IBX-11779: Updated Ibexa CS, PHPStan, and GHA#42
Conversation
This is not part of the product, so having assignees doesn't make sense here
This is not a product package, it won't have any private ibexa dependencies
They're unnecessary for bundle-generator GHA.
Co-Authored-By: OpenAI Codex <codex@openai.com>
Aligned Backend CI GHA workflow with the latest conventions and requirements
Aligned OSS Backend CI GHA workflow with the latest conventions and requirements
alongosz
force-pushed
the
ibx-11779-update-package-codebase
branch
from
d932d28 to
e39601c
Compare
|
alongosz
left a comment
alongosz
left a comment
There was a problem hiding this comment.
Note
Review notes as diff comments can be found below:
| jobs: | ||
| tests: | ||
| name: Tests | ||
| runs-on: "ubuntu-20.04" |
There was a problem hiding this comment.
Note
Made GHA workflow completely not runnable as Ubuntu 20 has been discontinued on GHA.
| extensions: pdo_sqlite, gd | ||
| tools: cs2pr | ||
|
|
||
| - name: Add composer keys for private packagist | ||
| run: | | ||
| composer config http-basic.updates.ibexa.co $SATIS_NETWORK_KEY $SATIS_NETWORK_TOKEN | ||
| composer config github-oauth.github.com $TRAVIS_GITHUB_TOKEN | ||
| env: | ||
| SATIS_NETWORK_KEY: ${{ secrets.SATIS_NETWORK_KEY }} | ||
| SATIS_NETWORK_TOKEN: ${{ secrets.SATIS_NETWORK_TOKEN }} | ||
| TRAVIS_GITHUB_TOKEN: ${{ secrets.TRAVIS_GITHUB_TOKEN }} |
There was a problem hiding this comment.
Note
Changes not needed for GHA run for the bundle generator itself, as it shouldn't install any Ibexa packages, except for Ibexa Code Style, which is served by Packagist.
There was a problem hiding this comment.
Note
Deleted obsolete PR assignment workflow as it rather doesn't apply to this package.
There was a problem hiding this comment.
Note
Obsolete, handled by org-wide PR template.
| on: | ||
| push: | ||
| branches: | ||
| - main |
There was a problem hiding this comment.
Note
Obsolete, we dropped main branches.
| image: ghcr.io/ibexa/core/mysql | ||
| image: ${{ matrix.image }} |
There was a problem hiding this comment.
Note
Looks like our own image has not been updated in the last 4 years and we rather tend to use generic one (TBH not sure why we had custom in the first place)
| - uses: ibexa/gh-workflows/actions/composer-install@main | ||
| with: | ||
| php-version: ${{ matrix.php }} | ||
| coverage: none | ||
| extensions: 'pdo_sqlite, gd' | ||
| tools: cs2pr | ||
|
|
||
| - uses: ramsey/composer-install@v3 | ||
| with: | ||
| dependency-versions: "highest" | ||
| gh-client-id: ${{ secrets.AUTOMATION_CLIENT_ID }} | ||
| gh-client-secret: ${{ secrets.AUTOMATION_CLIENT_SECRET }} |
There was a problem hiding this comment.
Note
OSS packages shouldn't need Satis tokens by default.
There was a problem hiding this comment.
Note
A bit of refactoring here of issues spotted by PHPStan.
alongosz
requested review from
barw4,
bnowak,
ciastektk,
konradoboza and
mikadamczyk
| $contents = file_get_contents($pathname); | ||
|
|
||
| if ($contents === false) { | ||
| throw new InvalidArgumentException("Unable to get contents of the file '$pathname'"); |
There was a problem hiding this comment.
Not for this particular PR, but general comment:
Did we consider to use package which will secure us against such non expected native functions results? I mean https://github.com/thecodingmachine/safe in particular.
There's also phpstan rule package to enforce using of these "safe" functions everywhere.
There was a problem hiding this comment.
I don't recall such discussion tbh. It's always a balance between added value and the risk of such 3rd party packages being left behind support-wise. 😉
There was a problem hiding this comment.
@konradoboza I think it's a quite stable package. The added value is that it reduces boilerplate code around handling types/additional conditions (to meet phpstan rules) and makes more strict usage of native php functions (reducing potential bugs in this area).
I've used that lib in my previous company and it worked fine. It's something we could consider to introduce in our stack, if everybody agrees it's useful 😉
There was a problem hiding this comment.
Sure, we can discuss within the Team but I would personally see it as an experiment if some newly added package in the future. 😉
5 participants
Description:
The main reason behind touching this package was to introduce Ibexa Code Style
~2.3.0to all skeletons. However looks like CI is completely broken. While at it, I've bumped PHPStan and fixed reported issues with Codex's help.Sadly there are no unit nor integration tests of any kind, so I've checked bundle generation command manually. Please note that this is a self-contained Symfony 5.4 console application (yeah we should bump Symfony too, but the scope here is too wide already).
Bundle generator is used by the template cleanup workflow when creating a new repository using one of our templates.
See review remarks posted ass diff comments for more detailed information on the changes.
Changelog of bundle generator GHA:
Changelog of bundle generator codebase:
Changelog of repository skeletons:
mainbranch from Backend CI GHA workflow (3d90690)pull_request_template.md(33f989e)