# Nom du workflow name: Symfony CI - Install, Test, Build, Attest & Deploy # Déclencheurs du workflow on: push: branches: - master # Ou 'main' pull_request: types: [opened, synchronize, reopened] branches: - master # Ou 'main' # Permissions nécessaires pour les actions utilisées permissions: contents: read pull-requests: write id-token: write attestations: write security-events: write # Requis pour Snyk pour poster les résultats jobs: # ================================================================= # JOB 1: INSTALL - Installe les dépendances PHP et JS # ================================================================= install: name: 📦 Install Dependencies runs-on: self-hosted container: image: registre.esy-web.dev/actions:latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup PHP and Composer uses: shivammathur/setup-php@v2 with: php-version: '8.3' tools: symfony-cli - name: Install Composer dependencies run: composer install --no-suggest --no-interaction --prefer-dist - name: Install Bun dependencies run: | if [ -f "package.json" ]; then bun install else echo "Warning: No package.json found. Skipping Bun install." fi # ================================================================= # JOB 2: TEST - Lance les tests (unité, statique, sécurité) # ================================================================= test: name: 📦 Install Dependencies runs-on: self-hosted needs: install container: image: registre.esy-web.dev/actions:latest env: APP_ENV: test MESSENGER_TRANSPORT_DSN: redis://127.0.0.1:15433/messages DATABASE_URL: postgres://your_db_user:app_db_test@127.0.0.1:15432/symfony_user?serverVersion=16&charset=utf8 VAULT_SERVER: http://127.0.0.1:15434 VAULT_TOKEN: myroot steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup PHP and Composer uses: shivammathur/setup-php@v2 with: php-version: '8.3' tools: symfony-cli - name: Install Composer dependencies run: composer install --no-suggest --no-interaction --prefer-dist - name: Install Bun dependencies run: | if [ -f "package.json" ]; then bun install else echo "Warning: No package.json found. Skipping Bun install." fi - name: Prune previous Docker artifacts run: | docker rm -f vault-ci postgres-ci redis-ci || true docker network rm ci-network || true - name: Start services on Docker run: | docker network create ci-network docker run -d --rm --network ci-network -p 15434:8200 --name vault-ci -e "VAULT_DEV_ROOT_TOKEN_ID=myroot" --cap-add=IPC_LOCK hashicorp/vault:latest vault server -dev docker run -d --rm --network ci-network -p 15432:5432 --name postgres-ci -e "POSTGRES_DB=symfony_user" -e "POSTGRES_USER=your_db_user" -e "POSTGRES_PASSWORD=app_db_test" postgres:16 docker run -d --rm --network ci-network -p 15433:6379 --name redis-ci redis:latest echo "Waiting for services to be ready..." sleep 15 - name: Setup PHP for testing uses: shivammathur/setup-php@v2 with: php-version: '8.3' extensions: fileinfo, intl, dom, pdo, pgsql, redis, opcache, bcmath, zip tools: symfony-cli coverage: pcov - name: Create .env.test file run: | echo "APP_ENV=test" > .env.test echo "DATABASE_URL=${{ env.DATABASE_URL }}" >> .env.test # ... autres variables ...