chore: Bump @snyk/protect from 1.1092.0 to 1.1203.0 #3305

Workflow file for this run

	name: Unit tests

	on:
	push:
	branches: [main]
	pull_request:
	types: [opened, synchronize, reopened]
	branches-ignore: ['l10n_main*']
	release:
	types: [created]

	workflow_run:
	workflows: ['Compress images']
	types: [completed]

	env:
	default-php-version: '8.1'
	node-version: 18

	concurrency:
	group: Unit tests ${{ github.ref }}
	cancel-in-progress: true

	jobs:
	#############
	# Run tests
	#############
	tests:
	runs-on: ubuntu-latest
	name: Testsuite ${{ matrix.testsuite }} with PHP ${{ matrix.php-version }} (${{ matrix.connection }})

	strategy:
	fail-fast: false
	matrix:
	php-version: ['8.1']
	connection: [mysql]
	testsuite: [Api, Feature, Commands-Other, Commands-Scheduling, Unit-Models, Unit-Services]
	# exclude:
	# - php-version: '8.1'
	# testsuite: Feature

	steps:
	- name: Checkout sources
	uses: actions/checkout@v3

	- name: Setup PHP ${{ matrix.php-version }}
	uses: shivammathur/setup-php@v2
	with:
	php-version: ${{ matrix.php-version }}
	extensions: redis, ${{ matrix.connection }}
	coverage: none
	- name: Check PHP Version
	run: php -v
	- name: Check Composer Version
	run: composer -V
	- name: Check PHP Extensions
	run: php -m

	# Composer
	- name: Validate composer.json and composer.lock
	run: composer validate

	- name: Get Composer Cache Directory
	id: composer-cache
	run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
	- name: Cache composer files
	uses: actions/cache@v3
	with:
	path: ${{ steps.composer-cache.outputs.dir }}
	key: ${{ runner.os }}-composer-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
	restore-keys: \|
	${{ runner.os }}-composer-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
	${{ runner.os }}-composer-${{ matrix.php-version }}
	${{ runner.os }}-composer-

	- name: Install composer dependencies
	run: composer install --no-progress --no-interaction --prefer-dist --optimize-autoloader $ext

	# Prepare
	- name: Prepare environment
	run: \|
	cp scripts/ci/.env.${{ matrix.connection }} .env
	echo 'v2.17.0' > config/.version
	touch config/.release config/.commit
	mkdir -p public/js public/css results/coverage
	{\
	echo "{"; \
	for f in app.js manifest.js vendor.js app-ltr.css app-rtl.css stripe.js stripe.css; do \
	[[ $first == 1 ]] && echo -n "," \|\| first=1; \
	k=${f##*.}/$f; \
	echo "\"/$k\": \"/$k\""; \
	echo '' > public/$k; \
	done; \
	echo "}"; \
	} \| tee public/mix-manifest.json

	- name: Generate key
	run: php artisan key:generate

	- name: Start mysql
	if: matrix.connection == 'mysql'
	run: sudo systemctl start mysql.service
	- name: Create database
	if: matrix.connection == 'mysql'
	run: mysql --protocol=tcp -u root -proot -e "CREATE DATABASE IF NOT EXISTS monica CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
	- name: Prepare database
	if: matrix.connection == 'mysql'
	run: mysql --protocol=tcp -u root -proot monica < scripts/database.test.sql
	- name: Run migrations
	run: php artisan migrate --no-interaction -vvv

	- name: Run seeds
	run: php artisan db:seed --no-interaction -vvv
	- name: Create passport keys
	run: php artisan passport:keys --no-interaction -vvv
	- name: Cache route
	run: php artisan route:cache

	# Test
	- name: Run Unit test suite
	if: matrix.php-version == env.default-php-version && matrix.testsuite != 'Feature'
	run: phpdbg -dmemory_limit=6G -qrr vendor/bin/phpunit -c phpunit.xml --testsuite ${{ matrix.testsuite }} --log-junit ./results/junit/results${{ matrix.testsuite }}.xml --coverage-clover ./results/coverage/coverage${{ matrix.testsuite }}.xml
	env:
	DB_CONNECTION: ${{ matrix.connection }}
	STRIPE_SECRET: ${{ secrets.STRIPE_SECRET }}
	- name: Run Unit test suite
	if: matrix.php-version != env.default-php-version \|\| matrix.testsuite == 'Feature'
	run: vendor/bin/phpunit -c phpunit.xml --testsuite ${{ matrix.testsuite }} --log-junit ./results/junit/results${{ matrix.testsuite }}.xml
	env:
	DB_CONNECTION: ${{ matrix.connection }}
	STRIPE_SECRET: ${{ secrets.STRIPE_SECRET }}

	- name: Fix results files
	run: sed -i -e "s%$GITHUB_WORKSPACE/%%g" */.xml
	working-directory: results

	- name: Store results
	if: always()
	uses: actions/upload-artifact@v3
	with:
	name: results
	path: results


	###################
	# Run tests browser
	###################
	tests_browser:
	runs-on: ubuntu-latest
	name: Tests browser with PHP ${{ matrix.php-version }} (${{ matrix.connection }})

	strategy:
	fail-fast: false
	matrix:
	php-version: ['8.1']
	connection: [mysql]

	steps:
	- name: Checkout sources
	uses: actions/checkout@v3

	- name: Setup PHP ${{ matrix.php-version }}
	uses: shivammathur/setup-php@v2
	with:
	php-version: ${{ matrix.php-version }}
	extensions: redis, ${{ matrix.connection }}
	coverage: xdebug
	- name: Check PHP Version
	run: php -v
	- name: Check Composer Version
	run: composer -V
	- name: Check PHP Extensions
	run: php -m

	# Composer
	- name: Validate composer.json and composer.lock
	run: composer validate

	- name: Get Composer Cache Directory
	id: composer-cache
	run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
	- name: Cache composer files
	uses: actions/cache@v3
	with:
	path: ${{ steps.composer-cache.outputs.dir }}
	key: ${{ runner.os }}-composer-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
	restore-keys: \|
	${{ runner.os }}-composer-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
	${{ runner.os }}-composer-${{ matrix.php-version }}
	${{ runner.os }}-composer-

	- name: Install composer dependencies
	run: composer install --no-progress --no-interaction --prefer-dist --optimize-autoloader $ext

	# Yarn
	- name: Setup Node.js
	uses: actions/setup-node@v3
	with:
	node-version: ${{ env.node-version }}
	- name: Get yarn cache directory path
	id: yarn-cache
	run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
	- name: Cache yarn files
	uses: actions/cache@v3
	with:
	path: ${{ steps.yarn-cache.outputs.dir }}
	key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
	restore-keys: \|
	${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
	${{ runner.os }}-yarn-

	- name: Install yarn dependencies
	run: yarn inst
	- name: Build assets
	run: yarn run production

	# Prepare
	- name: Prepare environment
	run: \|
	cp scripts/ci/.env.${{ matrix.connection }} .env
	echo 'v2.17.0' > config/.version
	touch config/.release config/.commit
	mkdir -p results/coverage results/cov results/console
	chmod -R 777 storage bootstrap/cache

	- name: Generate key
	run: php artisan key:generate

	- name: Start mysql
	if: matrix.connection == 'mysql'
	run: sudo systemctl start mysql.service
	- name: Create database
	if: matrix.connection == 'mysql'
	run: mysql --protocol=tcp -u root -proot -e "CREATE DATABASE IF NOT EXISTS monica CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
	- name: Prepare database
	if: matrix.connection == 'mysql'
	run: mysql --protocol=tcp -u root -proot monica < scripts/database.test.sql
	- name: Run migrations
	run: php artisan migrate --no-interaction -vvv

	- name: Run seeds
	run: php artisan db:seed --no-interaction -vvv
	- name: Create passport keys
	run: php artisan passport:keys --no-interaction -vvv
	- name: Cache route
	run: php artisan route:cache

	- name: Test coverage page
	run: REQUEST_URI=/ php scripts/tests/server-cc.php

	# Test
	- name: Upgrade Chrome Driver
	run: php artisan dusk:chrome-driver $(google-chrome -version \| awk '{ print $3 }' \| cut -d . -f 1)
	- name: Start Chrome Driver
	run: \|
	chmod -R 0755 vendor/laravel/dusk/bin/
	./vendor/laravel/dusk/bin/chromedriver-linux &

	- name: Run http server
	run: \|
	php -S localhost:8000 -t public scripts/tests/server-cc.php &
	php -S localhost:8001 -t public scripts/tests/server-cc.php &

	- name: Run browser tests
	run: php artisan dusk --log-junit results/junit/results0.xml
	env:
	APP_URL: http://localhost:8000

	- name: Fix coverage
	run: \|
	vendor/bin/phpcov merge --clover=results/coverage/coverageBrowser.xml results/cov/
	rm -rf results/cov

	- name: Fix results files
	run: sed -i -e "s%$GITHUB_WORKSPACE/%%g" */.xml
	working-directory: results

	- name: Store results
	if: always()
	uses: actions/upload-artifact@v3
	with:
	name: results
	path: results


	###########################
	# Reporting to sonarcloud
	###########################
	reporting:
	needs: [tests, tests_browser]
	runs-on: ubuntu-latest
	name: Sonarcloud
	if: ${{ ! startsWith(github.ref, 'dependabot/') }}

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

	- name: Download results
	uses: actions/download-artifact@v3
	with:
	path: results
	name: results

	- name: Merge junit files
	run: \|
	yarn global add junit-merge
	$(yarn global bin)/junit-merge --recursive --dir results/junit --out results/results.xml

	- name: Set version parameter
	id: version
	run: \|
	version=$(git tag --points-at HEAD)
	test -z "$version" && version="master"
	echo "value=$version" >> $GITHUB_OUTPUT

	- name: Set coverage list
	id: coverage
	run: \|
	SONAR_COVERAGE=$(ls -m --format=comma results/coverage/coverage*.xml \| sed -e ':a;N;$!ba;s/\n//g; s/ //g;')
	echo "list=$SONAR_COVERAGE" >> $GITHUB_OUTPUT

	- name: SonarCloud Scan
	if: env.SONAR_TOKEN != ''
	uses: SonarSource/[email protected]
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	with:
	args: \|
	-Dsonar.projectVersion=${{ steps.version.outputs.value }}
	-Dsonar.php.tests.reportPath=./results/results.xml
	-Dsonar.php.coverage.reportPaths=${{ steps.coverage.outputs.list }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: Bump @snyk/protect from 1.1092.0 to 1.1203.0 #3305

Workflow file

chore: Bump @snyk/protect from 1.1092.0 to 1.1203.0 #3305

Jobs

Run details

Workflow file for this run