Merge pull request #9 from dayspring-tech/feature/qodana

jwong-dayspring · web-flow · commit b58d27a5a9ad · 2023-08-14T15:00:31.000-07:00
add qodana code inspection
diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml
@@ -0,0 +1,59 @@
+name: Qodana
+on:
+  push:
+
+jobs:
+  qodana:
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        php:
+          - '8.1'
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Use PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+          extensions: sqlite3, zip
+          coverage: xdebug
+          tools: composer:v2
+
+      - name: Get Composer Cache Directory
+        id: composer-cache
+        run: |
+          echo "::set-output name=dir::$(composer config cache-dir)"
+        working-directory: ./
+
+      - name: cache dependencies
+        id: cache-dependencies
+        uses: actions/cache@v3
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-${{ matrix.php }}-${{ matrix.composer }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-${{ matrix.php }}-${{ matrix.composer }}-composer-
+
+      - name: Validate composer.json and composer.lock
+        run: composer validate
+        working-directory: ./
+
+      - name: Install dependencies
+        env:
+          COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
+          COMPOSER_FLAGS: ${{ matrix.composer }}
+        run: composer update ${COMPOSER_FLAGS} --prefer-source
+        working-directory: ./
+
+      - name: 'Qodana Scan'
+        uses: JetBrains/qodana-action@v2023.2
+        with:
+          args: --baseline,qodana.sarif.json
+        env:
+          QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
diff --git a/.github/workflows/symfony.yml b/.github/workflows/symfony.yml
@@ -15,6 +15,7 @@ jobs:
           - '7.4'
           - '8.0'
           - '8.1'
+          - '8.2'
         composer:
           - ''
           - '--prefer-lowest'
diff --git a/qodana.yaml b/qodana.yaml
@@ -0,0 +1,13 @@
+version: "1.0"
+linter: jetbrains/qodana-php:2023.1-eap
+profile:
+  name: qodana.recommended
+include:
+  - name: CheckDependencyLicenses
+  - name: VulnerableLibrariesGlobal
+exclude:
+  - name: All
+    paths:
+      - vendor
+php:
+  version: "8.1"
