From f600aaa38d56eb2ee8774626cf2d750804969df2 Mon Sep 17 00:00:00 2001 From: lotyp Date: Wed, 29 May 2024 16:55:29 +0300 Subject: [PATCH 01/10] ci: update composer --- app/composer.json | 20 +++++++++++++++++++- app/composer.lock | 7 +++++-- 2 files changed, 24 insertions(+), 3 deletions(-) diff --git a/app/composer.json b/app/composer.json index ea4c8fda..5253d92b 100644 --- a/app/composer.json +++ b/app/composer.json @@ -19,8 +19,20 @@ "laravel-ddd", "ddd" ], + "authors": [ + { + "name": "Andrij Orlenko", + "email": "the@wayof.dev", + "homepage": "https://wayof.dev" + } + ], + "support": { + "issues": "https://github.com/wayofdev/laravel-starter-tpl/issues", + "source": "https://github.com/wayofdev/laravel-starter-tpl", + "security": "https://github.com/wayofdev/laravel-starter-tpl/blob/master/.github/SECURITY.md" + }, "require": { - "php": "^8.2", + "php": "^8.3", "ext-pdo": "*", "deployer/deployer": "^7.4", "guzzlehttp/guzzle": "^7.8", @@ -78,7 +90,13 @@ "php-http/discovery": true, "phpstan/extension-installer": true }, + "audit": { + "abandoned": "report" + }, "optimize-autoloader": true, + "platform": { + "php": "8.3.7" + }, "preferred-install": "dist", "sort-packages": true }, diff --git a/app/composer.lock b/app/composer.lock index 2800645e..1772ad05 100644 --- a/app/composer.lock +++ b/app/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "a312a1dbed816c3ecf4aaa92365684c3", + "content-hash": "79c9f4471d4b7b40e8e72eb1981a0f4d", "packages": [ { "name": "brick/math", @@ -13530,9 +13530,12 @@ "prefer-stable": true, "prefer-lowest": false, "platform": { - "php": "^8.2", + "php": "^8.3", "ext-pdo": "*" }, "platform-dev": [], + "platform-overrides": { + "php": "8.3.7" + }, "plugin-api-version": "2.6.0" } From ba25a67fb65cccefccbd1b9805382e30ed42d3e6 Mon Sep 17 00:00:00 2001 From: lotyp Date: Wed, 29 May 2024 17:01:14 +0300 Subject: [PATCH 02/10] feat: add coding standards workflow --- .github/workflows/{ci.yml => ci.yml.dist} | 0 .github/workflows/coding-standards.yml | 207 ++++++++++++++++++++++ .github/workflows/deploy-release.yml | 2 +- .github/workflows/deploy-staging.yml | 2 +- Makefile | 4 + README.md | 4 +- 6 files changed, 215 insertions(+), 4 deletions(-) rename .github/workflows/{ci.yml => ci.yml.dist} (100%) create mode 100644 .github/workflows/coding-standards.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml.dist similarity index 100% rename from .github/workflows/ci.yml rename to .github/workflows/ci.yml.dist diff --git a/.github/workflows/coding-standards.yml b/.github/workflows/coding-standards.yml new file mode 100644 index 00000000..18a0a78d --- /dev/null +++ b/.github/workflows/coding-standards.yml @@ -0,0 +1,207 @@ +--- + +on: # yamllint disable-line rule:truthy + pull_request: + branches: + - master + - develop + +name: ๐Ÿงน Fix PHP coding standards + +env: + APP_RUNNER: 'cd app &&' + +jobs: + commit-linting: + timeout-minutes: 4 + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read + steps: + - name: ๐Ÿ“ฆ Check out the codebase + uses: actions/checkout@v4.1.6 + + - name: ๐Ÿง Lint commits using "commitlint" + uses: wagoid/commitlint-github-action@v6.0.1 + with: + configFile: ${{ github.workspace }}/.github/.commitlint.config.mjs + failOnWarnings: false + failOnErrors: false + helpURL: 'https://github.com/conventional-changelog/commitlint/#what-is-commitlint' + + yaml-linting: + timeout-minutes: 4 + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read + steps: + - name: ๐Ÿ“ฆ Check out the codebase + uses: actions/checkout@v4.1.6 + + - name: ๐Ÿง Lint YAML files + uses: ibiqlik/action-yamllint@v3.1.1 + with: + config_file: .github/.yamllint.yaml + file_or_dir: '.' + strict: true + + markdown-linting: + timeout-minutes: 4 + runs-on: ubuntu-latest + concurrency: + cancel-in-progress: true + group: markdown-linting-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + steps: + - name: ๐Ÿ“ฆ Check out the codebase + uses: actions/checkout@v4.1.6 + + - name: ๐Ÿง Lint Markdown files + uses: DavidAnson/markdownlint-cli2-action@v16.0.0 + with: + globs: | + **/*.md + !CHANGELOG.md + !app/vendor + !app/node_modules + + composer-linting: + timeout-minutes: 4 + runs-on: ${{ matrix.os }} + concurrency: + cancel-in-progress: true + group: composer-linting-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + strategy: + matrix: + os: + - ubuntu-latest + php-version: + - '8.3' + dependencies: + - locked + permissions: + contents: write + steps: + - name: ๐Ÿ› ๏ธ Setup PHP + uses: shivammathur/setup-php@2.30.4 + with: + php-version: ${{ matrix.php-version }} + extensions: none, ctype, dom, json, mbstring, simplexml, tokenizer, xml, xmlwriter, pdo, curl, fileinfo, pdo_mysql + ini-values: error_reporting=E_ALL + coverage: none + tools: phive + + - name: ๐Ÿ“ฆ Check out the codebase + uses: actions/checkout@v4.1.6 + + - name: ๐Ÿ› ๏ธ Setup problem matchers + run: | + echo "::add-matcher::${{ runner.tool_cache }}/php.json" + + - name: ๐Ÿค– Validate composer.json and composer.lock + run: make validate-composer + + - name: ๐Ÿ” Get composer cache directory + uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0 + with: + working-directory: app + + - name: โ™ป๏ธ Restore cached dependencies installed with composer + uses: actions/cache@v4.0.2 + with: + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }} + restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}- + + - name: ๐Ÿ“ฅ Install "${{ matrix.dependencies }}" dependencies with composer + uses: wayofdev/gh-actions/actions/composer/install@v3.1.0 + with: + working-directory: app + dependencies: ${{ matrix.dependencies }} + + - name: ๐Ÿ“ฅ Install dependencies with phive + working-directory: app + env: + PHIVE_HOME: .phive + run: phive install --trust-gpg-keys 0xC00543248C87FB13,0x033E5F8D801A2F8D,0x47436587D82C4A39 + shell: bash + + - name: ๐Ÿ” Run ergebnis/composer-normalize + working-directory: app + run: .phive/composer-normalize --ansi --dry-run + + coding-standards: + timeout-minutes: 4 + runs-on: ${{ matrix.os }} + concurrency: + cancel-in-progress: true + group: coding-standards-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + strategy: + matrix: + os: + - ubuntu-latest + php-version: + - '8.3' + dependencies: + - locked + permissions: + contents: write + steps: + - name: โš™๏ธ Set git to use LF line endings + run: | + git config --global core.autocrlf false + git config --global core.eol lf + + - name: ๐Ÿ› ๏ธ Setup PHP + uses: shivammathur/setup-php@2.30.4 + with: + php-version: ${{ matrix.php-version }} + extensions: none, ctype, dom, json, mbstring, simplexml, tokenizer, xml, xmlwriter, pdo, curl, fileinfo, pdo_mysql + ini-values: error_reporting=E_ALL + coverage: none + + - name: ๐Ÿ“ฆ Check out the codebase + uses: actions/checkout@v4.1.6 + + - name: ๐Ÿ› ๏ธ Setup problem matchers + run: | + echo "::add-matcher::${{ runner.tool_cache }}/php.json" + + - name: ๐Ÿค– Validate composer.json and composer.lock + run: make validate-composer + + - name: ๐Ÿ” Get composer cache directory + uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0 + with: + working-directory: app + + - name: โ™ป๏ธ Restore cached dependencies installed with composer + uses: actions/cache@v4.0.2 + with: + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }} + restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}- + + - name: ๐Ÿ“ฅ Install "${{ matrix.dependencies }}" dependencies with composer + uses: wayofdev/gh-actions/actions/composer/install@v3.1.0 + with: + working-directory: app + dependencies: ${{ matrix.dependencies }} + + - name: ๐Ÿ› ๏ธ Prepare environment + run: make prepare + + - name: ๐Ÿšจ Run coding standards task + run: make lint-php + env: + PHP_CS_FIXER_IGNORE_ENV: true + + - name: ๐Ÿ“ค Commit and push changed files back to GitHub + uses: stefanzweifel/git-auto-commit-action@v5.0.1 + with: + commit_message: 'style(php-cs-fixer): lint php files and fix coding standards' + branch: ${{ github.head_ref }} + commit_author: 'github-actions ' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/deploy-release.yml b/.github/workflows/deploy-release.yml index c48becd9..dc776975 100644 --- a/.github/workflows/deploy-release.yml +++ b/.github/workflows/deploy-release.yml @@ -51,7 +51,7 @@ jobs: with: private-key: ${{ secrets.DEPLOYER_PRIVATE_KEY }} dep: deploy prod - deployer-version: 7.3.1 + deployer-version: 7.4.0 sub-directory: app env: DEPLOYER_STAGING_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_STAGING_SLACK_WEBHOOK }} diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 9e3857ac..96538d21 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -51,7 +51,7 @@ jobs: with: private-key: ${{ secrets.DEPLOYER_PRIVATE_KEY }} dep: deploy staging - deployer-version: 7.3.1 + deployer-version: 7.4.0 sub-directory: app env: DEPLOYER_STAGING_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_STAGING_SLACK_WEBHOOK }} diff --git a/Makefile b/Makefile index cec08667..a7cc6ce1 100644 --- a/Makefile +++ b/Makefile @@ -294,6 +294,10 @@ lint-audit: ## Runs security checks for composer dependencies $(APP_COMPOSER) audit .PHONY: lint-security +validate-composer: ## Validates composer.json and composer.lock files + $(APP_COMPOSER) validate +.PHONY: validate-composer + # # Testing # ------------------------------------------------------------------------------------ diff --git a/README.md b/README.md index 4b2ad774..f5a79427 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@
- - +Logo for White Mode +Logo for Dark Mode

From b41ed3aed1daaae1c39e382d4417a359de01f4e4 Mon Sep 17 00:00:00 2001 From: Andrij Orlenko <94047334+lotyp@users.noreply.github.com> Date: Wed, 29 May 2024 10:07:58 +0300 Subject: [PATCH 03/10] chore(master): release 2.0.0 --- .github/.release-please-manifest.json | 2 +- CHANGELOG.md | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/.release-please-manifest.json b/.github/.release-please-manifest.json index 7588679c..3eb51cf6 100644 --- a/.github/.release-please-manifest.json +++ b/.github/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "1.7.0" + ".": "2.0.0" } diff --git a/CHANGELOG.md b/CHANGELOG.md index b6f6485d..f0a293d7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,18 @@ # Changelog +## [2.0.0](https://github.com/wayofdev/laravel-starter-tpl/compare/v1.7.0...v2.0.0) (2024-05-29) + + +### โš  BREAKING CHANGES + +* update laravel base to 11.x + +### Features + +* laravel-11.x updates ([72225c6](https://github.com/wayofdev/laravel-starter-tpl/commit/72225c6bd693e1e307eb278edcc30fe0a4ef21ca)) +* update laravel base to 11.x ([342a519](https://github.com/wayofdev/laravel-starter-tpl/commit/342a519ac4be3fda014255471fd82a860fbcbed5)) +* update laravel configs to 11.x ([7e9a599](https://github.com/wayofdev/laravel-starter-tpl/commit/7e9a599fa0553df0443f988babbfc2ceff3aa9f0)) + ## [1.7.0](https://github.com/wayofdev/laravel-starter-tpl/compare/v1.6.0...v1.7.0) (2024-05-27) From b4effbb88501b227000240e843b61454b3bd111e Mon Sep 17 00:00:00 2001 From: Andrij Orlenko <94047334+lotyp@users.noreply.github.com> Date: Wed, 29 May 2024 16:48:21 +0300 Subject: [PATCH 04/10] chore(master): release 2.1.0 --- .github/.release-please-manifest.json | 2 +- CHANGELOG.md | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/.github/.release-please-manifest.json b/.github/.release-please-manifest.json index 3eb51cf6..ba670875 100644 --- a/.github/.release-please-manifest.json +++ b/.github/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "2.0.0" + ".": "2.1.0" } diff --git a/CHANGELOG.md b/CHANGELOG.md index f0a293d7..4194f098 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,30 @@ # Changelog +## [2.1.0](https://github.com/wayofdev/laravel-starter-tpl/compare/v2.0.0...v2.1.0) (2024-05-29) + + +### Features + +* add support for infection and psalm ([15ca1e3](https://github.com/wayofdev/laravel-starter-tpl/commit/15ca1e3e2782570fb6839d916d3f3bc3161878ff)) + + +### Documentation + +* lint readme using markdownlint ([767de29](https://github.com/wayofdev/laravel-starter-tpl/commit/767de292c2c6c3fac1f013313d09489e352486fd)) +* lint readme using markdownlint ([7d69f84](https://github.com/wayofdev/laravel-starter-tpl/commit/7d69f841f5b05cd0d0b0699792c47c79fead9593)) + + +### Continuous Integration + +* add markdown lint config ([eba75f1](https://github.com/wayofdev/laravel-starter-tpl/commit/eba75f13b66e673289a45109de5c878238a81801)) +* add support for phive ([bb77426](https://github.com/wayofdev/laravel-starter-tpl/commit/bb774269068ed98d35c3a7dc1bd4f7797d21455e)) +* **composer-require-checker:** lint project files ([bb77426](https://github.com/wayofdev/laravel-starter-tpl/commit/bb774269068ed98d35c3a7dc1bd4f7797d21455e)) +* **docker-compose:** add healthcheck for pgsql database ([bb77426](https://github.com/wayofdev/laravel-starter-tpl/commit/bb774269068ed98d35c3a7dc1bd4f7797d21455e)) +* fix phpstan errors ([5ef9399](https://github.com/wayofdev/laravel-starter-tpl/commit/5ef9399c3b451a0b45e06177066755eaf06b2137)) +* update github files ([c043be8](https://github.com/wayofdev/laravel-starter-tpl/commit/c043be891946a76e1174a42e5543c691c2fbefca)) +* update Makefile with latest commands ([bb77426](https://github.com/wayofdev/laravel-starter-tpl/commit/bb774269068ed98d35c3a7dc1bd4f7797d21455e)) +* updating workflows ([13d84c8](https://github.com/wayofdev/laravel-starter-tpl/commit/13d84c8b0f216167b6e6e924445035250770726d)) + ## [2.0.0](https://github.com/wayofdev/laravel-starter-tpl/compare/v1.7.0...v2.0.0) (2024-05-29) From 2c77b3a34b2cdca853b179241303c8d88f92a66e Mon Sep 17 00:00:00 2001 From: lotyp Date: Wed, 29 May 2024 23:17:31 +0300 Subject: [PATCH 05/10] ci: update default version to php 8.3 --- .github/workflows/deploy-release.yml | 2 +- .github/workflows/deploy-staging.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy-release.yml b/.github/workflows/deploy-release.yml index dc776975..91da73dc 100644 --- a/.github/workflows/deploy-release.yml +++ b/.github/workflows/deploy-release.yml @@ -16,7 +16,7 @@ jobs: fail-fast: true matrix: os: ["ubuntu-22.04"] - php: ["8.2"] + php: ["8.3"] environment: name: production url: https://prod.laravel-starter-tpl.wayof.dev diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 96538d21..02f5a42b 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -16,7 +16,7 @@ jobs: fail-fast: true matrix: os: ["ubuntu-22.04"] - php: ["8.2"] + php: ["8.3"] environment: name: staging url: https://staging.laravel-starter-tpl.wayof.dev From 44014c7ba95bcc3640e1846b55bc1b88a3cc8dcd Mon Sep 17 00:00:00 2001 From: lotyp Date: Wed, 29 May 2024 23:58:38 +0300 Subject: [PATCH 06/10] feat: update deployment workflows --- .github/workflows/deploy-release.yml | 62 +++++++++++++++++----------- .github/workflows/deploy-staging.yml | 62 +++++++++++++++++----------- 2 files changed, 76 insertions(+), 48 deletions(-) diff --git a/.github/workflows/deploy-release.yml b/.github/workflows/deploy-release.yml index 91da73dc..034c11ce 100644 --- a/.github/workflows/deploy-release.yml +++ b/.github/workflows/deploy-release.yml @@ -11,40 +11,58 @@ concurrency: production jobs: deployment: + timeout-minutes: 8 runs-on: ${{ matrix.os }} strategy: - fail-fast: true matrix: - os: ["ubuntu-22.04"] - php: ["8.3"] + os: + - ubuntu-latest + php-version: + - '8.3' + dependencies: + - locked environment: name: production url: https://prod.laravel-starter-tpl.wayof.dev steps: + - name: ๐Ÿ› ๏ธ Setup PHP + uses: shivammathur/setup-php@2.30.4 + with: + php-version: ${{ matrix.php-version }} + extensions: curl, libxml, mbstring, zip, fileinfo, decimal, pdo, pdo_mysql + ini-values: error_reporting=E_ALL + coverage: none + - name: ๐Ÿ“ฆ Check out the codebase - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.6 with: fetch-depth: 0 - - name: ๐Ÿ› ๏ธ Setup PHP - uses: shivammathur/setup-php@v2 + - name: ๐Ÿ› ๏ธ Setup problem matchers + run: | + echo "::add-matcher::${{ runner.tool_cache }}/php.json" + + - name: ๐Ÿค– Validate composer.json and composer.lock + run: make validate-composer + + - name: ๐Ÿ” Get composer cache directory + uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0 with: - php-version: ${{ matrix.php }} - extensions: curl, libxml, mbstring, zip, fileinfo, decimal - ini-values: error_reporting=E_ALL - tools: composer:v2 + working-directory: app - - name: โ™ป๏ธ Restore cached backend dependencies - id: cached-composer-dependencies - uses: actions/cache@v4 + - name: โ™ป๏ธ Restore cached dependencies installed with composer + uses: actions/cache@v4.0.2 with: - path: vendor - key: vendor-${{ runner.os }}-${{ hashFiles('**/composer.lock') }}-${{ matrix.php }} + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }} + restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}- - - name: ๐Ÿ“ฅ Install backend dependencies - if: steps.cached-composer-dependencies.outputs.cache-hit != 'true' - run: cd app && composer install + - name: ๐Ÿ“ฅ Install "${{ matrix.dependencies }}" dependencies with composer + uses: wayofdev/gh-actions/actions/composer/install@v3.1.0 + with: + working-directory: app + dependencies: ${{ matrix.dependencies }} - name: ๐Ÿ“ค Deploy production environment uses: deployphp/action@v1 @@ -54,14 +72,10 @@ jobs: deployer-version: 7.4.0 sub-directory: app env: - DEPLOYER_STAGING_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_STAGING_SLACK_WEBHOOK }} - DEPLOYER_STAGING_REMOTE_USER: ${{ secrets.DEPLOYER_STAGING_REMOTE_USER }} - DEPLOYER_STAGING_HOST: "staging.laravel-starter-tpl.wayof.dev" - DEPLOYER_STAGING_BRANCH: "develop" DEPLOYER_PROD_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_PROD_SLACK_WEBHOOK }} DEPLOYER_PROD_REMOTE_USER: ${{ secrets.DEPLOYER_PROD_REMOTE_USER }} - DEPLOYER_PROD_HOST: "prod.laravel-starter-tpl.wayof.dev" - DEPLOYER_PROD_BRANCH: "master" + DEPLOYER_PROD_HOST: prod.laravel-starter-tpl.wayof.dev + DEPLOYER_PROD_BRANCH: master - name: ๐Ÿ“ฆ Create sentry release uses: getsentry/action-release@v1 diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 02f5a42b..82a07c39 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -11,40 +11,58 @@ concurrency: staging jobs: deployment: + timeout-minutes: 8 runs-on: ${{ matrix.os }} strategy: - fail-fast: true matrix: - os: ["ubuntu-22.04"] - php: ["8.3"] + os: + - ubuntu-latest + php-version: + - '8.3' + dependencies: + - locked environment: name: staging url: https://staging.laravel-starter-tpl.wayof.dev steps: + - name: ๐Ÿ› ๏ธ Setup PHP + uses: shivammathur/setup-php@2.30.4 + with: + php-version: ${{ matrix.php-version }} + extensions: curl, libxml, mbstring, zip, fileinfo, decimal, pdo, pdo_mysql + ini-values: error_reporting=E_ALL + coverage: none + - name: ๐Ÿ“ฆ Check out the codebase - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.6 with: fetch-depth: 0 - - name: ๐Ÿ› ๏ธ Setup PHP - uses: shivammathur/setup-php@v2 + - name: ๐Ÿ› ๏ธ Setup problem matchers + run: | + echo "::add-matcher::${{ runner.tool_cache }}/php.json" + + - name: ๐Ÿค– Validate composer.json and composer.lock + run: make validate-composer + + - name: ๐Ÿ” Get composer cache directory + uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0 with: - php-version: ${{ matrix.php }} - extensions: curl, libxml, mbstring, zip, fileinfo, decimal - ini-values: error_reporting=E_ALL - tools: composer:v2 + working-directory: app - - name: โ™ป๏ธ Restore cached backend dependencies - id: cached-composer-dependencies - uses: actions/cache@v4 + - name: โ™ป๏ธ Restore cached dependencies installed with composer + uses: actions/cache@v4.0.2 with: - path: vendor - key: vendor-${{ runner.os }}-${{ hashFiles('**/composer.lock') }}-${{ matrix.php }} + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }} + restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}- - - name: ๐Ÿ“ฅ Install backend dependencies - if: steps.cached-composer-dependencies.outputs.cache-hit != 'true' - run: cd app && composer install + - name: ๐Ÿ“ฅ Install "${{ matrix.dependencies }}" dependencies with composer + uses: wayofdev/gh-actions/actions/composer/install@v3.1.0 + with: + working-directory: app + dependencies: ${{ matrix.dependencies }} - name: ๐Ÿ“ค Deploy staging environment uses: deployphp/action@v1 @@ -56,11 +74,7 @@ jobs: env: DEPLOYER_STAGING_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_STAGING_SLACK_WEBHOOK }} DEPLOYER_STAGING_REMOTE_USER: ${{ secrets.DEPLOYER_STAGING_REMOTE_USER }} - DEPLOYER_STAGING_HOST: "staging.laravel-starter-tpl.wayof.dev" - DEPLOYER_STAGING_BRANCH: "develop" - DEPLOYER_PROD_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_PROD_SLACK_WEBHOOK }} - DEPLOYER_PROD_REMOTE_USER: ${{ secrets.DEPLOYER_PROD_REMOTE_USER }} - DEPLOYER_PROD_HOST: "prod.laravel-starter-tpl.wayof.dev" - DEPLOYER_PROD_BRANCH: "master" + DEPLOYER_STAGING_HOST: staging.laravel-starter-tpl.wayof.dev + DEPLOYER_STAGING_BRANCH: develop ... From c67f6d074ae15d95faed453e4de15122b0dee3e6 Mon Sep 17 00:00:00 2001 From: lotyp Date: Wed, 29 May 2024 23:58:38 +0300 Subject: [PATCH 07/10] feat: update deployment workflows --- .github/workflows/deploy-release.yml | 65 ++++++++++++++++++---------- .github/workflows/deploy-staging.yml | 65 ++++++++++++++++++---------- 2 files changed, 82 insertions(+), 48 deletions(-) diff --git a/.github/workflows/deploy-release.yml b/.github/workflows/deploy-release.yml index 91da73dc..31446813 100644 --- a/.github/workflows/deploy-release.yml +++ b/.github/workflows/deploy-release.yml @@ -7,44 +7,65 @@ on: # yamllint disable-line rule:truthy name: ๐Ÿš€ Deploy to production +env: + APP_RUNNER: 'cd app &&' + concurrency: production jobs: deployment: + timeout-minutes: 8 runs-on: ${{ matrix.os }} strategy: - fail-fast: true matrix: - os: ["ubuntu-22.04"] - php: ["8.3"] + os: + - ubuntu-latest + php-version: + - '8.3' + dependencies: + - locked environment: name: production url: https://prod.laravel-starter-tpl.wayof.dev steps: + - name: ๐Ÿ› ๏ธ Setup PHP + uses: shivammathur/setup-php@2.30.4 + with: + php-version: ${{ matrix.php-version }} + extensions: curl, libxml, mbstring, zip, fileinfo, decimal, pdo, pdo_mysql + ini-values: error_reporting=E_ALL + coverage: none + - name: ๐Ÿ“ฆ Check out the codebase - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.6 with: fetch-depth: 0 - - name: ๐Ÿ› ๏ธ Setup PHP - uses: shivammathur/setup-php@v2 + - name: ๐Ÿ› ๏ธ Setup problem matchers + run: | + echo "::add-matcher::${{ runner.tool_cache }}/php.json" + + - name: ๐Ÿค– Validate composer.json and composer.lock + run: make validate-composer + + - name: ๐Ÿ” Get composer cache directory + uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0 with: - php-version: ${{ matrix.php }} - extensions: curl, libxml, mbstring, zip, fileinfo, decimal - ini-values: error_reporting=E_ALL - tools: composer:v2 + working-directory: app - - name: โ™ป๏ธ Restore cached backend dependencies - id: cached-composer-dependencies - uses: actions/cache@v4 + - name: โ™ป๏ธ Restore cached dependencies installed with composer + uses: actions/cache@v4.0.2 with: - path: vendor - key: vendor-${{ runner.os }}-${{ hashFiles('**/composer.lock') }}-${{ matrix.php }} + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }} + restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}- - - name: ๐Ÿ“ฅ Install backend dependencies - if: steps.cached-composer-dependencies.outputs.cache-hit != 'true' - run: cd app && composer install + - name: ๐Ÿ“ฅ Install "${{ matrix.dependencies }}" dependencies with composer + uses: wayofdev/gh-actions/actions/composer/install@v3.1.0 + with: + working-directory: app + dependencies: ${{ matrix.dependencies }} - name: ๐Ÿ“ค Deploy production environment uses: deployphp/action@v1 @@ -54,14 +75,10 @@ jobs: deployer-version: 7.4.0 sub-directory: app env: - DEPLOYER_STAGING_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_STAGING_SLACK_WEBHOOK }} - DEPLOYER_STAGING_REMOTE_USER: ${{ secrets.DEPLOYER_STAGING_REMOTE_USER }} - DEPLOYER_STAGING_HOST: "staging.laravel-starter-tpl.wayof.dev" - DEPLOYER_STAGING_BRANCH: "develop" DEPLOYER_PROD_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_PROD_SLACK_WEBHOOK }} DEPLOYER_PROD_REMOTE_USER: ${{ secrets.DEPLOYER_PROD_REMOTE_USER }} - DEPLOYER_PROD_HOST: "prod.laravel-starter-tpl.wayof.dev" - DEPLOYER_PROD_BRANCH: "master" + DEPLOYER_PROD_HOST: prod.laravel-starter-tpl.wayof.dev + DEPLOYER_PROD_BRANCH: master - name: ๐Ÿ“ฆ Create sentry release uses: getsentry/action-release@v1 diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 02f5a42b..159c25e6 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -7,44 +7,65 @@ on: # yamllint disable-line rule:truthy name: ๐Ÿš€ Deploy to staging +env: + APP_RUNNER: 'cd app &&' + concurrency: staging jobs: deployment: + timeout-minutes: 8 runs-on: ${{ matrix.os }} strategy: - fail-fast: true matrix: - os: ["ubuntu-22.04"] - php: ["8.3"] + os: + - ubuntu-latest + php-version: + - '8.3' + dependencies: + - locked environment: name: staging url: https://staging.laravel-starter-tpl.wayof.dev steps: + - name: ๐Ÿ› ๏ธ Setup PHP + uses: shivammathur/setup-php@2.30.4 + with: + php-version: ${{ matrix.php-version }} + extensions: curl, libxml, mbstring, zip, fileinfo, decimal, pdo, pdo_mysql + ini-values: error_reporting=E_ALL + coverage: none + - name: ๐Ÿ“ฆ Check out the codebase - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.6 with: fetch-depth: 0 - - name: ๐Ÿ› ๏ธ Setup PHP - uses: shivammathur/setup-php@v2 + - name: ๐Ÿ› ๏ธ Setup problem matchers + run: | + echo "::add-matcher::${{ runner.tool_cache }}/php.json" + + - name: ๐Ÿค– Validate composer.json and composer.lock + run: make validate-composer + + - name: ๐Ÿ” Get composer cache directory + uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0 with: - php-version: ${{ matrix.php }} - extensions: curl, libxml, mbstring, zip, fileinfo, decimal - ini-values: error_reporting=E_ALL - tools: composer:v2 + working-directory: app - - name: โ™ป๏ธ Restore cached backend dependencies - id: cached-composer-dependencies - uses: actions/cache@v4 + - name: โ™ป๏ธ Restore cached dependencies installed with composer + uses: actions/cache@v4.0.2 with: - path: vendor - key: vendor-${{ runner.os }}-${{ hashFiles('**/composer.lock') }}-${{ matrix.php }} + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }} + restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}- - - name: ๐Ÿ“ฅ Install backend dependencies - if: steps.cached-composer-dependencies.outputs.cache-hit != 'true' - run: cd app && composer install + - name: ๐Ÿ“ฅ Install "${{ matrix.dependencies }}" dependencies with composer + uses: wayofdev/gh-actions/actions/composer/install@v3.1.0 + with: + working-directory: app + dependencies: ${{ matrix.dependencies }} - name: ๐Ÿ“ค Deploy staging environment uses: deployphp/action@v1 @@ -56,11 +77,7 @@ jobs: env: DEPLOYER_STAGING_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_STAGING_SLACK_WEBHOOK }} DEPLOYER_STAGING_REMOTE_USER: ${{ secrets.DEPLOYER_STAGING_REMOTE_USER }} - DEPLOYER_STAGING_HOST: "staging.laravel-starter-tpl.wayof.dev" - DEPLOYER_STAGING_BRANCH: "develop" - DEPLOYER_PROD_SLACK_WEBHOOK: ${{ secrets.DEPLOYER_PROD_SLACK_WEBHOOK }} - DEPLOYER_PROD_REMOTE_USER: ${{ secrets.DEPLOYER_PROD_REMOTE_USER }} - DEPLOYER_PROD_HOST: "prod.laravel-starter-tpl.wayof.dev" - DEPLOYER_PROD_BRANCH: "master" + DEPLOYER_STAGING_HOST: staging.laravel-starter-tpl.wayof.dev + DEPLOYER_STAGING_BRANCH: develop ... From 6db46107df4c1e9f57ea3018c4e6073e135f56ca Mon Sep 17 00:00:00 2001 From: lotyp Date: Thu, 30 May 2024 00:08:02 +0300 Subject: [PATCH 08/10] feat: add security workflow --- .github/workflows/security-analysis.yml | 67 +++++++++++++++++++++++++ Makefile | 2 +- 2 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/security-analysis.yml diff --git a/.github/workflows/security-analysis.yml b/.github/workflows/security-analysis.yml new file mode 100644 index 00000000..edd5cafc --- /dev/null +++ b/.github/workflows/security-analysis.yml @@ -0,0 +1,67 @@ +--- + +on: # yamllint disable-line rule:truthy + pull_request: + branches: + - master + - develop + +name: ๐Ÿ” Security analysis + +env: + APP_RUNNER: 'cd app &&' + +jobs: + security-analysis: + timeout-minutes: 4 + runs-on: ${{ matrix.os }} + concurrency: + cancel-in-progress: true + group: security-analysis-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + strategy: + fail-fast: true + matrix: + os: + - ubuntu-latest + php-version: + - '8.3' + dependencies: + - locked + steps: + - name: ๐Ÿ“ฆ Check out the codebase + uses: actions/checkout@v4.1.6 + + - name: ๐Ÿ› ๏ธ Setup PHP + uses: shivammathur/setup-php@2.30.4 + with: + php-version: ${{ matrix.php-version }} + extensions: none, ctype, dom, json, mbstring, simplexml, tokenizer, xml, xmlwriter, pdo, curl, fileinfo + ini-values: error_reporting=E_ALL + coverage: none + + - name: ๐Ÿ› ๏ธ Setup problem matchers + run: echo "::add-matcher::${{ runner.tool_cache }}/php.json" + + - name: ๐Ÿค– Validate composer.json and composer.lock + run: make validate-composer + + - name: ๐Ÿ” Get composer cache directory + uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0 + with: + working-directory: app + + - name: โ™ป๏ธ Restore cached dependencies installed with composer + uses: actions/cache@v4.0.2 + with: + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }} + restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}- + + - name: ๐Ÿ“ฅ Install "${{ matrix.dependencies }}" dependencies with composer + uses: wayofdev/gh-actions/actions/composer/install@v3.1.0 + with: + working-directory: app + dependencies: ${{ matrix.dependencies }} + + - name: ๐Ÿ› Check installed packages for security vulnerability advisories + run: make lint-audit diff --git a/Makefile b/Makefile index a7cc6ce1..daa939dc 100644 --- a/Makefile +++ b/Makefile @@ -291,7 +291,7 @@ lint-composer: ## Normalize composer.json and composer.lock files .PHONY: lint-composer lint-audit: ## Runs security checks for composer dependencies - $(APP_COMPOSER) audit + $(APP_COMPOSER) audit --ansi .PHONY: lint-security validate-composer: ## Validates composer.json and composer.lock files From 236ca957ba820aace9104c6be8afd173e59f7cc9 Mon Sep 17 00:00:00 2001 From: lotyp Date: Thu, 30 May 2024 00:21:57 +0300 Subject: [PATCH 09/10] feat: add stan workflow --- .github/workflows/coding-standards.yml | 1 + .github/workflows/deploy-release.yml | 1 + .github/workflows/deploy-staging.yml | 1 + .github/workflows/security-analysis.yml | 1 + .github/workflows/static-analysis.yml | 79 +++++++++++++++++++++++++ 5 files changed, 83 insertions(+) create mode 100644 .github/workflows/static-analysis.yml diff --git a/.github/workflows/coding-standards.yml b/.github/workflows/coding-standards.yml index 18a0a78d..fb27668d 100644 --- a/.github/workflows/coding-standards.yml +++ b/.github/workflows/coding-standards.yml @@ -9,6 +9,7 @@ on: # yamllint disable-line rule:truthy name: ๐Ÿงน Fix PHP coding standards env: + # Disable docker support in Makefile APP_RUNNER: 'cd app &&' jobs: diff --git a/.github/workflows/deploy-release.yml b/.github/workflows/deploy-release.yml index 31446813..8fc4e399 100644 --- a/.github/workflows/deploy-release.yml +++ b/.github/workflows/deploy-release.yml @@ -8,6 +8,7 @@ on: # yamllint disable-line rule:truthy name: ๐Ÿš€ Deploy to production env: + # Disable docker support in Makefile APP_RUNNER: 'cd app &&' concurrency: production diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 159c25e6..872fa868 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -8,6 +8,7 @@ on: # yamllint disable-line rule:truthy name: ๐Ÿš€ Deploy to staging env: + # Disable docker support in Makefile APP_RUNNER: 'cd app &&' concurrency: staging diff --git a/.github/workflows/security-analysis.yml b/.github/workflows/security-analysis.yml index edd5cafc..2decacaa 100644 --- a/.github/workflows/security-analysis.yml +++ b/.github/workflows/security-analysis.yml @@ -9,6 +9,7 @@ on: # yamllint disable-line rule:truthy name: ๐Ÿ” Security analysis env: + # Disable docker support in Makefile APP_RUNNER: 'cd app &&' jobs: diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml new file mode 100644 index 00000000..9c595196 --- /dev/null +++ b/.github/workflows/static-analysis.yml @@ -0,0 +1,79 @@ +--- + +on: # yamllint disable-line rule:truthy + pull_request: + branches: + - master + - develop + paths: + - 'app/config/**' + - 'app/src/**' + - 'app/tests/**' + - 'app/.php-cs-fixer.dist.php' + - 'app/composer.json' + - 'app/composer.lock' + - 'app/phpstan.neon.dist' + - 'app/phpstan-baseline.neon' + - 'app/psalm.xml' + - 'app/psalm-baseline.xml' + +name: ๐Ÿ” Static analysis + +env: + # Disable docker support in Makefile + APP_RUNNER: 'cd app &&' + +jobs: + stan: + timeout-minutes: 4 + runs-on: ${{ matrix.os }} + concurrency: + cancel-in-progress: true + group: stan-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + strategy: + fail-fast: true + matrix: + os: + - ubuntu-latest + php-version: + - '8.3' + dependencies: + - locked + steps: + - name: ๐Ÿ“ฆ Check out the codebase + uses: actions/checkout@v4.1.6 + + - name: ๐Ÿ› ๏ธ Setup PHP + uses: shivammathur/setup-php@2.30.4 + with: + php-version: ${{ matrix.php-version }} + extensions: none, ctype, dom, json, mbstring, simplexml, tokenizer, xml, xmlwriter, pdo, curl, fileinfo, pdo_mysql + ini-values: error_reporting=E_ALL + coverage: none + + - name: ๐Ÿ› ๏ธ Setup problem matchers + run: echo "::add-matcher::${{ runner.tool_cache }}/php.json" + + - name: ๐Ÿค– Validate composer.json and composer.lock + run: make validate-composer + + - name: ๐Ÿ” Get composer cache directory + uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0 + with: + working-directory: app + + - name: โ™ป๏ธ Restore cached dependencies installed with composer + uses: actions/cache@v4.0.2 + with: + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }} + restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}- + + - name: ๐Ÿ“ฅ Install "${{ matrix.dependencies }}" dependencies with composer + uses: wayofdev/gh-actions/actions/composer/install@v3.1.0 + with: + working-directory: app + dependencies: ${{ matrix.dependencies }} + + - name: ๐Ÿ” Run static analysis using phpstan/phpstan + run: make lint-stan-ci From 3d07f67bcf17c7f8a7ca348511473f9b1483fc5b Mon Sep 17 00:00:00 2001 From: lotyp Date: Thu, 30 May 2024 00:31:54 +0300 Subject: [PATCH 10/10] fix: phpstan errors with query builder filters --- app/phpstan-baseline.neon | 11 ----------- app/src/Support/Filters/FuzzyFilter.php | 11 +++++++++++ 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/app/phpstan-baseline.neon b/app/phpstan-baseline.neon index e4d2a16d..aa31b948 100644 --- a/app/phpstan-baseline.neon +++ b/app/phpstan-baseline.neon @@ -4,17 +4,6 @@ parameters: message: "#^Method Domain\\\\Product\\\\Models\\\\Product\\:\\:category\\(\\) return type with generic class Illuminate\\\\Database\\\\Eloquent\\\\Relations\\\\BelongsTo does not specify its types\\: TRelatedModel, TChildModel$#" count: 1 path: src/Domain/Product/Models/Product.php - - - - message: "#^Class Support\\\\Filters\\\\FuzzyFilter implements generic interface Spatie\\\\QueryBuilder\\\\Filters\\\\Filter but does not specify its types\\: TModelClass$#" - count: 1 - path: src/Support/Filters/FuzzyFilter.php - - - - message: "#^Method Support\\\\Filters\\\\FuzzyFilter\\:\\:__invoke\\(\\) return type with generic class Illuminate\\\\Database\\\\Eloquent\\\\Builder does not specify its types\\: TModelClass$#" - count: 1 - path: src/Support/Filters/FuzzyFilter.php - - message: "#^Undefined variable\\: \\$this$#" count: 1 diff --git a/app/src/Support/Filters/FuzzyFilter.php b/app/src/Support/Filters/FuzzyFilter.php index f75d546b..1aa1dcfe 100644 --- a/app/src/Support/Filters/FuzzyFilter.php +++ b/app/src/Support/Filters/FuzzyFilter.php @@ -5,8 +5,14 @@ namespace Support\Filters; use Illuminate\Database\Eloquent\Builder; +use Illuminate\Database\Eloquent\Model; use Spatie\QueryBuilder\Filters\Filter; +/** + * @template TModelClass of Model + * + * @implements Filter + */ class FuzzyFilter implements Filter { /** @@ -19,6 +25,11 @@ public function __construct(string ...$fields) $this->fields = $fields; } + /** + * @param Builder $query + * + * @return Builder + */ public function __invoke(Builder $query, mixed $value, string $property): Builder { $query->where(function (Builder $query) use ($value): void {