Skip to content

[FSSDK-10665] fix: Github Actions YAML files vulnerable to script injections corrected #130

[FSSDK-10665] fix: Github Actions YAML files vulnerable to script injections corrected

[FSSDK-10665] fix: Github Actions YAML files vulnerable to script injections corrected #130

Workflow file for this run

name: PHP
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
linting:
name: Linting
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.2'
- name: Install php code sniffer
run: composer require "squizlabs/php_codesniffer=*"
- name: Run linting
run: composer lint
source_clear:
name: Source Clear Scan
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Source clear scan
env:
SRCCLR_API_TOKEN: ${{ secrets.SRCCLR_API_TOKEN }}
run: curl -sSL https://download.sourceclear.com/ci.sh | bash -s – scan
unit_tests:
name: Unit Tests ${{ matrix.php-versions }}
needs: [ linting, source_clear ]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php-versions: [ '8.1', '8.2' ]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up PHP v${{ matrix.php-versions }}
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
- name: Cache Composer packages
id: composer-cache
uses: actions/cache@v3
with:
path: vendor
key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-php-
- name: Install dependencies
run: composer install
- name: Run tests
run: |
mkdir -p ./build/logs
./vendor/bin/phpunit --coverage-clover ./build/logs/clover.xml
- name: Verify clover.xml created
run: |
if [ ! -f ./build/logs/clover.xml ]; then
echo "clover.xml was not created"
exit 1
fi
- name: Upload coverage results to Coveralls
env:
COVERALLS_REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
composer global require php-coveralls/php-coveralls
php-coveralls --coverage_clover=./build/logs/clover.xml -v
integration_tests:
name: Integration Tests
needs: [ unit_tests ]
uses: optimizely/php-sdk/.github/workflows/integration_test.yml@master
secrets:
CI_USER_TOKEN: ${{ secrets.CI_USER_TOKEN }}
TRAVIS_COM_TOKEN: ${{ secrets.TRAVIS_COM_TOKEN }}