Skip to content

[permissions] move permissions to database, add GUI permissions editor #1516

[permissions] move permissions to database, add GUI permissions editor

[permissions] move permissions to database, add GUI permissions editor #1516

Workflow file for this run

name: Tests
on:
push:
branches:
- main
- master
- branch-2.*
tags:
- 'v*'
pull_request:
schedule:
- cron: '0 2 * * 0' # Weekly on Sundays at 02:00
jobs:
format:
name: Format
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set Up Cache
uses: actions/cache@v4
with:
path: |
vendor
key: php-cs-fixer-${{ hashFiles('composer.lock') }}
- name: Validate composer.json and composer.lock
run: composer validate
- name: Install PHP dependencies
run: composer install --prefer-dist --no-progress
- name: Format
run: composer format && git diff --exit-code
static:
name: Static Analysis
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 2
- name: Set Up Cache
uses: actions/cache@v4
with:
path: |
vendor
key: phpstan-${{ hashFiles('composer.lock') }}
- name: Install PHP dependencies
run: composer install --prefer-dist --no-progress
- name: PHPStan
run: composer stan
upgrade:
name: Upgrade from 2.9 ${{ matrix.database }}
strategy:
matrix:
php: ['8.3']
database: ['pgsql', 'mysql', 'sqlite']
runs-on: ubuntu-24.04
steps:
- name: Checkout current
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Travel to past
# is there a way to programatically get "the most recent
# tagged minor version of the previous major version"?
run: git checkout branch-2.9
- name: Set Up Cache
uses: actions/cache@v4
with:
path: |
vendor
key: vendor-${{ matrix.php }}-${{ hashFiles('composer.lock') }}
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
- name: Set up database
run: ./tests/setup-db.sh "${{ matrix.database }}"
- name: Install PHP dependencies
run: composer install --no-progress
- name: Install old version
run: |
php index.php
cat data/config/shimmie.conf.php
- name: Check old version works
run: |
php index.php get-page / > old.out
grep -q 'Welcome to Shimmie 2.9' old.out || cat old.out
rm -f old.out
- name: Upgrade
run: |
git checkout ${{ github.sha }}
composer install --no-progress
php index.php db-upgrade
- name: Check new version works
run: |
php index.php page:get / > new.out
grep -q 'Welcome to Shimmie 2.10' new.out || cat new.out
rm -f new.out
test:
name: PHP ${{ matrix.php }} / DB ${{ matrix.database }}
strategy:
fail-fast: false
matrix:
php: ['8.2', '8.3']
database: ['pgsql', 'mysql', 'sqlite']
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 2
- name: Set Up Cache
uses: actions/cache@v4
with:
path: |
vendor
key: vendor-${{ matrix.php }}-${{ hashFiles('composer.lock') }}
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
coverage: pcov
extensions: mbstring
ini-file: development
- name: Set up database
run: ./tests/setup-db.sh "${{ matrix.database }}"
- name: Check versions
run: php -v && composer -V
- name: Validate composer.json and composer.lock
run: composer validate
- name: Install PHP dependencies
run: composer install --no-progress
- name: Run test suite
run: composer test
publish:
name: Publish
runs-on: ubuntu-24.04
needs:
- format
- static
- upgrade
- test
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/branch-2')
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-tags: true
fetch-depth: 0
- name: Set build vars
id: get-vars
run: |
echo "BUILD_TIME=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
echo "BUILD_HASH=$GITHUB_SHA" >> $GITHUB_ENV
./.github/get-tags.py ${{ secrets.DOCKER_USERNAME }} ${{ secrets.DOCKER_IMAGE }} | tee -a $GITHUB_OUTPUT
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push to registry
uses: docker/build-push-action@v6
with:
push: true
platforms: |
linux/amd64
linux/arm64
build-args: |
BUILD_TIME=${{ env.BUILD_TIME }}
BUILD_HASH=${{ env.BUILD_HASH }}
no-cache: ${{ github.event_name == 'schedule' }}
tags: "${{ steps.get-vars.outputs.tags }}"