diff options
author | John Molakvoæ <skjnldsv@protonmail.com> | 2022-12-29 10:16:07 +0100 |
---|---|---|
committer | John Molakvoæ <skjnldsv@protonmail.com> | 2022-12-29 10:46:48 +0100 |
commit | eab9ed6e093f919c41a051cf73cf4958a7f48e0b (patch) | |
tree | 95bb4176cc0338fd2603acba523ac506542edf08 /.github | |
parent | 0dc1aef29258197d3a5afd0eae73b094d15ff15f (diff) | |
download | nextcloud-server-eab9ed6e093f919c41a051cf73cf4958a7f48e0b.tar.gz nextcloud-server-eab9ed6e093f919c41a051cf73cf4958a7f48e0b.zip |
fix(actions): Update psalm github action
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
Diffstat (limited to '.github')
-rw-r--r-- | .github/workflows/psalm-github.yml | 63 | ||||
-rw-r--r-- | .github/workflows/psalm-security.yml | 28 | ||||
-rw-r--r-- | .github/workflows/static-code-analysis.yml | 4 |
3 files changed, 55 insertions, 40 deletions
diff --git a/.github/workflows/psalm-github.yml b/.github/workflows/psalm-github.yml index c682733e6c9..0a355d122b7 100644 --- a/.github/workflows/psalm-github.yml +++ b/.github/workflows/psalm-github.yml @@ -1,4 +1,4 @@ -name: Psalm show github +name: Psalm on: pull_request: @@ -8,21 +8,62 @@ on: - stable* jobs: - psalm: - name: Psalm + generate-report: runs-on: ubuntu-latest + steps: - - name: Checkout code + - name: Checkout uses: actions/checkout@v3 with: - submodules: recursive + submodules: true + + - name: Set up php + uses: shivammathur/setup-php@v2 + with: + php-version: '8.0' + extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip + coverage: none + + - name: Composer install + run: composer i + - name: Psalm - uses: docker://vimeo/psalm-github-actions:4.9.3 + # Make sure we pass and still upload the report continue-on-error: true + run: composer run psalm -- --monochrome --no-progress --output-format=github --report=psalm.sarif + + - name: Upload report to GitHub + if: always() + uses: github/codeql-action/upload-sarif@v2 with: - composer_ignore_platform_reqs: false - report_file: results.sarif - - name: Upload Analysis results to GitHub - uses: github/codeql-action/upload-sarif@v1 + sarif_file: psalm.sarif + + generate-security-report: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + submodules: true + + - name: Set up php + uses: shivammathur/setup-php@v2 + with: + php-version: '8.0' + extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip + coverage: none + + - name: Composer install + run: composer i + + - name: Psalm + # Make sure we pass and still upload the report + continue-on-error: true + run: composer run psalm -- --monochrome --no-progress --output-format=github --taint-analysis --report=psalm.sarif + + - name: Upload report to GitHub + if: always() + uses: github/codeql-action/upload-sarif@v2 with: - sarif_file: results.sarif + sarif_file: psalm.sarif diff --git a/.github/workflows/psalm-security.yml b/.github/workflows/psalm-security.yml deleted file mode 100644 index 40f67dab6ce..00000000000 --- a/.github/workflows/psalm-security.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: Psalm Security Analysis - -on: - pull_request: - push: - branches: - - master - - stable* - -jobs: - psalm: - name: Psalm - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v3 - with: - submodules: recursive - - name: Psalm - uses: docker://vimeo/psalm-github-actions:4.9.3 - with: - security_analysis: true - composer_ignore_platform_reqs: false - report_file: results.sarif - - name: Upload Security Analysis results to GitHub - uses: github/codeql-action/upload-sarif@v1 - with: - sarif_file: results.sarif diff --git a/.github/workflows/static-code-analysis.yml b/.github/workflows/static-code-analysis.yml index a2d6577af8e..8a83b7d02ba 100644 --- a/.github/workflows/static-code-analysis.yml +++ b/.github/workflows/static-code-analysis.yml @@ -1,4 +1,4 @@ -name: Static code analysis +name: Psalm static code analysis on: pull_request: @@ -6,6 +6,7 @@ on: jobs: static-code-analysis: runs-on: ubuntu-latest + steps: - name: Checkout uses: actions/checkout@v3 @@ -34,6 +35,7 @@ jobs: static-code-analysis-ocp: runs-on: ubuntu-latest + steps: - name: Checkout uses: actions/checkout@v3 |