.github/workflows/continuous-integration.yml

# https://help.github.com/en/categories/automating-your-workflow-with-github-actions

on:
  pull_request:
  push:
    branches:
      - main
    tags:
      - "**"

name: "Continuous Integration"

jobs:
  coding-standards:
    name: "Coding Standards"

    runs-on: ubuntu-latest

    strategy:
      matrix:
        php-version:
          - 7.4

    steps:
      - name: "Checkout"
        uses: actions/checkout@v2.3.2

      - name: "Install PHP with extensions"
        uses: shivammathur/setup-php@2.4.3
        with:
          coverage: none
          extensions: "mbstring, json"
          php-version: ${{ matrix.php-version }}

      - name: "Validate composer.json and composer.lock"
        run: composer validate --strict

      - name: "Cache dependencies installed with composer"
        uses: actions/cache@v2
        with:
          path: ~/.composer/cache
          key: php${{ matrix.php-version }}-composer-
          restore-keys: |
            php${{ matrix.php-version }}-composer-

      - name: "Install locked dependencies with composer"
        run: composer install --no-interaction --no-progress --no-suggest

      - name: "Run localheinz/composer-normalize"
        run: composer normalize --dry-run

      - name: "Create cache directory for friendsofphp/php-cs-fixer"
        run: mkdir -p .build/php-cs-fixer

      - name: "Cache cache directory for friendsofphp/php-cs-fixer"
        uses: actions/cache@v2
        with:
          path: .build/php-cs-fixer
          key: php${{ matrix.php-version }}-php-cs-fixer-
          restore-keys: |
            php${{ matrix.php-version }}-php-cs-fixer-

      - name: "Run friendsofphp/php-cs-fixer"
        run: composer cs-diff

  static-code-analysis:
    name: "Static Code Analysis"

    runs-on: ubuntu-latest

    strategy:
      matrix:
        php-version:
          - 7.4

    steps:
      - name: "Checkout"
        uses: actions/checkout@v2.3.2

      - name: "Install PHP with extensions"
        uses: shivammathur/setup-php@2.4.3
        with:
          coverage: none
          extensions: "mbstring, json"
          php-version: ${{ matrix.php-version }}

      - name: "Cache dependencies installed with composer"
        uses: actions/cache@v2
        with:
          path: ~/.composer/cache
          key: ${{ matrix.php-version }}-composer-
          restore-keys: |
            ${{ matrix.php-version }}-composer-

      - name: "Install locked dependencies with composer"
        run: composer install --no-interaction --no-progress --no-suggest

      - name: "Run phpstan/phpstan"
        run: composer phpstan

      - name: "Run psalm"
        run: vendor/bin/psalm --config=psalm.xml --diff --diff-methods --shepherd --show-info=false --stats --threads=4

  tests:
    name: "Tests"

    runs-on: ubuntu-latest

    strategy:
      matrix:
        php-version:
          - 7.2
          - 7.3
          - 7.4

        dependencies:
          - lowest
          - highest

    steps:
      - name: "Checkout"
        uses: actions/checkout@v2.3.2

      - name: "Install PHP with extensions"
        uses: shivammathur/setup-php@2.4.3
        with:
          coverage: none
          extensions: "mbstring, json"
          php-version: ${{ matrix.php-version }}

      - name: "Cache dependencies installed with composer"
        uses: actions/cache@v2
        with:
          path: ~/.composer/cache
          key: php${{ matrix.php-version }}-composer-
          restore-keys: |
            php${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-

      - name: "Install lowest dependencies with composer"
        if: matrix.dependencies == 'lowest'
        run: composer update --no-interaction --no-progress --no-suggest --prefer-lowest

      - name: "Install highest dependencies with composer"
        if: matrix.dependencies == 'highest'
        run: composer update --no-interaction --no-progress --no-suggest

      - name: "Run tests with phpunit/phpunit"
        run: composer test

  code-coverage:
    name: "Code Coverage"

    runs-on: ubuntu-latest

    strategy:
      matrix:
        php-version:
          - 7.4

    steps:
      - name: "Checkout"
        uses: actions/checkout@v2.3.2

      - name: "Install PHP with extensions"
        uses: shivammathur/setup-php@2.4.3
        with:
          coverage: pcov
          extensions: "mbstring, json"
          php-version: ${{ matrix.php-version }}

      - name: "Cache dependencies installed with composer"
        uses: actions/cache@v2
        with:
          path: ~/.composer/cache
          key: php${{ matrix.php-version }}-composer-
          restore-keys: |
            php${{ matrix.php-version }}-composer-

      - name: "Install locked dependencies with composer"
        run: composer install --no-interaction --no-progress --no-suggest

      - name: "Collect code coverage with pcov and phpunit/phpunit"
        run: composer coverage

      - name: "Send code coverage report to Codecov.io"
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
        run: bash <(curl -s https://codecov.io/bash)

  mutation-tests:
    name: "Mutation Tests"

    runs-on: ubuntu-latest

    strategy:
      matrix:
        php-version:
          - 7.4

    steps:
      - name: "Checkout"
        uses: actions/checkout@v2.3.2

      - name: "Install PHP with extensions"
        uses: shivammathur/setup-php@2.4.3
        with:
          coverage: pcov
          extensions: "mbstring"
          php-version: ${{ matrix.php-version }}

      - name: "Cache dependencies installed with composer"
        uses: actions/cache@v2
        with:
          path: ~/.composer/cache
          key: php${{ matrix.php-version }}-composer-
          restore-keys: |
            php${{ matrix.php-version }}-composer-

      - name: "Install locked dependencies with composer"
        run: composer install --no-interaction --no-progress --no-suggest

      - name: "Run mutation tests with pcov and infection/infection"
        run: composer infection

  merge:
    name: "Merge"

    runs-on: "ubuntu-latest"

    needs:
      - "coding-standards"
      - "static-code-analysis"
      - "tests"
      - "code-coverage"
      - "mutation-tests"

    if: >
      github.event_name == 'pull_request' &&
      github.event.pull_request.draft == false && (
        github.event.action == 'opened' ||
        github.event.action == 'reopened' ||
        github.event.action == 'synchronize'
      ) && (
        (contains(github.event.pull_request.labels.*.name, 'automerge'))
      )

    steps:
      - name: "Request review from @nucleos-bot"
        uses: "actions/github-script@v2"
        with:
          github-token: "${{ secrets.NUCLEOS_BOT_TOKEN }}"
          script: |
            const pullRequest = context.payload.pull_request
            const repository = context.repo
            const reviewers = [
              "nucleos-bot",
            ]
            await github.pulls.createReviewRequest({
              owner: repository.owner,
              pull_number: pullRequest.number,
              repo: repository.repo,
              reviewers: reviewers,
            })

      - name: "Assign @nucleos-bot"
        uses: "actions/github-script@v2"
        with:
          github-token: "${{ secrets.NUCLEOS_BOT_TOKEN }}"
          script: |
            const pullRequest = context.payload.pull_request
            const repository = context.repo
            const reviewers = [
              "nucleos-bot",
            ]
            await github.issues.addAssignees({
              assignees: reviewers,
              issue_number: pullRequest.number,
              owner: repository.owner,
              repo: repository.repo,
            })

      - name: "Approve pull request"
        uses: "actions/github-script@v2"
        if: "github.actor != 'nucleos-bot'"
        with:
          github-token: "${{ secrets.NUCLEOS_BOT_TOKEN }}"
          script: |
            const pullRequest = context.payload.pull_request
            const repository = context.repo
            await github.pulls.createReview({
              event: "APPROVE",
              owner: repository.owner,
              pull_number: pullRequest.number,
              repo: repository.repo,
            })

      - name: "Merge pull request"
        uses: "actions/github-script@v2"
        with:
          github-token: "${{ secrets.NUCLEOS_BOT_TOKEN }}"
          script: |
            const pullRequest = context.payload.pull_request
            const repository = context.repo
            await github.pulls.merge({
              merge_method: "merge",
              owner: repository.owner,
              pull_number: pullRequest.number,
              repo: repository.repo,
            })