name: Code Quality - Run automated code quality checks on: push: branches: [ main ] pull_request: branches: [ main ] jobs: phpcs: name: PHP CodeSniffer runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: clean: 'true' - name: Setup PHP uses: shivammathur/setup-php@v2 with: php-version: '7.4' extensions: mbstring, intl, zip tools: composer:v2, phpcs - name: Install dependencies run: composer install --prefer-dist --no-progress - name: Run PHPCS run: composer run phpcs continue-on-error: true - name: Run PHPCBF (report only) run: | echo "Running PHPCBF in dry-run mode to show what would be fixed" composer run phpcbf -- --dry-run continue-on-error: true sonarcloud: name: SonarCloud Analysis runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 - name: SonarCloud Scan uses: SonarSource/sonarqube-scan-action@v1.2.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: https://sonarcloud.io codacy: name: Codacy Analysis runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 - name: Run Codacy Analysis CLI uses: codacy/codacy-analysis-cli-action@v4.3.0 with: project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} verbose: true output: results.sarif format: sarif # Adjust the below patterns based on your project structure gh-code-scanning-compat: true max-allowed-issues: 2147483647 continue-on-error: true - name: Upload SARIF results file uses: github/codeql-action/upload-sarif@v2 with: sarif_file: results.sarif continue-on-error: true