.github/workflows/ci-tests.yml

# These workflows takes care of various CI tests.
on: pull_request
name: CI Tests
env:
  PHP_VERSION: 8.1
  COMPOSER_VERSION: v2

jobs:
  ValidateComposer:
    name: Validate Composer
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Setup PHP, with composer and extensions
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ env.PHP_VERSION }}
          coverage: none
          tools: composer:${{ env.COMPOSER_VERSION }}
      - name: Validate composer.json
        run: |
          composer validate --no-check-all --no-check-publish
      - name: Install Dependencies
        run: |
          composer install --no-interaction --no-progress
      - name: Ensure install does not modify VCS
        run: git diff --exit-code

  Phpcs:
    name: Check code style
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - name: Setup PHP, with composer and extensions
      uses: shivammathur/setup-php@v2
      with:
        php-version: ${{ env.PHP_VERSION }}
        tools: composer:${{ env.COMPOSER_VERSION }}, cs2pr
        coverage: none
        extensions: gd
    - name: Install Dependencies
      run: |
        composer install --no-interaction --no-progress
    - name: Run Twig CS Fixer
      run: |
        vendor/bin/phpcs -q --report=checkstyle | cs2pr

  TwigCsFixer:
    name: Check Twig code style
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Setup PHP, with composer and extensions
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ env.PHP_VERSION }}
          tools: composer:${{ env.COMPOSER_VERSION }}
          coverage: none
          extensions: gd
      - name: Install Dependencies
        run: |
          composer install --no-interaction --no-progress
      - name: Run Twig CS Fixer
        run: |
          vendor/bin/twig-cs-fixer lint --report=github

  Phpstan:
    name: Analyse code using PHPStan
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Setup PHP, with composer and extensions
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ env.PHP_VERSION }}
          coverage: none
          tools: composer:${{ env.COMPOSER_VERSION }}
      - name: Install composer dependencies
        run: |
          composer install --no-interaction --no-progress
          # Add vendor/bin to PATH for subsequent steps, see https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#adding-a-system-path
          composer config bin-dir --absolute >> "${GITHUB_PATH}"
      - name: PHPStan analyse
        run: |
          phpstan

  PhpUnit:
    name: Run PHP unit tests
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Setup PHP, with composer and extensions
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ env.PHP_VERSION }}
          tools: composer:${{ env.COMPOSER_VERSION }}
          coverage: xdebug
          extensions: gd
      - name: Install Dependencies
        run: |
          composer install --no-interaction --no-progress
      - name: Run PhpUnit
        run: ./vendor/bin/phpunit --coverage-text

  MarkdownLint:
    name: Lint Markdown
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        # git with HTTP authentication provides an easy way for us to install
        # unreleased commits of NPM projects. Currently: Pa11yCI
      - name: Reconfigure git to use HTTP authentication
        run: git config --global url."https://${{ secrets.GITHUB_TOKEN }}@github.com/".insteadOf ssh://git@github.com/
      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          cache: 'yarn'
      - name: Install dependencies
        run: yarn install --frozen-lockfile
      - name: Install problem matcher
        uses: xt0rted/markdownlint-problem-matcher@v3
      - name: Lint Markdown
        run: npx markdownlint-cli2

  Shellcheck:
    name: Shellcheck
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: shellcheck
        uses: reviewdog/action-shellcheck@v1
        with:
          github_token: ${{ secrets.github_token }}
          fail_on_error: true
          # Use the GitHub PullRequest review comment that reports findings
          # as inlined comments in a PullRequest.
          # Read more about reporters: https://github.com/reviewdog/reviewdog#reporters
          reporter: github-pr-review
          # We can exclude a single directory, so we go for .git.
          path: dev-scripts
          # Set the default filter-mode which only reports violations caused by
          # added/modified lines.
          # Read more about filter-mode: https://github.com/reviewdog/reviewdog#filter-mode
          filter_mode: nofilter

  EslintDrupal:
    name: Lint Drupal assets
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        # git with HTTP authentication provides an easy way for us to install
        # unreleased commits of NPM projects. Currently: Pa11yCI
      - name: Reconfigure git to use HTTP authentication
        run: git config --global url."https://${{ secrets.GITHUB_TOKEN }}@github.com/".insteadOf ssh://git@github.com/
      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          cache: 'yarn'
      - name: Install dependencies
        run: yarn install --frozen-lockfile
      - name: Run ESLint
        run: npx eslint web -c .eslintrc.json

  EslintCypress:
    name: Lint Cypress tests
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        # git with HTTP authentication provides an easy way for us to install
        # unreleased commits of NPM projects. Currently: Pa11yCI
      - name: Reconfigure git to use HTTP authentication
        run: git config --global url."https://${{ secrets.GITHUB_TOKEN }}@github.com/".insteadOf ssh://git@github.com/
      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          cache: 'yarn'
      - name: Install dependencies
        run: yarn install --frozen-lockfile
      - name: Run ESLint
        run: npx eslint cypress -c cypress/.eslintrc.json

  CheckPhpVersion:
    name: Check PHP version
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Check PHP version in composer.json
        run: |
          if ! jq .require.php composer.json | grep ${{ env.PHP_VERSION }}; then
            echo "PHP version in composer.json does not match the version in the GitHub Actions."
            exit 1
          fi
      - name: Check PHP version in PHP service
        run: |
          if ! docker compose run php -- php --version | grep ${{ env.PHP_VERSION }}; then
            echo "PHP version for PHP service docker-compose.yml does not match the version in the GitHub Actions."
            exit 1
          fi
      - name: Check PHP version in CLI service
        run: |
          if ! docker compose run php -- php --version | grep ${{ env.PHP_VERSION }}; then
            echo "PHP version for CLI service docker-compose.yml does not match the version in the GitHub Actions."
            exit 1
          fi