GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → psalm → psalm-github-actions

psalm / psalm-github-actions

Licence: other
No description, website, or topics provided.

Programming Languages

shell
77523 projects
Dockerfile
14818 projects

Psalm Github action

Run Psalm as a github action.

name: Psalm Static analysis

on: [push, pull_request]

jobs:
  psalm:
    name: Psalm
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Psalm
        uses: docker://vimeo/psalm-github-actions

Specify Psalm version

You can also specify a version (after 3.14.2).

       - name: Psalm
-        uses: docker://vimeo/psalm-github-actions
+        uses: docker://vimeo/psalm-github-actions:3.14.2

Use Security Analysis

Psalm supports Security Analysis. You can use this config to show security analysis reports:

       - name: Psalm
         uses: docker://vimeo/psalm-github-actions
+        with:
+          security_analysis: true

Send security output to GitHub Security tab

GitHub also allows you to send security issues to a separate part of the site that can be restricted to members of your team.

Use the following config:

       - name: Psalm
         uses: docker://vimeo/psalm-github-actions
+        with:
+          security_analysis: true
+          report_file: results.sarif
+      - name: Upload Security Analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: results.sarif

Customising Composer

Specify composer_require_dev: true to install dev dependencies and composer_ignore_platform_reqs: true in order to ignore platform requirements.

These are both set to false by default.

       - name: Psalm
         uses: docker://vimeo/psalm-github-actions
+        with:
+          composer_require_dev: true
+          composer_ignore_platform_reqs: true

Use relative dir

If your composer file is not in the directory, you can specify the relative directory.

Use the following config:

       - name: Psalm
         uses: docker://vimeo/psalm-github-actions
+        with:
+          relative_dir: ./subdir

Auth for private composer repositories

If you have private composer dependencies, SSH authentication must be used. Generate an SSH key pair for this purpose and add it to your private repository's configuration, preferable with only read-only privileges. On Github for instance, this can be done by using [deploy keys][deploy-keys].

Add the key pair to your project using [Github Secrets][secrets], and pass them into this action by using the ssh_key and ssh_key_pub inputs. If your private repository is stored on another server than github.com, you also need to pass the domain via ssh_domain.

Example:

jobs:
  build:

    ...

    - name: Psalm
      uses: docker://vimeo/psalm-github-actions
      with:
        ssh_key: ${{ secrets.SOME_PRIVATE_KEY }}
        ssh_key_pub: ${{ secrets.SOME_PUBLIC_KEY }}
        # Optional:
        ssh_domain: my-own-github.com

github.com, gitlab.com and bitbucket.org are automatically added to the list of SSH known hosts. You can provide your own domain via ssh_domain input.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].