@@ -32,18 +32,30 @@ jobs:
3232 extensions : mbstring, xml, ctype, iconv, intl, json
3333 tools : composer
3434
35- # Step 3: Install PHP dependencies using Composer.
35+ # Step 3: Caching dependencies
36+ - name : Cache Composer dependencies
37+ uses : actions/cache@v4
38+ with :
39+ path : vendor
40+ key : ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
41+
42+ # Step 4: Install PHP dependencies using Composer.
3643 - name : Install Composer dependencies
3744 run : composer install --prefer-dist --no-progress
3845
39- # Step 4: Run the PHP linter.
40- # This command is defined in your `composer.json` file.
46+ # Step 5: Add depedency vulnerability scanning
47+ - name : Security audit
48+ run : composer audit
49+
50+ # Step 6: Run the PHP linter.
51+ # This command is defined in `composer.json` file.
4152 # Example `scripts` section in composer.json:
4253 # "scripts": {
4354 # "lint": "phpcs --standard=WordPress ./"
4455 # }
4556 - name : Run PHP Code Sniffer
4657 run : composer run lint
58+ continue-on-error : false
4759
4860 # ###################################
4961 # 2. TESTING JOB: Run unit/integration tests
@@ -53,12 +65,32 @@ jobs:
5365 # This job depends on the 'lint' job finishing successfully.
5466 needs : lint
5567 runs-on : ubuntu-latest
68+ timeout-minutes : 20
69+
70+ # Database Testing
71+ services :
72+ mysql :
73+ image : mysql:8.0
74+ env :
75+ MYSQL_ALLOW_EMPTY_PASSWORD : yes
76+ MYSQL_DATABASE : wordpress_test
77+ ports :
78+ - 3306:3306
79+ options : >-
80+ --health-cmd="mysqladmin ping --silent"
81+ --health-interval=10s
82+ --health-timeout=5s
83+ --health-retries=3
5684
5785# Use a strategy matrix to test across multiple WordPress and PHP versions.
5886 strategy :
5987 matrix :
60- wordpress-version : ["latest", "6.7.2", "6.5"] # Test against the latest and a specific older version.
61- php-version : ["8.1", "8.2"] # Test against multiple PHP versions.
88+ wordpress-version : ["latest"] # Test against the latest and a specific older version.
89+ php-version : ["8.3", "8.4"] # Test against multiple PHP versions.
90+
91+ env :
92+ WP_TESTS_DIR : /tmp/wordpress-tests/
93+ WP_CORE_DIR : /tmp/wordpress/
6294
6395 steps :
6496 # Step 1: Check out the repository code.
@@ -76,8 +108,12 @@ jobs:
76108 # Step 3: Run the actual tests.
77109 # This command is typically defined in your `composer.json` or `package.json`.
78110 # It executes the PHPUnit test suite.
79- - name : Run tests with PHPUnit
80- run : vendor/bin/phpunit
111+ - name : Run tests with PHPUnit with coverage report
112+ run : vendor/bin/phpunit --coverage-clover=coverage.xml
113+
114+ - name : Upload coverage to Codecov
115+ uses : codecov/codecov-action@v4
116+ if : always()
81117
82118 # ###################################
83119 # 3. BUILD JOB: Create a distributable .zip file
87123 # This job depends on the 'test' job finishing successfully.
88124 needs : test
89125 runs-on : ubuntu-latest
126+ if : github.event_name == 'push' && github.ref == 'refs/heads/main'
90127
91128 steps :
92129 # Step 1: Check out the repository code.
@@ -96,9 +133,12 @@ jobs:
96133 # Step 2: Install front-end dependencies and build assets (if you have them).
97134 # Skip this if you don't use npm for CSS/JS builds.
98135 - name : Install npm dependencies and build assets
99- run : |
136+ uses : |
100137 npm install
101138 npm run build
139+ with :
140+ path : ~/.npm
141+ key : ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
102142
103143 # Step 3: Use a dedicated WordPress plugin build Action to create the .zip file.
104144 # This action is smart: it excludes development files like .git, node_modules, etc.
0 commit comments