134 lines (108 loc) · 3.95 KB
/
cs.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: CS
on: [ pull_request ]
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
ecs:
name: Coding Standards (PHP)
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
packagist.org:443
54.185.253.63:443
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
- name: Setup PHP
uses: shivammathur/setup-php@8872c784b04a1420e81191df5d64fbd59d3d3033
with:
php-version: 8.1
extensions: intl, gd, opcache, mysql, pdo_mysql
- name: Get composer cache directory
id: composercache
run: echo "::set-output name=dir::$(composer config cache-files-dir)"
- name: Cache dependencies
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84
with:
path: ${{ steps.composercache.outputs.dir }}
key: ${{ runner.os }}-php-74-composer-${{ hashFiles('composer.json composer.lock') }}
restore-keys: |
${{ runner.os }}-php-${{ matrix.php }}-composer-
- name: Install dependencies
run: composer install --ansi --no-interaction --no-progress --prefer-dist
- name: Run EasyCodingStandard
run: bin/ecs check
composer-normalize:
name: Composer Normalize
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
packagist.org:443
raw.githubusercontent.com:443
repo.packagist.org:443
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
- name: Setup PHP
uses: shivammathur/setup-php@8872c784b04a1420e81191df5d64fbd59d3d3033
with:
php-version: 8.1
- name: Install dependencies
run: composer install --no-scripts
- name: Ensure lock file is up to date
run: composer update --lock --no-scripts
- name: Run composer normalize
run: composer normalize --no-update-lock --diff --dry-run
lint:
permissions:
contents: read # for actions/checkout to fetch code
statuses: write # for github/super-linter/slim to mark status of each linter run
name: Lint
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
registry.yarnpkg.com:443
pipelinesghubeus2.actions.githubusercontent.com:443
54.185.253.63:443
- name: Checkout Code
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
with:
fetch-depth: 0
- uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c
with:
node-version-file: .nvmrc
- run: yarn install
- name: Super-Linter
uses: github/super-linter/slim@45fc0d88288beee4701c62761281edfee85655d7
env:
VALIDATE_ALL_CODEBASE: false
DEFAULT_BRANCH: 2.1.x
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CSS_FILE_NAME: .stylelintrc.json
VALIDATE_YAML: true
VALIDATE_JSON: true
VALIDATE_XML: true
VALIDATE_MD: true
VALIDATE_GITLEAKS: true
VALIDATE_BASH: true
VALIDATE_PHP_BUILTIN: true
LINTER_RULES_PATH: .
VALIDATE_JAVASCRIPT_ES: true
VALIDATE_CSS: true