/app -w=/app ghcr.io/ghostwriter/compliance workflow docker run -v $(PWD):/app -w=/app ghcr.io/ghostwriter/compliance config docker run -v $(PWD):/app -w=/app ghcr.io/ghostwriter/compliance matrix docker run -v $(PWD):/app -w=/app ghcr.io/ghostwriter/compliance check {job} # Use as base image in Dockerfile: FROM ghcr.io/ghostwriter/compliance:v1
Supported Tools
Ghostwriter\Compliance\Tool\ComposerRequireChecker; Ghostwriter\Compliance\Tool\ECS; Ghostwriter\Compliance\Tool\Infection; Ghostwriter\Compliance\Tool\PHPBench; Ghostwriter\Compliance\Tool\PHPCS; Ghostwriter\Compliance\Tool\PHPUnit; Ghostwriter\Compliance\Tool\Psalm; Ghostwriter\Compliance\Tool\Rector;
Testing
composer test
Changelog
Please see CHANGELOG.md for more information what has changed recently.
Security
If you discover any security related issues, please email nathanael.esayeas@protonmail.com
instead of using the issue tracker.
Sponsors
Credits
- Nathanael Esayeas
composer
mlocati/docker-php-extension-installer
shivammathur/setup-php
symfony
- All Contributors
License
The BSD-3-Clause. Please see License File for more information.