Timeline settings + fix discovery of sensitive photos #815
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Integrate without legacy support | |
# Run this workflow every time a new commit pushed to your repository | |
on: | |
push: | |
paths-ignore: | |
- '**/*.md' | |
- 'public/dist/*.js' | |
- 'public/dist/**/*.js' | |
- 'public/Lychee-front' | |
pull_request: | |
paths-ignore: | |
- '**/*.md' | |
- 'public/dist/*.js' | |
- 'public/dist/**/*.js' | |
- 'public/Lychee-front' | |
# Allow manually triggering the workflow. | |
workflow_dispatch: | |
# Declare default permissions as read only. | |
permissions: read-all | |
jobs: | |
kill_previous: | |
name: 0️⃣ Kill previous runs | |
runs-on: ubuntu-latest | |
# We want to run on external PRs, but not on our own internal PRs as they'll be run by the push to the branch. | |
if: (github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository) | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: Cancel Previous Runs | |
uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # 0.12.1 | |
with: | |
access_token: ${{ github.token }} | |
php_syntax_errors: | |
name: 1️⃣ PHP 8.2 - Syntax errors | |
runs-on: ubuntu-latest | |
needs: | |
- kill_previous | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: Setup PHP Action | |
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1 | |
with: | |
php-version: 8.2 | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Removing legacy files | |
run: | | |
sh scripts/delete_legacy.sh | |
- name: Install dependencies | |
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # 3.0.0 | |
- name: Check source code for syntax errors | |
run: vendor/bin/parallel-lint --exclude .git --exclude vendor . | |
code_style_errors: | |
name: 2️⃣ PHP 8.2 - Code Style errors | |
runs-on: ubuntu-latest | |
needs: | |
- php_syntax_errors | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: Set up PHP | |
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1 | |
with: | |
php-version: 8.2 | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Removing legacy files | |
run: | | |
sh scripts/delete_legacy.sh | |
- name: Install dependencies | |
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # 3.0.0 | |
- name: Check source code for code style errors | |
run: PHP_CS_FIXER_IGNORE_ENV=1 vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.php --verbose --diff --dry-run | |
check_js: | |
uses: ./.github/workflows/js_check.yml | |
needs: | |
- php_syntax_errors | |
name: 2️⃣ JS front-end | |
phpstan: | |
name: 2️⃣ PHP 8.2 - PHPStan | |
runs-on: ubuntu-latest | |
needs: | |
- php_syntax_errors | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Removing legacy files | |
run: | | |
sh scripts/delete_legacy.sh | |
- name: Setup PHP | |
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1 | |
with: | |
php-version: 8.2 | |
coverage: none | |
- name: Install Composer dependencies | |
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # 3.0.0 | |
- name: Run PHPStan | |
run: vendor/bin/phpstan analyze | |
tests: | |
name: 2️⃣ PHP tests | |
needs: | |
- php_syntax_errors | |
uses: ./.github/workflows/php_no_legacy_tests.yml | |
with: | |
test-suite: 'Unit,Feature_v2' | |
env-file: '.env' | |
secrets: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
dist: | |
name: 3️⃣ PHP dist | |
needs: | |
- code_style_errors | |
uses: ./.github/workflows/php_no_legacy_dist.yml | |
createArtifact: | |
name: 4️⃣ Build Artifact | |
if: github.ref == 'refs/heads/master' | |
needs: | |
- phpstan | |
- dist | |
- tests | |
- check_js | |
runs-on: ubuntu-latest | |
env: | |
extensions: bcmath, curl, dom, gd, imagick, json, libxml, mbstring, pcntl, pdo, pdo_sqlite, pdo_mysql, pdo_pgsql, pgsql, sqlite3, zip | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Removing legacy files | |
run: | | |
sh scripts/delete_legacy.sh | |
- name: Setup PHP | |
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1 | |
with: | |
php-version: 8.2 | |
extensions: ${{ env.extensions }} | |
coverage: none | |
- name: Install Composer dependencies | |
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # 3.0.0 | |
with: | |
composer-options: --no-dev | |
- name: Use Node.js 20 | |
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 | |
with: | |
node-version: 20 | |
- name: Install | |
run: npm ci | |
- name: Compile Front-end | |
run: npm run build | |
- name: Build Dist | |
run: | | |
make clean dist | |
- name: Upload a Build Artifact | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: Lychee-Dist.zip | |
path: Lychee.zip | |
if-no-files-found: error # 'warn' or 'ignore' are also available, defaults to `warn` |