Merge pull request #4870 from RoboJackets/renovate/sentry-javascript-… #1041
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| - push | |
| jobs: | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Register problem matchers | |
| run: echo "::add-matcher::.github/matchers.json" | |
| - name: Setup PHP | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '8.3' | |
| extensions: bcmath, ctype, curl, fileinfo, gd, intl, json, ldap, mbstring, mysqli, openssl, pdo, redis, sqlite3, tokenizer, uuid, xml, zip | |
| coverage: none | |
| env: | |
| fail-fast: true | |
| GITHUB_TOKEN: ${{ github.token }} | |
| - name: Get Composer cache directory | |
| id: composer-cache | |
| run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
| - name: Setup Composer cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ steps.composer-cache.outputs.dir }} | |
| key: ${{ runner.os }}-composer-${{ hashFiles('composer.lock') }} | |
| restore-keys: ${{ runner.os }}-composer- | |
| - name: Install Composer dependencies | |
| env: | |
| COMPOSER_AUTH: >- | |
| {"github-oauth":{"github.com":"${{ github.token }}"},"http-basic":{"nova.laravel.com":{"username":"${{ secrets.LARAVEL_NOVA_USERNAME }}","password":"${{ secrets.LARAVEL_NOVA_PASSWORD }}"}}} | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Run Pint | |
| run: vendor/bin/pint --test | |
| - name: Run PHPCS | |
| run: vendor/bin/phpcs . | |
| - name: Run PHPStan | |
| run: vendor/bin/phpstan analyze --level=max --configuration=phpstan.neon --error-format=github --no-progress . | |
| - name: Run Phan | |
| run: vendor/bin/phan --no-progress-bar --analyze-twice | |
| - name: Run Psalm | |
| run: vendor/bin/psalm --output-format=github --no-progress | |
| - name: Run Enlightn | |
| run: | | |
| cp --verbose .env.example .env | |
| php artisan key:generate --no-interaction --verbose | |
| php artisan passport:keys --no-interaction --verbose | |
| php artisan enlightn --ci --details --show-exceptions --no-interaction --verbose | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup PHP | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '8.3' | |
| extensions: bcmath, ctype, curl, fileinfo, gd, intl, json, ldap, mbstring, mysqli, openssl, pdo, redis, sqlite3, tokenizer, uuid, xml, zip | |
| coverage: none | |
| env: | |
| fail-fast: true | |
| GITHUB_TOKEN: ${{ github.token }} | |
| - name: Install exiftool | |
| run: sudo apt-get install --assume-yes libimage-exiftool-perl | |
| - name: Prepare the environment | |
| run: cp .env.example .env | |
| - name: Get composer cache directory | |
| id: composer-cache | |
| run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
| - name: Setup composer cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ steps.composer-cache.outputs.dir }} | |
| key: ${{ runner.os }}-composer-${{ hashFiles('composer.lock') }} | |
| restore-keys: ${{ runner.os }}-composer- | |
| - name: Install composer dependencies | |
| env: | |
| COMPOSER_AUTH: >- | |
| {"github-oauth":{"github.com":"${{ github.token }}"},"http-basic":{"nova.laravel.com":{"username":"${{ secrets.LARAVEL_NOVA_USERNAME }}","password":"${{ secrets.LARAVEL_NOVA_PASSWORD }}"}}} | |
| run: composer install --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist | |
| - name: Generate application key | |
| run: php artisan key:generate | |
| - name: Generate Passort keys | |
| run: php artisan passport:keys | |
| - name: Run tests | |
| run: php artisan test | |
| docker: | |
| name: Docker | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to BCDC Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: registry.bcdc.robojackets.net | |
| username: ${{ secrets.BCDC_REGISTRY_USERNAME }} | |
| password: ${{ secrets.BCDC_REGISTRY_PASSWORD }} | |
| - name: Write Composer auth file | |
| run: | | |
| echo '{"github-oauth":{"github.com":"${{ github.token }}"},"http-basic":{"nova.laravel.com":{"username":"${{ secrets.LARAVEL_NOVA_USERNAME }}","password":"${{ secrets.LARAVEL_NOVA_PASSWORD }}"}}}' > auth.json | |
| - name: Build and push | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| tags: registry.bcdc.robojackets.net/apiary:latest | |
| network: host | |
| pull: true | |
| push: true | |
| secret-files: composer_auth=./auth.json | |
| target: ${{ github.ref == 'refs/heads/main' && 'backend-compressed' || 'backend-uncompressed' }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| outputs: | |
| image-digest: ${{ steps.build.outputs.digest }} | |
| deploy-test: | |
| name: Deploy | |
| needs: [lint, test, docker] | |
| uses: ./.github/workflows/deploy.yml | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| concurrency: | |
| group: deploy-test | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: read | |
| with: | |
| image-digest: ${{ needs.docker.outputs.image-digest }} | |
| environment: test | |
| precompressed-assets: true | |
| deploy-sandbox: | |
| name: Deploy | |
| needs: [lint, test, docker, deploy-test] | |
| uses: ./.github/workflows/deploy.yml | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| concurrency: | |
| group: deploy-sandbox | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: read | |
| with: | |
| image-digest: ${{ needs.docker.outputs.image-digest }} | |
| environment: sandbox | |
| precompressed-assets: true | |
| deploy-production: | |
| name: Deploy | |
| needs: [lint, test, docker, deploy-sandbox] | |
| uses: ./.github/workflows/deploy.yml | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| concurrency: | |
| group: deploy-production | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: read | |
| with: | |
| image-digest: ${{ needs.docker.outputs.image-digest }} | |
| environment: production | |
| precompressed-assets: true |