name: Code Quality - Run automated code quality checks on: push: branches: [ main ] pull_request: branches: [ main ] jobs: phpcs: name: PHP CodeSniffer runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: clean: 'true' - name: Setup PHP uses: shivammathur/setup-php@6d7209f44a25a63e3555ad381fdff3bb1f8a69d2 # v2.29.0 with: php-version: '7.4' extensions: mbstring, intl, zip tools: composer:v2, phpcs - name: Install dependencies run: composer install --prefer-dist --no-progress - name: Run PHPCS run: composer run phpcs continue-on-error: true - name: Run PHPCBF (report only) run: | echo "Running PHPCBF in dry-run mode to show what would be fixed" composer run phpcbf -- --dry-run continue-on-error: true sonarcloud: name: SonarCloud Analysis runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - name: SonarCloud Scan uses: SonarSource/sonarqube-scan-action@5095598c2b051c3ee362e93f38a20a48b71b53a9 # v1.2.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} codacy: name: Codacy Analysis runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - name: Run Codacy Analysis CLI uses: codacy/codacy-analysis-cli-action@5cc54a75f9ad88fbd6efc6e2a3ee12626e5f0dbb # v4.3.0 with: project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} verbose: true output: results.sarif format: sarif # Adjust the below patterns based on your project structure gh-code-scanning-compat: true max-allowed-issues: 2147483647 continue-on-error: true - name: Upload SARIF results file uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.2.7 with: sarif_file: results.sarif continue-on-error: true