mirror of
https://github.com/danog/psalm.git
synced 2024-11-27 04:45:20 +01:00
bd50c4e7b0
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
88 lines
2.4 KiB
YAML
88 lines
2.4 KiB
YAML
name: Run unit tests on Windows
|
|
|
|
on: [push, pull_request]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
chunk-matrix:
|
|
permissions:
|
|
contents: none
|
|
name: Generate Chunk Matrix
|
|
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
CHUNK_COUNT: 8
|
|
|
|
outputs:
|
|
count: ${{ steps.chunk-matrix.outputs.count }}
|
|
chunks: ${{ steps.chunk-matrix.outputs.chunks }}
|
|
|
|
steps:
|
|
- id: chunk-matrix
|
|
name: Generates the Chunk Matrix
|
|
run: |
|
|
echo "::set-output name=count::$(php -r 'echo json_encode([ ${{ env.CHUNK_COUNT }} ]);')"
|
|
echo "::set-output name=chunks::$(php -r 'echo json_encode(range(1, ${{ env.CHUNK_COUNT }} ));')"
|
|
|
|
tests:
|
|
name: "Unit Tests - ${{ matrix.chunk }}"
|
|
|
|
runs-on: windows-latest
|
|
needs:
|
|
- chunk-matrix
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
count: ${{ fromJson(needs.chunk-matrix.outputs.count) }}
|
|
chunk: ${{ fromJson(needs.chunk-matrix.outputs.chunks) }}
|
|
|
|
env:
|
|
CHUNK_COUNT: "${{ matrix.count }}"
|
|
CHUNK_NUMBER: "${{ matrix.chunk }}"
|
|
PARALLEL_PROCESSES: 4
|
|
|
|
steps:
|
|
- name: Set git to use LF
|
|
run: |
|
|
git config --global core.autocrlf false
|
|
git config --global core.eol lf
|
|
|
|
- name: Set up PHP
|
|
uses: shivammathur/setup-php@v2
|
|
with:
|
|
php-version: '8.0'
|
|
tools: composer:v2
|
|
coverage: none
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Get Composer Cache Directories
|
|
id: composer-cache
|
|
run: |
|
|
echo "::set-output name=files_cache::$(composer config cache-files-dir)"
|
|
echo "::set-output name=vcs_cache::$(composer config cache-vcs-dir)"
|
|
|
|
- name: Cache composer cache
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: |
|
|
${{ steps.composer-cache.outputs.files_cache }}
|
|
${{ steps.composer-cache.outputs.vcs_cache }}
|
|
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-composer-
|
|
|
|
- name: Run composer install
|
|
run: composer install -o
|
|
env:
|
|
COMPOSER_ROOT_VERSION: dev-master
|
|
|
|
- name: Generate test suits
|
|
run: php bin/generate_testsuites.php $env:CHUNK_COUNT
|
|
|
|
- name: Run unit tests
|
|
run: vendor/bin/paratest --processes=$env:PARALLEL_PROCESSES --testsuite=chunk_$env:CHUNK_NUMBER --log-junit build/phpunit/phpunit.xml
|