Security update #1002

Workflow file for this run

	on: pull_request
	name: PR Review
	jobs:
	changelog:
	runs-on: ubuntu-latest
	name: Changelog should be updated
	strategy:
	fail-fast: false
	steps:
	- name: Checkout
	uses: actions/checkout@master
	with:
	fetch-depth: 2

	- name: Git fetch
	run: git fetch

	- name: Check that changelog has been updated.
	run: git diff --exit-code origin/${{ github.base_ref }} -- CHANGELOG.md && exit 1 \|\| exit 0

	test-composer-files:
	name: Validate composer
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@master
	- name: Setup PHP, with composer and extensions
	uses: shivammathur/setup-php@v2
	with:
	php-version: 8.2
	extensions: ctype, dom, iconv, json, zip, gd, soap
	coverage: none
	tools: composer:v2
	# https://github.com/shivammathur/setup-php#cache-composer-dependencies
	- name: Get composer cache directory
	id: composer-cache
	run: echo "::set-output name=dir::$(composer config cache-files-dir)"
	- name: Cache dependencies
	uses: actions/cache@v2
	with:
	path: ${{ steps.composer-cache.outputs.dir }}
	key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
	restore-keys: ${{ runner.os }}-composer-
	- name: Validate composer files
	run: \|
	composer validate composer.json
	- name: Check composer file is normalized
	run: \|
	composer install --no-interaction --no-progress
	composer normalize composer.json --dry-run

	config-check:
	name: Check that config is up to date
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@master

	- name: Install site
	run: \|
	docker network create frontend
	docker compose pull
	docker compose up --detach

	# Important: Use --no-interaction to make https://getcomposer.org/doc/06-config.md#discard-changes have effect.
	docker compose exec --user root phpfpm composer install --no-interaction

	# Install the site
	docker compose exec --user root phpfpm vendor/bin/drush site:install --existing-config --yes

	- name: Export config
	run: docker compose exec --user root phpfpm vendor/bin/drush config:export --yes
	- name: Check for changes in config
	run: git diff --diff-filter=ACMRT --exit-code config/

	phpcs:
	name: PHP - Check Coding Standards
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@master
	- name: Setup PHP, with composer and extensions
	uses: shivammathur/setup-php@v2
	with:
	php-version: 8.2
	extensions: ctype, dom, iconv, json, zip, gd, soap
	coverage: none
	tools: composer:v2
	# https://github.com/shivammathur/setup-php#cache-composer-dependencies
	- name: Get composer cache directory
	id: composer-cache
	run: echo "::set-output name=dir::$(composer config cache-files-dir)"
	- name: Cache dependencies
	uses: actions/cache@v2
	with:
	path: ${{ steps.composer-cache.outputs.dir }}
	key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
	restore-keys: ${{ runner.os }}-composer-
	- name: Install Dependencies
	run: \|
	composer install --no-interaction --no-progress
	- name: PHPCS
	run: \|
	composer coding-standards-check

	yarncs:
	name: Yarn - Check Coding Standards (Node ${{ matrix.node }})
	runs-on: ubuntu-latest
	strategy:
	matrix:
	node: [ '16' ]
	steps:
	- uses: actions/checkout@v2
	- name: Setup node
	uses: actions/setup-node@v3
	with:
	node-version: ${{ matrix.node }}
	- run: \|
	yarn install
	yarn coding-standards-check

	site-install-dev:
	name: (Dev) Verify Drupal install and fixtures
	runs-on: ubuntu-latest
	services:
	mariadb:
	image: mariadb:10.11
	ports:
	- 3306:3306
	env:
	MYSQL_USER: db
	MYSQL_PASSWORD: db
	MYSQL_DATABASE: db
	MYSQL_ROOT_PASSWORD: db
	options:
	--health-cmd="mysqladmin ping"
	--health-interval=10s
	--health-timeout=5s
	--health-retries=3
	steps:
	- uses: actions/checkout@master
	- name: Setup PHP, with composer and extensions
	uses: shivammathur/setup-php@v2
	with:
	php-version: 8.2
	extensions: ctype, dom, iconv, json, zip, gd, soap
	coverage: none
	tools: composer:v2
	# https://github.com/shivammathur/setup-php#cache-composer-dependencies
	- name: Get composer cache directory
	id: composer-cache
	run: echo "::set-output name=dir::$(composer config cache-files-dir)"
	- name: Cache dependencies
	uses: actions/cache@v2
	with:
	path: ${{ steps.composer-cache.outputs.dir }}
	key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
	restore-keys: ${{ runner.os }}-composer-
	- name: Write 'settings.local.php'
	run: \|
	cat <<'EOF' > web/sites/default/settings.local.php
	<?php
	$databases['default']['default'] = [
	'database' => 'db',
	'username' => 'db',
	'password' => 'db',
	'host' => '127.0.0.1',
	'port' => '3306',
	'driver' => 'mysql',
	'prefix' => '',
	];
	EOF
	- name: Install Drupal with config
	run: \|
	composer install
	vendor/bin/drush --yes site:install os2loop --existing-config
	- name: Verify db schema
	run: \|
	vendor/bin/drush updatedb:status
	- name: Verify config sync
	run: \|
	vendor/bin/drush config:status
	- name: Load fixtures
	run: \|
	# Find and enable all fixtures modules
	vendor/bin/drush --yes pm:enable $(find web/profiles/custom/os2loop/modules/ -type f -name 'os2loop_*_fixtures.info.yml' -exec basename -s .info.yml {} \;)
	# Load the fixtures
	vendor/bin/drush --yes content-fixtures:load
	# Uninstall all fixtures modules
	vendor/bin/drush --yes pm:uninstall content_fixtures

	site-install-prod:
	name: (Prod) Verify Drupal install
	runs-on: ubuntu-latest
	services:
	mariadb:
	image: mariadb:10.11
	ports:
	- 3306:3306
	env:
	MYSQL_USER: db
	MYSQL_PASSWORD: db
	MYSQL_DATABASE: db
	MYSQL_ROOT_PASSWORD: db
	options:
	--health-cmd="mysqladmin ping"
	--health-interval=10s
	--health-timeout=5s
	--health-retries=3
	steps:
	- uses: actions/checkout@master
	- name: Setup PHP, with composer and extensions
	uses: shivammathur/setup-php@v2
	with:
	php-version: 8.2
	extensions: ctype, dom, iconv, json, zip, gd, soap
	coverage: none
	tools: composer:v2
	# https://github.com/shivammathur/setup-php#cache-composer-dependencies
	- name: Get composer cache directory
	id: composer-cache
	run: echo "::set-output name=dir::$(composer config cache-files-dir)"
	- name: Cache dependencies
	uses: actions/cache@v2
	with:
	path: ${{ steps.composer-cache.outputs.dir }}
	key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
	restore-keys: ${{ runner.os }}-composer-
	- name: Write 'settings.local.php'
	run: \|
	cat <<'EOF' > web/sites/default/settings.local.php
	<?php
	$databases['default']['default'] = [
	'database' => 'db',
	'username' => 'db',
	'password' => 'db',
	'host' => '127.0.0.1',
	'port' => '3306',
	'driver' => 'mysql',
	'prefix' => '',
	];
	EOF
	- name: Install Drupal with config
	run: \|
	composer install --no-dev --optimize-autoloader
	vendor/bin/drush --yes site:install os2loop --existing-config
	- name: Verify db schema
	run: \|
	vendor/bin/drush updatedb:status
	- name: Verify config sync
	run: \|
	vendor/bin/drush config:status

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security update #1002

Workflow file

Security update #1002

Jobs

Run details

Workflow file for this run