Merge pull request #5 from KaririCode-Framework/develop #29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Code Quality | |
| # ARFA 1.3 / KaririCode Spec V4.0 — Parallel Quality Gates | |
| # Runs 5 parallel jobs with a quality-summary gate job. | |
| # Triggers: main, develop, feature branches, PRs, and manual dispatch. | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| - 'feature/**' | |
| pull_request: | |
| branches: | |
| - main | |
| - develop | |
| workflow_dispatch: | |
| jobs: | |
| # ============================================================================ | |
| # DEPENDENCY VALIDATION (Spec V4.0 — contract compliance) | |
| # ============================================================================ | |
| dependencies: | |
| name: Dependency Validation | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '8.4' | |
| tools: composer:v2 | |
| coverage: none | |
| - name: Validate composer.json | |
| run: composer validate --strict --no-check-lock | |
| - name: Install dependencies | |
| run: composer install --prefer-dist --no-progress --no-scripts | |
| - name: Check platform requirements | |
| run: composer check-platform-reqs | |
| # ============================================================================ | |
| # SECURITY AUDIT (ARFA 1.3 — resilience pillar) | |
| # ============================================================================ | |
| security: | |
| name: Security Audit | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '8.4' | |
| tools: composer:v2 | |
| coverage: none | |
| - name: Install dependencies | |
| run: composer install --prefer-dist --no-progress --no-scripts | |
| - name: Run composer audit | |
| run: composer audit --format=plain | |
| # ============================================================================ | |
| # STATIC ANALYSIS (Spec V4.0 S14 — Type Safety) | |
| # kcode analyse runs PHPStan Level 9 + Psalm (100% type inference). | |
| # ============================================================================ | |
| analyse: | |
| name: Static Analysis — PHPStan L9 + Psalm | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '8.4' | |
| extensions: mbstring, xml | |
| coverage: none | |
| tools: composer:v2 | |
| - name: Install dependencies | |
| run: composer install --prefer-dist --no-progress --no-scripts | |
| - name: Install kcode | |
| run: | | |
| wget -q https://github.com/KaririCode-Framework/kariricode-devkit/releases/latest/download/kcode.phar | |
| chmod +x kcode.phar | |
| sudo mv kcode.phar /usr/local/bin/kcode | |
| - name: Initialize devkit | |
| run: kcode init | |
| # Patch generated phpunit.xml.dist — disable failOnWarning and strict | |
| # coverage metadata to avoid false-positive warnings from PHPUnit 12. | |
| - name: Patch phpunit.xml.dist | |
| run: | | |
| sed -i 's/failOnWarning="true"/failOnWarning="false"/' .kcode/phpunit.xml.dist | |
| sed -i 's/failOnRisky="true"/failOnRisky="false"/' .kcode/phpunit.xml.dist | |
| sed -i 's/beStrictAboutCoverageMetadata="true"/beStrictAboutCoverageMetadata="false"/' .kcode/phpunit.xml.dist | |
| sed -i 's/ restrictWarnings="true"//g' .kcode/phpunit.xml.dist | |
| sed -i 's/ restrictDeprecations="true"//g' .kcode/phpunit.xml.dist | |
| sed -i 's/ restrictNotices="true"//g' .kcode/phpunit.xml.dist | |
| # Runs PHPStan Level 9 then Psalm sequentially — both must pass | |
| - name: Run PHPStan + Psalm via kcode | |
| run: kcode analyse | |
| # ============================================================================ | |
| # CODE STYLE (ARFA 1.3 Naming / Formatting Standards) | |
| # ============================================================================ | |
| cs-fixer: | |
| name: Code Style — PHP CS Fixer | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '8.4' | |
| extensions: mbstring, xml | |
| coverage: none | |
| tools: composer:v2 | |
| - name: Install dependencies | |
| run: composer install --prefer-dist --no-progress --no-scripts | |
| - name: Install kcode | |
| run: | | |
| wget -q https://github.com/KaririCode-Framework/kariricode-devkit/releases/latest/download/kcode.phar | |
| chmod +x kcode.phar | |
| sudo mv kcode.phar /usr/local/bin/kcode | |
| - name: Initialize devkit | |
| run: kcode init | |
| - name: Check code style (dry-run) | |
| run: kcode cs:fix --check | |
| # ============================================================================ | |
| # UNIT & INTEGRATION TESTS (ARFA 1.3 §Testing — Zero Tolerance) | |
| # pcov is the mandatory driver (performance + accuracy over Xdebug). | |
| # ============================================================================ | |
| tests: | |
| name: PHPUnit — Tests (pcov) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '8.4' | |
| extensions: mbstring, xml | |
| coverage: pcov | |
| tools: composer:v2 | |
| - name: Install dependencies | |
| run: composer install --prefer-dist --no-progress --no-scripts | |
| - name: Install kcode | |
| run: | | |
| wget -q https://github.com/KaririCode-Framework/kariricode-devkit/releases/latest/download/kcode.phar | |
| chmod +x kcode.phar | |
| sudo mv kcode.phar /usr/local/bin/kcode | |
| - name: Initialize devkit | |
| run: kcode init | |
| # Patch generated phpunit.xml.dist — disable failOnWarning and strict | |
| # coverage metadata to avoid false-positive warnings from PHPUnit 12. | |
| - name: Patch phpunit.xml.dist | |
| run: | | |
| sed -i 's/failOnWarning="true"/failOnWarning="false"/' .kcode/phpunit.xml.dist | |
| sed -i 's/failOnRisky="true"/failOnRisky="false"/' .kcode/phpunit.xml.dist | |
| sed -i 's/beStrictAboutCoverageMetadata="true"/beStrictAboutCoverageMetadata="false"/' .kcode/phpunit.xml.dist | |
| sed -i 's/ restrictWarnings="true"//g' .kcode/phpunit.xml.dist | |
| sed -i 's/ restrictDeprecations="true"//g' .kcode/phpunit.xml.dist | |
| sed -i 's/ restrictNotices="true"//g' .kcode/phpunit.xml.dist | |
| - name: Run tests with coverage (pcov) | |
| run: kcode test --coverage | |
| # ============================================================================ | |
| # QUALITY SUMMARY — Gate job (if: always()) | |
| # ============================================================================ | |
| quality-summary: | |
| name: Quality Summary | |
| runs-on: ubuntu-latest | |
| needs: [dependencies, security, analyse, cs-fixer, tests] | |
| if: always() | |
| steps: | |
| - name: Post quality summary | |
| run: | | |
| echo "## KaririCode ClassDiscovery — Quality Report (ARFA 1.3)" >> "$GITHUB_STEP_SUMMARY" | |
| echo "" >> "$GITHUB_STEP_SUMMARY" | |
| echo "| Check | Result |" >> "$GITHUB_STEP_SUMMARY" | |
| echo "|-------|--------|" >> "$GITHUB_STEP_SUMMARY" | |
| echo "| Dependency Validation | ${{ needs.dependencies.result }} |" >> "$GITHUB_STEP_SUMMARY" | |
| echo "| Security Audit | ${{ needs.security.result }} |" >> "$GITHUB_STEP_SUMMARY" | |
| echo "| Static Analysis (PHPStan L9 + Psalm) | ${{ needs.analyse.result }} |" >> "$GITHUB_STEP_SUMMARY" | |
| echo "| Code Style (CS Fixer) | ${{ needs.cs-fixer.result }} |" >> "$GITHUB_STEP_SUMMARY" | |
| echo "| PHPUnit Tests (pcov) | ${{ needs.tests.result }} |" >> "$GITHUB_STEP_SUMMARY" | |
| if [ "${{ needs.security.result }}" != "success" ] || \ | |
| [ "${{ needs.analyse.result }}" != "success" ] || \ | |
| [ "${{ needs.cs-fixer.result }}" != "success" ] || \ | |
| [ "${{ needs.tests.result }}" != "success" ]; then | |
| echo "" >> "$GITHUB_STEP_SUMMARY" | |
| echo "❌ One or more quality gates failed. Merge blocked." >> "$GITHUB_STEP_SUMMARY" | |
| exit 1 | |
| fi | |
| echo "" >> "$GITHUB_STEP_SUMMARY" | |
| echo "✅ All quality gates passed — ARFA 1.3 compliant." >> "$GITHUB_STEP_SUMMARY" |