Skip to content

Fix error 403 on access directly password protected albums #872

Fix error 403 on access directly password protected albums

Fix error 403 on access directly password protected albums #872

Workflow file for this run

name: Integrate without legacy support
# Run this workflow every time a new commit pushed to your repository
on:
push:
paths-ignore:
- '**/*.md'
- 'public/dist/*.js'
- 'public/dist/**/*.js'
- 'public/Lychee-front'
pull_request:
paths-ignore:
- '**/*.md'
- 'public/dist/*.js'
- 'public/dist/**/*.js'
- 'public/Lychee-front'
# Allow manually triggering the workflow.
workflow_dispatch:
# Declare default permissions as read only.
permissions: read-all
jobs:
kill_previous:
name: 0️⃣ Kill previous runs
runs-on: ubuntu-latest
# We want to run on external PRs, but not on our own internal PRs as they'll be run by the push to the branch.
if: (github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository)
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # 0.12.1
with:
access_token: ${{ github.token }}
php_syntax_errors:
name: 1️⃣ PHP 8.2 - Syntax errors
runs-on: ubuntu-latest
needs:
- kill_previous
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Setup PHP Action
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1
with:
php-version: 8.2
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Removing legacy files
run: |
sh scripts/delete_legacy.sh
- name: Install dependencies
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # 3.0.0
- name: Check source code for syntax errors
run: vendor/bin/parallel-lint --exclude .git --exclude vendor .
code_style_errors:
name: 2️⃣ PHP 8.2 - Code Style errors
runs-on: ubuntu-latest
needs:
- php_syntax_errors
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Set up PHP
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1
with:
php-version: 8.2
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Removing legacy files
run: |
sh scripts/delete_legacy.sh
- name: Install dependencies
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # 3.0.0
- name: Check source code for code style errors
run: PHP_CS_FIXER_IGNORE_ENV=1 vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.php --verbose --diff --dry-run
check_js:
uses: ./.github/workflows/js_check.yml
needs:
- php_syntax_errors
name: 2️⃣ JS front-end
phpstan:
name: 2️⃣ PHP 8.2 - PHPStan
runs-on: ubuntu-latest
needs:
- php_syntax_errors
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Removing legacy files
run: |
sh scripts/delete_legacy.sh
- name: Setup PHP
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1
with:
php-version: 8.2
coverage: none
- name: Install Composer dependencies
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # 3.0.0
- name: Run PHPStan
run: vendor/bin/phpstan analyze
tests:
name: 2️⃣ PHP tests
needs:
- php_syntax_errors
uses: ./.github/workflows/php_no_legacy_tests.yml
with:
test-suite: 'Unit,Feature_v2'
env-file: '.env'
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
dist:
name: 3️⃣ PHP dist
needs:
- code_style_errors
uses: ./.github/workflows/php_no_legacy_dist.yml
createArtifact:
name: 4️⃣ Build Artifact
if: github.ref == 'refs/heads/master'
needs:
- phpstan
- dist
- tests
- check_js
runs-on: ubuntu-latest
env:
extensions: bcmath, curl, dom, gd, imagick, json, libxml, mbstring, pcntl, pdo, pdo_sqlite, pdo_mysql, pdo_pgsql, pgsql, sqlite3, zip
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Removing legacy files
run: |
sh scripts/delete_legacy.sh
- name: Setup PHP
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1
with:
php-version: 8.2
extensions: ${{ env.extensions }}
coverage: none
- name: Install Composer dependencies
uses: ramsey/composer-install@57532f8be5bda426838819c5ee9afb8af389d51a # 3.0.0
with:
composer-options: --no-dev
- name: Use Node.js 20
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: 20
- name: Install
run: npm ci
- name: Compile Front-end
run: npm run build
- name: Build Dist
run: |
make clean dist
- name: Upload a Build Artifact
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: Lychee-Dist.zip
path: Lychee.zip
if-no-files-found: error # 'warn' or 'ignore' are also available, defaults to `warn`