From 5cd2a7d37448607fc4d2b787d1903801bc9a5455 Mon Sep 17 00:00:00 2001 From: marcusquinn <6428977+marcusquinn@users.noreply.github.com> Date: Mon, 21 Apr 2025 04:02:27 +0100 Subject: [PATCH] Enhance CI/CD workflow with code quality checks and PHPCBF integration --- .ai-assistant.md | 34 ++++++++++++- .github/workflows/code-quality.yml | 79 ++++++++++++++++++++++++++++++ .github/workflows/tests.yml | 11 ++++- build.sh | 23 +++++++-- composer.json | 10 ++-- package.json | 7 ++- 6 files changed, 152 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/code-quality.yml diff --git a/.ai-assistant.md b/.ai-assistant.md index c38dbcd..60838a8 100644 --- a/.ai-assistant.md +++ b/.ai-assistant.md @@ -41,7 +41,7 @@ This workspace may contain multiple repository folders. Always focus ONLY on the This project follows the [WordPress Coding Standards](https://developer.wordpress.org/coding-standards/wordpress-coding-standards/): -- Use tabs for indentation, not spaces +- Use 4 spaces for indentation, not tabs (this is a project-specific override of WordPress standards) - Follow WordPress naming conventions: - Class names: `Class_Name` - Function names: `function_name` @@ -51,6 +51,38 @@ This project follows the [WordPress Coding Standards](https://developer.wordpres - Validate and sanitize all inputs - Escape all outputs +### Code Quality Tools + +This project uses several automated code quality tools to ensure high standards: + +1. **PHP_CodeSniffer (PHPCS)**: Checks PHP code against the WordPress Coding Standards + ```bash + composer run phpcs + ``` + +2. **PHP Code Beautifier and Fixer (PHPCBF)**: Automatically fixes some coding standard violations + ```bash + composer run phpcbf + ``` + +3. **ESLint**: Checks JavaScript code against the WordPress Coding Standards + ```bash + npm run lint:js + ``` + +4. **Stylelint**: Checks CSS code against the WordPress Coding Standards + ```bash + npm run lint:css + ``` + +5. **Continuous Integration Tools**: The project integrates with several code quality tools: + - **CodeRabbit**: AI-powered code review tool + - **CodeFactor**: Continuous code quality monitoring + - **Codacy**: Code quality and static analysis + - **SonarCloud**: Code quality and security analysis + +Always run PHPCS and PHPCBF locally before committing code to ensure it meets the project's coding standards. + ## Common Tasks For detailed instructions on common tasks like creating releases, adding features, fixing bugs, and testing previous versions, see **@.ai-workflows/release-process.md**. diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml new file mode 100644 index 0000000..f421ad1 --- /dev/null +++ b/.github/workflows/code-quality.yml @@ -0,0 +1,79 @@ +name: Code Quality - Run automated code quality checks + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + phpcs: + name: PHP CodeSniffer + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + clean: 'true' + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '7.4' + extensions: mbstring, intl, zip + tools: composer:v2, phpcs + + - name: Install dependencies + run: composer install --prefer-dist --no-progress + + - name: Run PHPCS + run: composer run phpcs + continue-on-error: true + + - name: Run PHPCBF (report only) + run: | + echo "Running PHPCBF in dry-run mode to show what would be fixed" + composer run phpcbf -- --dry-run + continue-on-error: true + + sonarcloud: + name: SonarCloud Analysis + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + + codacy: + name: Codacy Analysis + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Run Codacy Analysis CLI + uses: codacy/codacy-analysis-cli-action@master + with: + project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} + verbose: true + output: results.sarif + format: sarif + # Adjust the below patterns based on your project structure + gh-code-scanning-compat: true + max-allowed-issues: 2147483647 + continue-on-error: true + + - name: Upload SARIF results file + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: results.sarif + continue-on-error: true diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 134829f..2cad503 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -63,5 +63,12 @@ jobs: - name: Install dependencies run: composer install --prefer-dist --no-progress - # - name: Run PHPCS - # run: ./vendor/bin/phpcs --standard=WordPress ./includes ./admin ./wp-plugin-starter-template.php + - name: Run PHPCS + run: composer run phpcs + continue-on-error: true + + - name: Run PHPCBF (report only) + run: | + echo "Running PHPCBF in dry-run mode to show what would be fixed" + composer run phpcbf -- --dry-run + continue-on-error: true diff --git a/build.sh b/build.sh index 33329a8..9bd6f6c 100755 --- a/build.sh +++ b/build.sh @@ -20,6 +20,19 @@ echo "Creating build directory..." rm -rf "$BUILD_DIR" mkdir -p "$BUILD_DIR" +# Run code quality checks +echo "Running code quality checks..." +if command -v composer &> /dev/null; then + echo "Running PHPCS..." + composer run phpcs || { echo "⚠️ PHPCS found issues. Consider running 'composer run phpcbf' to fix them."; } + + # Uncomment the following line to automatically fix coding standards issues + # echo "Running PHPCBF..." + # composer run phpcbf +else + echo "⚠️ Composer not found, skipping code quality checks" +fi + # Install composer dependencies echo "Installing composer dependencies..." composer install --no-dev --optimize-autoloader @@ -67,19 +80,19 @@ cd .. if [ -f "$ZIP_FILE" ]; then echo "✅ Build successful: $ZIP_FILE created" echo "File path: $(pwd)/$ZIP_FILE" - + # Deploy to local WordPress installation if environment variable is set if [ -n "$WP_LOCAL_PLUGIN_DIR" ]; then echo "\nDeploying to local WordPress installation..." echo "Deploying to local WordPress installation..." - + # Remove existing plugin directory rm -rf "$WP_LOCAL_PLUGIN_DIR/$PLUGIN_SLUG" - + # Copy files to local WordPress installation rsync -av --exclude=".git" --exclude=".github" --exclude=".DS_Store" \ "$BUILD_DIR/" "$WP_LOCAL_PLUGIN_DIR/$PLUGIN_SLUG" - + # Clear WordPress transients if WP-CLI is available if command -v wp &> /dev/null; then echo "Clearing WordPress transients..." @@ -87,7 +100,7 @@ if [ -f "$ZIP_FILE" ]; then else echo "⚠️ WP-CLI not found, skipping transient clearing" fi - + echo "✅ Local deployment successful!" echo "Plugin deployed to: $WP_LOCAL_PLUGIN_DIR/$PLUGIN_SLUG" fi diff --git a/composer.json b/composer.json index c57bf74..8abd88a 100644 --- a/composer.json +++ b/composer.json @@ -37,8 +37,12 @@ } }, "scripts": { - "phpcs": "phpcs --standard=WordPress", - "phpcbf": "phpcbf --standard=WordPress", - "test": "phpunit" + "phpcs": "phpcs --standard=phpcs.xml", + "phpcs:simple": "phpcs --standard=phpcs-simple.xml", + "phpcbf": "phpcbf --standard=phpcs.xml", + "phpcbf:simple": "phpcbf --standard=phpcs-simple.xml", + "test": "phpunit", + "lint": ["@phpcs"], + "fix": ["@phpcbf"] } } diff --git a/package.json b/package.json index e65392d..c02bd37 100644 --- a/package.json +++ b/package.json @@ -12,8 +12,13 @@ "test:e2e:headless": "cypress run --config-file tests/e2e/cypress.json", "build": "./build.sh", "lint:php": "composer run-script phpcs", + "lint:php:simple": "composer run-script phpcs:simple", "fix:php": "composer run-script phpcbf", - "test:php": "composer run-script test" + "fix:php:simple": "composer run-script phpcbf:simple", + "test:php": "composer run-script test", + "lint": "npm run lint:php", + "fix": "npm run fix:php", + "quality": "npm run lint && npm run test:php" }, "repository": { "type": "git",