diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e0a79dd..99f872e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,34 +1,44 @@ version: 2 updates: -- package-ecosystem: composer +- package-ecosystem: 'composer' + directory: '/' + schedule: + interval: 'weekly' + cooldown: + default-days: 1 + ignore: + - dependency-name: '**' + update-types: ['version-update:semver-major'] + versioning-strategy: increase + groups: + security-updates: + applies-to: security-updates + dependency-type: production + dependencies: + applies-to: version-updates + dependency-type: production + update-types: + - minor + - patch + phpstan-dependencies: + applies-to: version-updates + dependency-type: development + update-types: + - minor + - patch + patterns: + - 'phpstan/*' + open-pull-requests-limit: 5 + labels: + - 'backend' + - 'dependencies' + assignees: + - chapter-backend + target-branch: "main" +- package-ecosystem: github-actions directory: "/" schedule: - interval: daily + interval: weekly time: "04:00" - open-pull-requests-limit: 10 - reviewers: - - canvural - assignees: - - canvural - versioning-strategy: increase - ignore: - - dependency-name: phpstan/phpstan - versions: - - 0.12.76 - - 0.12.78 - - 0.12.83 - - 0.12.84 - - dependency-name: league/openapi-psr7-validator - versions: - - "0.16" - - dependency-name: doctrine/coding-standard - versions: - - 9.0.0 - - dependency-name: infection/infection - versions: - - 0.21.1 - - 0.21.3 - - 0.21.5 - - dependency-name: fakerphp/faker - versions: - - 1.14.0 + open-pull-requests-limit: 5 + target-branch: "main" diff --git a/.github/workflows/release-on-milestone-closed.yml b/.github/workflows/release-on-milestone-closed.yml deleted file mode 100644 index b7a56f7..0000000 --- a/.github/workflows/release-on-milestone-closed.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: "Automatic Releases" - -on: - milestone: - types: - - "closed" - -jobs: - release: - name: "Git tag, release & create merge-up PR" - runs-on: "ubuntu-20.04" - - steps: - - name: "Checkout" - uses: "actions/checkout@v2" - - - name: "Release" - uses: "laminas/automatic-releases@v1" - with: - command-name: "laminas:automatic-releases:release" - env: - "GITHUB_TOKEN": ${{ secrets.GITHUB_TOKEN }} - "SIGNING_SECRET_KEY": ${{ secrets.SIGNING_SECRET_KEY }} - "GIT_AUTHOR_NAME": ${{ secrets.GIT_AUTHOR_NAME }} - "GIT_AUTHOR_EMAIL": ${{ secrets.GIT_AUTHOR_EMAIL }} - - - name: "Create Merge-Up Pull Request" - uses: "laminas/automatic-releases@v1" - with: - command-name: "laminas:automatic-releases:create-merge-up-pull-request" - env: - "GITHUB_TOKEN": ${{ secrets.GITHUB_TOKEN }} - "SIGNING_SECRET_KEY": ${{ secrets.SIGNING_SECRET_KEY }} - "GIT_AUTHOR_NAME": ${{ secrets.GIT_AUTHOR_NAME }} - "GIT_AUTHOR_EMAIL": ${{ secrets.GIT_AUTHOR_EMAIL }} - - - name: "Create new milestones" - uses: "laminas/automatic-releases@v1" - with: - command-name: "laminas:automatic-releases:create-milestones" - env: - "GITHUB_TOKEN": ${{ secrets.GITHUB_TOKEN }} - "SIGNING_SECRET_KEY": ${{ secrets.SIGNING_SECRET_KEY }} - "GIT_AUTHOR_NAME": ${{ secrets.GIT_AUTHOR_NAME }} - "GIT_AUTHOR_EMAIL": ${{ secrets.GIT_AUTHOR_EMAIL }} diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index cea64ff..5e8df5d 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -1,282 +1,110 @@ -name: "Tests" +name: "CI" on: - push: - # Prevent duplicating jobs on PR-s from local branches - branches: - - "master" pull_request: - schedule: - - cron: "0 0 * * *" - -env: - MIN_COVERED_MSI: 88 - MIN_MSI: 86 - REQUIRED_PHP_EXTENSIONS: "json" - INFECTION_BADGE_API_KEY: ${{ secrets.INFECTION_BADGE_API_KEY }} + branches: + - "main" jobs: coding-standards: name: "Coding Standards" - runs-on: "ubuntu-latest" - - strategy: - matrix: - php: [8.0] - dependencies: [locked] - steps: - name: "Checkout" - uses: "actions/checkout@v2" + uses: "actions/checkout@v4" - - name: "Install PHP with extensions" + - name: "Setup PHP" uses: "shivammathur/setup-php@v2" with: + php-version: "8.4" + extensions: "json" coverage: "none" - extensions: "${{ env.REQUIRED_PHP_EXTENSIONS }}" - php-version: "${{ matrix.php }}" -# - name: "Validate composer.json and composer.lock" -# run: "composer validate --strict" + - name: "Get composer cache directory" + id: "composer-cache" + run: echo "dir=$(composer config cache-dir)" >> $GITHUB_OUTPUT - - name: "Determine composer cache directory" - id: "determine-composer-cache-directory" - run: "echo \"::set-output name=directory::$(composer config cache-dir)\"" - - - name: "Cache dependencies installed with composer" - uses: "actions/cache@v2.1.4" + - name: "Cache composer dependencies" + uses: "actions/cache@v4" with: - path: "${{ steps.determine-composer-cache-directory.outputs.directory }}" - key: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}" - restore-keys: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-" - - - name: "Install lowest dependencies from composer.json" - if: "matrix.dependencies == 'lowest'" - run: "composer update --no-interaction --no-progress --no-suggest --prefer-lowest" + path: "${{ steps.composer-cache.outputs.dir }}" + key: "php-8.4-composer-${{ hashFiles('composer.lock') }}" + restore-keys: "php-8.4-composer-" - - name: "Install locked dependencies from composer.lock" - if: "matrix.dependencies == 'locked'" - run: "composer install --no-interaction --no-progress --no-suggest" + - name: "Install dependencies" + run: "composer install --no-interaction --no-progress" - - name: "Install highest dependencies from composer.json" - if: "matrix.dependencies == 'highest'" - run: "composer update --no-interaction --no-progress --no-suggest" - - - name: "Run ergebnis/composer-normalize" - run: "composer normalize --dry-run" - - - name: "Run phpcs" - run: "composer codestyle" - - static-code-analysis: - name: "Static Code Analysis" + - name: "Run codestyle" + run: "composer run codestyle" + static-analysis: + name: "Static Analysis" runs-on: "ubuntu-latest" - - strategy: - matrix: - php: [8.0, 8.1] - - dependencies: [locked] - steps: - name: "Checkout" - uses: "actions/checkout@v2" + uses: "actions/checkout@v4" - - name: "Install PHP with extensions" + - name: "Setup PHP" uses: "shivammathur/setup-php@v2" with: + php-version: "8.4" + extensions: "json" coverage: "none" - extensions: "${{ env.REQUIRED_PHP_EXTENSIONS }}" - php-version: "${{ matrix.php }}" - - name: "Determine composer cache directory" - id: "determine-composer-cache-directory" - run: "echo \"::set-output name=directory::$(composer config cache-dir)\"" + - name: "Get composer cache directory" + id: "composer-cache" + run: echo "dir=$(composer config cache-dir)" >> $GITHUB_OUTPUT - - name: "Cache dependencies installed with composer" - uses: "actions/cache@v2.1.4" + - name: "Cache composer dependencies" + uses: "actions/cache@v4" with: - path: "${{ steps.determine-composer-cache-directory.outputs.directory }}" - key: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}" - restore-keys: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-" - - - name: "Install lowest dependencies from composer.json" - if: "matrix.dependencies == 'lowest'" - run: "composer update --no-interaction --no-progress --no-suggest --prefer-lowest" + path: "${{ steps.composer-cache.outputs.dir }}" + key: "php-8.4-composer-${{ hashFiles('composer.lock') }}" + restore-keys: "php-8.4-composer-" - - name: "Install locked dependencies from composer.lock" - if: "matrix.dependencies == 'locked'" - run: "composer install --no-interaction --no-progress --no-suggest" + - name: "Install dependencies" + run: "composer install --no-interaction --no-progress" - - name: "Install highest dependencies from composer.json" - if: "matrix.dependencies == 'highest'" - run: "composer update --no-interaction --no-progress --no-suggest" - - - name: "Create cache directory for phpstan/phpstan" + - name: "Create phpstan cache directory" run: "mkdir -p .build/phpstan" - - name: "Cache cache directory for phpstan/phpstan" - uses: "actions/cache@v2.1.4" + - name: "Cache phpstan results" + uses: "actions/cache@v4" with: path: ".build/phpstan" - key: "php-${{ matrix.php }}-phpstan-${{ github.sha }}" - restore-keys: "php-${{ matrix.php }}-phpstan-" + key: "php-8.4-phpstan-${{ github.sha }}" + restore-keys: "php-8.4-phpstan-" - - name: "Run phpstan/phpstan" - run: "composer phpstan" + - name: "Run phpstan" + run: "composer run phpstan" tests: name: "Tests" - runs-on: "ubuntu-latest" - - strategy: - matrix: - php: [8.0, 8.1, 8.2] - - dependencies: - - "lowest" - - "locked" - - "highest" - steps: - name: "Checkout" - uses: "actions/checkout@v2" + uses: "actions/checkout@v4" - - name: "Install PHP with extensions" + - name: "Setup PHP" uses: "shivammathur/setup-php@v2" with: + php-version: "8.4" + extensions: "json" coverage: "none" - extensions: "${{ env.REQUIRED_PHP_EXTENSIONS }}" - php-version: "${{ matrix.php }}" - - name: "Determine composer cache directory" - id: "determine-composer-cache-directory" - run: "echo \"::set-output name=directory::$(composer config cache-dir)\"" + - name: "Get composer cache directory" + id: "composer-cache" + run: echo "dir=$(composer config cache-dir)" >> $GITHUB_OUTPUT - - name: "Cache dependencies installed with composer" - uses: "actions/cache@v2.1.4" + - name: "Cache composer dependencies" + uses: "actions/cache@v4" with: - path: "${{ steps.determine-composer-cache-directory.outputs.directory }}" - key: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}" - restore-keys: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-" - - - name: "Install lowest dependencies from composer.json" - if: "matrix.dependencies == 'lowest'" - run: "composer update --no-interaction --no-progress --no-suggest --prefer-lowest" - - - name: "Install locked dependencies from composer.lock" - if: "matrix.dependencies == 'locked'" - run: "composer install --no-interaction --no-progress --no-suggest" - - - name: "Install highest dependencies from composer.json" - if: "matrix.dependencies == 'highest'" - run: "composer update --no-interaction --no-progress --no-suggest" - - - name: "Run all tests" - run: "composer test" - - code-coverage: - name: "Code Coverage" - - runs-on: "ubuntu-latest" - - strategy: - matrix: - php: [8.0, 8.1] - - dependencies: - - "locked" - - steps: - - name: "Checkout" - uses: "actions/checkout@v2" - - - name: "Install PHP with extensions" - uses: "shivammathur/setup-php@v2" - with: - coverage: "pcov" - extensions: "${{ env.REQUIRED_PHP_EXTENSIONS }}" - php-version: "${{ matrix.php }}" - - - name: "Determine composer cache directory" - id: "determine-composer-cache-directory" - run: "echo \"::set-output name=directory::$(composer config cache-dir)\"" - - - name: "Cache dependencies installed with composer" - uses: "actions/cache@v2.1.4" - with: - path: "${{ steps.determine-composer-cache-directory.outputs.directory }}" - key: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}" - restore-keys: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-" - - - name: "Install lowest dependencies from composer.json" - if: "matrix.dependencies == 'lowest'" - run: "composer update --no-interaction --no-progress --no-suggest --prefer-lowest" - - - name: "Install locked dependencies from composer.lock" - if: "matrix.dependencies == 'locked'" - run: "composer install --no-interaction --no-progress --no-suggest" - - - name: "Install highest dependencies from composer.json" - if: "matrix.dependencies == 'highest'" - run: "composer update --no-interaction --no-progress --no-suggest" - - - name: "Collect code coverage with pcov and phpunit/phpunit" - run: "composer test-coverage" - - - name: "Send code coverage report to Codecov.io" - env: - CODECOV_TOKEN: "${{ secrets.CODECOV_TOKEN }}" - run: "bash <(curl -s https://codecov.io/bash)" - - mutation-tests: - name: "Mutation Tests" - - runs-on: "ubuntu-latest" - - strategy: - matrix: - php: [8.0] - - dependencies: - - "locked" - - steps: - - name: "Checkout" - uses: "actions/checkout@v2" - - - name: "Install PHP with extensions" - uses: "shivammathur/setup-php@v2" - with: - coverage: "pcov" - extensions: "${{ env.REQUIRED_PHP_EXTENSIONS }}" - php-version: "${{ matrix.php }}" - - - name: "Determine composer cache directory" - id: "determine-composer-cache-directory" - run: "echo \"::set-output name=directory::$(composer config cache-dir)\"" - - - name: "Cache dependencies installed with composer" - uses: "actions/cache@v2.1.4" - with: - path: "${{ steps.determine-composer-cache-directory.outputs.directory }}" - key: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}" - restore-keys: "php-${{ matrix.php }}-composer-${{ matrix.dependencies }}-" - - - name: "Install lowest dependencies from composer.json" - if: "matrix.dependencies == 'lowest'" - run: "composer update --no-interaction --no-progress --no-suggest --prefer-lowest" - - - name: "Install locked dependencies from composer.lock" - if: "matrix.dependencies == 'locked'" - run: "composer install --no-interaction --no-progress --no-suggest" + path: "${{ steps.composer-cache.outputs.dir }}" + key: "php-8.4-composer-${{ hashFiles('composer.lock') }}" + restore-keys: "php-8.4-composer-" - - name: "Install highest dependencies from composer.json" - if: "matrix.dependencies == 'highest'" - run: "composer update --no-interaction --no-progress --no-suggest" + - name: "Install dependencies" + run: "composer install --no-interaction --no-progress" - - name: "Run mutation tests with pcov and infection/infection" - run: "vendor/bin/infection --ignore-msi-with-no-mutations --min-covered-msi=${{ env.MIN_COVERED_MSI }} --min-msi=${{ env.MIN_MSI }}" + - name: "Run tests" + run: "composer run test"