Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 19 additions & 12 deletions .github/workflows/php.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,13 +37,19 @@
uses: php-actions/composer@8a65f0d3c6a1d17ca4800491a40b5756a4c164f3 # v6
with:
php_version: ${{ matrix.php-version }}
- name: Test with API token auth
- name: Should run integration tests
id: should-run-integration-tests
if: ${{ matrix.php-version == '8.3' &&
github.repository_owner == 'onfido' &&
(github.event_name == 'pull_request' ||
github.event_name == 'release' ||
github.event_name == 'workflow_dispatch' ||
github.event_name == 'schedule') }}
github.repository_owner == 'onfido' }}
uses: onfido/onfido-actions/should-run-integration-tests@main

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow or composite action Medium

Unpinned 3rd party Action 'PHP CI' step
Uses Step: should-run-integration-tests
uses 'onfido/onfido-actions/should-run-integration-tests' with ref 'main', not a pinned commit hash
- name: Acquire integration test lock
if: steps.should-run-integration-tests.outputs.result == 'true'
uses: onfido/onfido-actions/lock/acquire@main

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow or composite action Medium

Unpinned 3rd party Action 'PHP CI' step
Uses Step
uses 'onfido/onfido-actions/lock/acquire' with ref 'main', not a pinned commit hash
with:
app-id: ${{ secrets.ONFIDO_CI_LOCK_APP_ID }}
app-private-key: ${{ secrets.ONFIDO_CI_LOCK_PRIVATE_KEY }}
- name: Test with API token auth
if: steps.should-run-integration-tests.outputs.result == 'true'
run: |
vendor/bin/phpunit
env:
Expand All @@ -54,12 +60,7 @@
ONFIDO_SAMPLE_MOTION_ID_1: ${{ secrets.ONFIDO_SAMPLE_MOTION_ID_1 }}
ONFIDO_SAMPLE_MOTION_ID_2: ${{ secrets.ONFIDO_SAMPLE_MOTION_ID_2 }}
- name: Test with OAuth client credentials auth
if: ${{ matrix.php-version == '8.3' &&
github.repository_owner == 'onfido' &&
(github.event_name == 'pull_request' ||
github.event_name == 'release' ||
github.event_name == 'workflow_dispatch' ||
github.event_name == 'schedule') }}
if: steps.should-run-integration-tests.outputs.result == 'true'
run: |
vendor/bin/phpunit
env:
Expand All @@ -70,6 +71,12 @@
ONFIDO_SAMPLE_VIDEO_ID_2: ${{ secrets.ONFIDO_SAMPLE_VIDEO_ID_2 }}
ONFIDO_SAMPLE_MOTION_ID_1: ${{ secrets.ONFIDO_SAMPLE_MOTION_ID_1 }}
ONFIDO_SAMPLE_MOTION_ID_2: ${{ secrets.ONFIDO_SAMPLE_MOTION_ID_2 }}
- name: Release integration test lock
if: always() && steps.should-run-integration-tests.outputs.result == 'true'
uses: onfido/onfido-actions/lock/release@main

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow or composite action Medium

Unpinned 3rd party Action 'PHP CI' step
Uses Step
uses 'onfido/onfido-actions/lock/release' with ref 'main', not a pinned commit hash
with:
app-id: ${{ secrets.ONFIDO_CI_LOCK_APP_ID }}
app-private-key: ${{ secrets.ONFIDO_CI_LOCK_PRIVATE_KEY }}

publish:
runs-on: ubuntu-latest
Expand Down
Loading