aboutsummaryrefslogtreecommitdiffstats
path: root/.github/workflows
diff options
context:
space:
mode:
authorjld3103 <jld3103yt@gmail.com>2023-08-04 13:57:12 +0200
committerjld3103 <jld3103yt@gmail.com>2023-08-11 13:31:34 +0200
commit17c63ff7350271a116215a4678bbfd686e130c7d (patch)
treeb7cc355eba26716af5cad8e9c97d2d4ad89950ba /.github/workflows
parent756cb045a6d4f97496c115cb1ae3ca330d2dc06f (diff)
downloadnextcloud-server-17c63ff7350271a116215a4678bbfd686e130c7d.tar.gz
nextcloud-server-17c63ff7350271a116215a4678bbfd686e130c7d.zip
Install openapi-extractor
Signed-off-by: jld3103 <jld3103yt@gmail.com>
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/openapi.yml101
1 files changed, 101 insertions, 0 deletions
diff --git a/.github/workflows/openapi.yml b/.github/workflows/openapi.yml
new file mode 100644
index 00000000000..22a1a69a977
--- /dev/null
+++ b/.github/workflows/openapi.yml
@@ -0,0 +1,101 @@
+name: Psalm static code analysis
+
+on:
+ pull_request:
+ push:
+ branches:
+ - master
+ - stable*
+
+jobs:
+ static-code-analysis:
+ runs-on: ubuntu-latest
+
+ if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ submodules: true
+
+ - name: Set up php
+ uses: shivammathur/setup-php@v2
+ with:
+ php-version: '8.0'
+ extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+ coverage: none
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Composer install
+ run: composer i
+
+ - name: Psalm
+ run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
+
+ - name: Show potential changes in Psalm baseline
+ if: always()
+ run: git diff -- . ':!lib/composer'
+
+ - name: Upload Analysis results to GitHub
+ if: always()
+ uses: github/codeql-action/upload-sarif@v2
+ with:
+ sarif_file: results.sarif
+
+ static-code-analysis-security:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v3
+ with:
+ submodules: true
+
+ - name: Set up php
+ uses: shivammathur/setup-php@master
+ with:
+ php-version: '8.0'
+ extensions: ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+ coverage: none
+
+ - name: Composer install
+ run: composer i
+
+ - name: Psalm taint analysis
+ run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis
+
+ - name: Upload Security Analysis results to GitHub
+ if: always()
+ uses: github/codeql-action/upload-sarif@v2
+ with:
+ sarif_file: results.sarif
+
+ static-code-analysis-ocp:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ submodules: true
+
+ - name: Set up php
+ uses: shivammathur/setup-php@v2
+ with:
+ php-version: '8.0'
+ extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+ coverage: none
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Composer install
+ run: composer i
+
+ - name: Psalm
+ run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
+
+ - name: Show potential changes in Psalm baseline
+ if: always()
+ run: git diff -- . ':!lib/composer'