[permissions] move permissions to database, add GUI permissions editor #1516
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Tests | |
on: | |
push: | |
branches: | |
- main | |
- master | |
- branch-2.* | |
tags: | |
- 'v*' | |
pull_request: | |
schedule: | |
- cron: '0 2 * * 0' # Weekly on Sundays at 02:00 | |
jobs: | |
format: | |
name: Format | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set Up Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
vendor | |
key: php-cs-fixer-${{ hashFiles('composer.lock') }} | |
- name: Validate composer.json and composer.lock | |
run: composer validate | |
- name: Install PHP dependencies | |
run: composer install --prefer-dist --no-progress | |
- name: Format | |
run: composer format && git diff --exit-code | |
static: | |
name: Static Analysis | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 2 | |
- name: Set Up Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
vendor | |
key: phpstan-${{ hashFiles('composer.lock') }} | |
- name: Install PHP dependencies | |
run: composer install --prefer-dist --no-progress | |
- name: PHPStan | |
run: composer stan | |
upgrade: | |
name: Upgrade from 2.9 ${{ matrix.database }} | |
strategy: | |
matrix: | |
php: ['8.3'] | |
database: ['pgsql', 'mysql', 'sqlite'] | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout current | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Travel to past | |
# is there a way to programatically get "the most recent | |
# tagged minor version of the previous major version"? | |
run: git checkout branch-2.9 | |
- name: Set Up Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
vendor | |
key: vendor-${{ matrix.php }}-${{ hashFiles('composer.lock') }} | |
- name: Set up PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: ${{ matrix.php }} | |
- name: Set up database | |
run: ./tests/setup-db.sh "${{ matrix.database }}" | |
- name: Install PHP dependencies | |
run: composer install --no-progress | |
- name: Install old version | |
run: | | |
php index.php | |
cat data/config/shimmie.conf.php | |
- name: Check old version works | |
run: | | |
php index.php get-page / > old.out | |
grep -q 'Welcome to Shimmie 2.9' old.out || cat old.out | |
rm -f old.out | |
- name: Upgrade | |
run: | | |
git checkout ${{ github.sha }} | |
composer install --no-progress | |
php index.php db-upgrade | |
- name: Check new version works | |
run: | | |
php index.php page:get / > new.out | |
grep -q 'Welcome to Shimmie 2.10' new.out || cat new.out | |
rm -f new.out | |
test: | |
name: PHP ${{ matrix.php }} / DB ${{ matrix.database }} | |
strategy: | |
fail-fast: false | |
matrix: | |
php: ['8.2', '8.3'] | |
database: ['pgsql', 'mysql', 'sqlite'] | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 2 | |
- name: Set Up Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
vendor | |
key: vendor-${{ matrix.php }}-${{ hashFiles('composer.lock') }} | |
- name: Set up PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: ${{ matrix.php }} | |
coverage: pcov | |
extensions: mbstring | |
ini-file: development | |
- name: Set up database | |
run: ./tests/setup-db.sh "${{ matrix.database }}" | |
- name: Check versions | |
run: php -v && composer -V | |
- name: Validate composer.json and composer.lock | |
run: composer validate | |
- name: Install PHP dependencies | |
run: composer install --no-progress | |
- name: Run test suite | |
run: composer test | |
publish: | |
name: Publish | |
runs-on: ubuntu-24.04 | |
needs: | |
- format | |
- static | |
- upgrade | |
- test | |
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/branch-2') | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-tags: true | |
fetch-depth: 0 | |
- name: Set build vars | |
id: get-vars | |
run: | | |
echo "BUILD_TIME=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV | |
echo "BUILD_HASH=$GITHUB_SHA" >> $GITHUB_ENV | |
./.github/get-tags.py ${{ secrets.DOCKER_USERNAME }} ${{ secrets.DOCKER_IMAGE }} | tee -a $GITHUB_OUTPUT | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker registry | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Build and push to registry | |
uses: docker/build-push-action@v6 | |
with: | |
push: true | |
platforms: | | |
linux/amd64 | |
linux/arm64 | |
build-args: | | |
BUILD_TIME=${{ env.BUILD_TIME }} | |
BUILD_HASH=${{ env.BUILD_HASH }} | |
no-cache: ${{ github.event_name == 'schedule' }} | |
tags: "${{ steps.get-vars.outputs.tags }}" |