From 12315820a17fac73f2992721c76c2efddf4a43ef Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 15 Nov 2024 16:32:10 -0600 Subject: [PATCH 001/130] Add simple bash script to create the composer auth.json file for us using 1Password keys. --- dev/scripts/create-auth-json.sh | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100755 dev/scripts/create-auth-json.sh diff --git a/dev/scripts/create-auth-json.sh b/dev/scripts/create-auth-json.sh new file mode 100755 index 00000000..93930bed --- /dev/null +++ b/dev/scripts/create-auth-json.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +# Create auth.json file for Composer using the 1Password CLI + +# Check if 1Password CLI is installed +if ! command -v op > /dev/null 2>&1; then + echo >&2 "It appears that the 1Password CLI is not installed. Skipping."; + exit 0; +fi + +# Exit if there is an existing auth.json file +if [ -f auth.json ]; then + echo >&2 "auth.json already exists. Skipping."; + exit 0; +fi + +# Create auth.json file using 1Password CLI +echo "Creating auth.json file for Composer using 1Password CLI..."; +op inject -i auth.template.json -o auth.json + +exit 0; From ed834e952c46ca3d64cf44cf9f0e3b4af66b8266 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 15 Nov 2024 16:32:45 -0600 Subject: [PATCH 002/130] Add auth.json template file for 1Passwold CLI integration. --- auth.template.json | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 auth.template.json diff --git a/auth.template.json b/auth.template.json new file mode 100644 index 00000000..81305baf --- /dev/null +++ b/auth.template.json @@ -0,0 +1,13 @@ +{ + "http-basic": { + "connect.advancedcustomfields.com": { + "username": "{{op://${OPVAULT:-Engineering}/MT ACF Pro License/http-basic-auth/username}}", + "password": "{{op://${OPVAULT:-Engineering}/MT ACF Pro License/http-basic-auth/password}}" + }, + "composer.gravity.io": { + "username": "{{op://${OPVAULT:-Engineering}/MT Gravity Forms License/http-basic-auth/username}}", + "password": "{{op://${OPVAULT:-Engineering}/MT Gravity Forms License/http-basic-auth/password}}" + } + } +} +rm -r From b36564ad11a03700cf5058794c5002170822e4ca Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 15 Nov 2024 16:33:40 -0600 Subject: [PATCH 003/130] Update composer script names and purposes. Adjust when the WP install is run. --- composer.json | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/composer.json b/composer.json index bf8525a3..6c3dcc43 100644 --- a/composer.json +++ b/composer.json @@ -24,29 +24,26 @@ "phpcbf": "./vendor/bin/phpcbf -s", "phpcs": "./vendor/bin/phpcs", "phpstan": "./vendor/bin/phpstan analyse --memory-limit=-1", - "setup-project": [ - "@php -r \"file_exists('auth.json') || copy('auth-sample.json', 'auth.json');\"", + "copy-local-configs": [ "@php -r \"file_exists('local-config.php') || copy('local-config-sample.php', 'local-config.php');\"", "@php -r \"file_exists('local-config.json') || copy('local-config-sample.json', 'local-config.json');\"" ], - "setup-wordpress": "./vendor/bin/wp core download --version=6.7 --skip-content --force", + "install-wordpress": "./vendor/bin/wp core download --version=6.7 --skip-content --force", "update-db": "./vendor/bin/wp core update-db", - "post-root-package-install": [ - "@setup-repo" - ], "post-install-cmd": [ - "@setup-wordpress" + "@copy-local-configs", + "@install-wordpress" ], "post-update-cmd": [ - "@setup-wordpress" + "@install-wordpress" ] }, "scripts-descriptions": { "phpcs": "Run PHPCS on the project.", "phpcbf": "Run PHPCBF on the project.", "phpstan": "Run PHPStan on the project.", - "setup-project": "Moves the auth.json, local-config.php, and local-config.json files for setting up the project.", - "setup-wordpress": "Runs the wpcli command to download and install core WordPress. To change the WordPress version, update the --version value.", + "copy-local-configs": "Copies the local-config.php and local-config.json files.", + "install-wordpress": "Runs the wpcli command to download and install core WordPress. To change the WordPress version, update the --version value.", "update-db": "Runs the wpcli command to update the WordPress database. This is sometimes required after a version update." }, "repositories": [ From 30b86be16ec4156a22a96e28566adf56c8dd38b8 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 15 Nov 2024 16:34:07 -0600 Subject: [PATCH 004/130] Automatically run composer install after setting Lando starts the appserver (PHP) container. --- .lando.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.lando.yml b/.lando.yml index 32445c71..d2a70e9f 100644 --- a/.lando.yml +++ b/.lando.yml @@ -12,6 +12,8 @@ services: overrides: environment: - XDEBUG_TRIGGER=1 + run: + - composer install mailhog: type: mailhog portforward: true From 0c783b68ea0787ddc405ed57cdbe0a49b63768bf Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 15 Nov 2024 16:40:10 -0600 Subject: [PATCH 005/130] fix an typo. It's Friday [sigh] --- auth.template.json | 1 - 1 file changed, 1 deletion(-) diff --git a/auth.template.json b/auth.template.json index 81305baf..d7cace91 100644 --- a/auth.template.json +++ b/auth.template.json @@ -10,4 +10,3 @@ } } } -rm -r From a91422ec0b67c79355c20f0a15f66ae52a3b83ee Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 15 Nov 2024 16:59:58 -0600 Subject: [PATCH 006/130] Remove unnecessary local config values. --- local-config-sample.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/local-config-sample.php b/local-config-sample.php index b36f258c..6d4b314e 100644 --- a/local-config-sample.php +++ b/local-config-sample.php @@ -20,10 +20,6 @@ define( 'DB_USER', $database_config->creds->user ); define( 'DB_PASSWORD', $database_config->creds->password ); define( 'DB_HOST', $database_config->internal_connection->host ); - - /** URL routing (Optional, may not be necessary) */ - // define('WP_HOME','http://mysite.lndo.site'); - // define('WP_SITEURL','http://mysite.lndo.site'); } /** From fff2185bc8667593aa67cfa9962f55275b275f29 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 19 Nov 2024 12:04:39 -0600 Subject: [PATCH 007/130] Try using 1Pass to create auth.json from template. --- .github/workflows/phpcs.yml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 789a23bd..16b31b9f 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -6,6 +6,9 @@ on: COMPOSER_AUTH_JSON: required: true description: Composer auth.json + OP_SERVICE_ACCOUNT_TOKEN: + required: true + description: 1Password Service Account Token jobs: phpcs: @@ -48,10 +51,18 @@ jobs: restore-keys: | ${{ runner.os }}-composer- + - name: Install 1Password CLI + uses: 1password/install-cli-action@v1 + # if: steps.changed-files.outputs.phpcs == 'true' + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + run: | + op user get --me + op inject -i auth.template.json -o auth.json + - name: Install Composer - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' run: | - echo '${{ secrets.COMPOSER_AUTH_JSON }}' > auth.json composer install --ignore-platform-reqs --optimize-autoloader --no-progress rm auth.json From 34ddaa5d61e05bccb5d385f255a687ee566fa8a0 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 19 Nov 2024 12:07:12 -0600 Subject: [PATCH 008/130] Use the correct syntax for actions. --- .github/workflows/phpcs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 16b31b9f..d556bfd1 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -53,6 +53,8 @@ jobs: - name: Install 1Password CLI uses: 1password/install-cli-action@v1 + + - name: Create auth.json from 1Password # if: steps.changed-files.outputs.phpcs == 'true' env: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} From bdb77ae5189a1b1e6db5f6d726d418262c006679 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 19 Nov 2024 12:12:02 -0600 Subject: [PATCH 009/130] Pass secret from calling action. --- .github/workflows/code-quality.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index e525170d..77e97255 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -17,6 +17,7 @@ jobs: uses: ./.github/workflows/phpcs.yml secrets: COMPOSER_AUTH_JSON: ${{ secrets.COMPOSER_AUTH_JSON }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} linting: name: 'Linting' From f23ad321802a2dd0d6106f7715816a571aa0baf8 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 19 Nov 2024 12:13:25 -0600 Subject: [PATCH 010/130] Make PHPCS action temporarily callable. --- .github/workflows/phpcs.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index d556bfd1..ae26f743 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -1,6 +1,7 @@ name: Coding Standards on: + workflow_dispatch: workflow_call: secrets: COMPOSER_AUTH_JSON: From 740e5c267cb1716d3fd5e424a2b3a4ed92cc717f Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 19 Nov 2024 12:22:38 -0600 Subject: [PATCH 011/130] Re-enabled conditional checks. --- .github/workflows/phpcs.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index ae26f743..7e54c17c 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -1,7 +1,6 @@ name: Coding Standards on: - workflow_dispatch: workflow_call: secrets: COMPOSER_AUTH_JSON: @@ -53,10 +52,11 @@ jobs: ${{ runner.os }}-composer- - name: Install 1Password CLI + if: steps.changed-files.outputs.phpcs == 'true' uses: 1password/install-cli-action@v1 - name: Create auth.json from 1Password - # if: steps.changed-files.outputs.phpcs == 'true' + if: steps.changed-files.outputs.phpcs == 'true' env: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} run: | @@ -64,7 +64,7 @@ jobs: op inject -i auth.template.json -o auth.json - name: Install Composer - # if: steps.changed-files.outputs.phpcs == 'true' + if: steps.changed-files.outputs.phpcs == 'true' run: | composer install --ignore-platform-reqs --optimize-autoloader --no-progress rm auth.json From 7666968b22d3f3bdc0e1574634e81e10768ed20e Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 06:42:17 -0600 Subject: [PATCH 012/130] Update template paths to match item structure in 1Password. --- auth.template.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/auth.template.json b/auth.template.json index d7cace91..5d77f579 100644 --- a/auth.template.json +++ b/auth.template.json @@ -1,12 +1,12 @@ { "http-basic": { "connect.advancedcustomfields.com": { - "username": "{{op://${OPVAULT:-Engineering}/MT ACF Pro License/http-basic-auth/username}}", - "password": "{{op://${OPVAULT:-Engineering}/MT ACF Pro License/http-basic-auth/password}}" + "username": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/ACF/license}}", + "password": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/url}}" }, "composer.gravity.io": { - "username": "{{op://${OPVAULT:-Engineering}/MT Gravity Forms License/http-basic-auth/username}}", - "password": "{{op://${OPVAULT:-Engineering}/MT Gravity Forms License/http-basic-auth/password}}" + "username": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/GF/license}}", + "password": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/url}}" } } } From d1e3420f5cf30762f3e5d35416ba00177003ce2f Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 06:42:34 -0600 Subject: [PATCH 013/130] Update code quality workflows to use new auth.json process. --- .github/workflows/code-quality.yml | 5 ++--- .github/workflows/php-tests.yml | 21 +++++++++++++++++---- .github/workflows/phpcs.yml | 5 +---- .github/workflows/static-analysis.yml | 17 ++++++++++++++--- 4 files changed, 34 insertions(+), 14 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 77e97255..9f6a7c00 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -16,7 +16,6 @@ jobs: name: 'Coding Standards' uses: ./.github/workflows/phpcs.yml secrets: - COMPOSER_AUTH_JSON: ${{ secrets.COMPOSER_AUTH_JSON }} OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} linting: @@ -28,7 +27,7 @@ jobs: needs: [coding-standards, linting] uses: ./.github/workflows/static-analysis.yml secrets: - COMPOSER_AUTH_JSON: ${{ secrets.COMPOSER_AUTH_JSON }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} # Enable this job if you have PHPUnit tests # slic: @@ -36,4 +35,4 @@ jobs: # needs: [coding-standards, phpstan, linting] # uses: ./.github/workflows/php-tests.yml # secrets: -# COMPOSER_AUTH_JSON: ${{ secrets.COMPOSER_AUTH_JSON }} +# OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} diff --git a/.github/workflows/php-tests.yml b/.github/workflows/php-tests.yml index 79741138..5536be2e 100644 --- a/.github/workflows/php-tests.yml +++ b/.github/workflows/php-tests.yml @@ -3,9 +3,9 @@ name: 'PHP Tests' on: workflow_call: secrets: - COMPOSER_AUTH_JSON: + OP_SERVICE_ACCOUNT_TOKEN: required: true - description: Composer auth.json + description: 1Password Service Account Token jobs: test: @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest env: build_folder: build - COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH_JSON }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} steps: - name: Checkout the repository @@ -100,11 +100,24 @@ jobs: ${SLIC_BIN} info ${SLIC_BIN} config + - name: Install 1Password CLI + if: steps.changed-files.outputs.tests == 'true' + uses: 1password/install-cli-action@v1 + + - name: Create auth.json via 1Password CLI + if: steps.changed-files.outputs.tests == 'true' + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + run: | + op user get --me + op inject -i auth.template.json -o auth.json + - name: Set up site for CI if: steps.changed-files.outputs.tests == 'true' run: | ${SLIC_BIN} use site - ${SLIC_BIN} composer install --ignore-platform-reqs + ${SLIC_BIN} composer install --ignore-platform-reqs --optimize-autoloader --no-progress + ${SLIC_BIN} rm auth.json - name: Run suite tests if: steps.changed-files.outputs.tests == 'true' diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 7e54c17c..373bf094 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -3,9 +3,6 @@ name: Coding Standards on: workflow_call: secrets: - COMPOSER_AUTH_JSON: - required: true - description: Composer auth.json OP_SERVICE_ACCOUNT_TOKEN: required: true description: 1Password Service Account Token @@ -55,7 +52,7 @@ jobs: if: steps.changed-files.outputs.phpcs == 'true' uses: 1password/install-cli-action@v1 - - name: Create auth.json from 1Password + - name: Create auth.json via 1Password CLI if: steps.changed-files.outputs.phpcs == 'true' env: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index 089dbd4c..a2986b2e 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -3,9 +3,9 @@ name: Static Analysis on: workflow_call: secrets: - COMPOSER_AUTH_JSON: + OP_SERVICE_ACCOUNT_TOKEN: required: true - description: Composer auth.json + description: 1Password Service Account Token jobs: phpstsan: @@ -52,10 +52,21 @@ jobs: restore-keys: | ${{ runner.os }}-composer- + - name: Install 1Password CLI + if: steps.changed-files.outputs.phpstan == 'true' + uses: 1password/install-cli-action@v1 + + - name: Create auth.json via 1Password CLI + if: steps.changed-files.outputs.phpstan == 'true' + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + run: | + op user get --me + op inject -i auth.template.json -o auth.json + - name: Install Composer if: steps.changed-files.outputs.phpstan == 'true' run: | - echo '${{ secrets.COMPOSER_AUTH_JSON }}' > auth.json composer install --ignore-platform-reqs --optimize-autoloader --no-progress rm auth.json From c5c406a27980b14db16262d372c6762589cf94a8 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 12:52:10 -0600 Subject: [PATCH 014/130] Test setting env vars for 1Pass commands. --- .github/workflows/code-quality.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 9f6a7c00..91098008 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -10,6 +10,9 @@ on: branches: - main - develop + env: + OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' + OP_ITEM: 'Test-Composer-Auth' jobs: coding-standards: From 2aebf1af1c1afe811aa63b164326ee16d995168d Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 12:53:49 -0600 Subject: [PATCH 015/130] Syntax matters. --- .github/workflows/code-quality.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 91098008..e83136bb 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -10,9 +10,10 @@ on: branches: - main - develop - env: - OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' - OP_ITEM: 'Test-Composer-Auth' + +env: + OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' + OP_ITEM: 'Test-Composer-Auth' jobs: coding-standards: From 7c129fd60ae96916f939efb3c84e999912792b12 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 12:55:47 -0600 Subject: [PATCH 016/130] temporarily disable checks so action will run. --- .github/workflows/phpcs.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 373bf094..adba01eb 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -28,7 +28,7 @@ jobs: - added|modified: 'phpcs.xml.dist' - name: Configure PHP environment - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' uses: shivammathur/setup-php@v2 with: tools: composer:2 @@ -36,12 +36,12 @@ jobs: - name: Get Composer Cache Directory id: composer-cache - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' run: | echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - uses: actions/cache@v4 - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' with: path: ${{ steps.composer-cache.outputs.dir }} key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} @@ -49,11 +49,11 @@ jobs: ${{ runner.os }}-composer- - name: Install 1Password CLI - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' uses: 1password/install-cli-action@v1 - name: Create auth.json via 1Password CLI - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' env: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} run: | @@ -61,12 +61,12 @@ jobs: op inject -i auth.template.json -o auth.json - name: Install Composer - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' run: | composer install --ignore-platform-reqs --optimize-autoloader --no-progress rm auth.json - name: Run PHPCS - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' run: | composer phpcs From 65f87651b51272e9318714613a7235e71fdb6c65 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 12:57:56 -0600 Subject: [PATCH 017/130] Move ENV vars. --- .github/workflows/code-quality.yml | 4 ---- .github/workflows/phpcs.yml | 2 ++ 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index e83136bb..9f6a7c00 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -11,10 +11,6 @@ on: - main - develop -env: - OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' - OP_ITEM: 'Test-Composer-Auth' - jobs: coding-standards: name: 'Coding Standards' diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index adba01eb..f7f787a5 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -55,6 +55,8 @@ jobs: - name: Create auth.json via 1Password CLI # if: steps.changed-files.outputs.phpcs == 'true' env: + OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' + OP_ITEM: 'Test-Composer-Auth' OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} run: | op user get --me From 9ca421323d13af071fec75c17e03beb7b5018983 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 14:43:07 -0600 Subject: [PATCH 018/130] more env vars testing --- .github/workflows/code-quality.yml | 4 ++++ .github/workflows/phpcs.yml | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 9f6a7c00..e83136bb 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -11,6 +11,10 @@ on: - main - develop +env: + OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' + OP_ITEM: 'Test-Composer-Auth' + jobs: coding-standards: name: 'Coding Standards' diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index f7f787a5..82ca3d10 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -55,8 +55,8 @@ jobs: - name: Create auth.json via 1Password CLI # if: steps.changed-files.outputs.phpcs == 'true' env: - OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' - OP_ITEM: 'Test-Composer-Auth' + OP_VAULT: ${{ env.OP_VAULT }} + OP_ITEM: ${{ env.OP_ITEM }} OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} run: | op user get --me From ddcab7bccfe5d561d2faf677c74343021b3ff604 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 14:45:59 -0600 Subject: [PATCH 019/130] more env vars testing --- .github/workflows/code-quality.yml | 3 +++ .github/workflows/phpcs.yml | 2 -- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index e83136bb..7a1cad20 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -19,6 +19,9 @@ jobs: coding-standards: name: 'Coding Standards' uses: ./.github/workflows/phpcs.yml + env: + OP_VAULT: ${{ env.OP_VAULT }} + OP_ITEM: ${{ env.OP_ITEM }} secrets: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 82ca3d10..adba01eb 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -55,8 +55,6 @@ jobs: - name: Create auth.json via 1Password CLI # if: steps.changed-files.outputs.phpcs == 'true' env: - OP_VAULT: ${{ env.OP_VAULT }} - OP_ITEM: ${{ env.OP_ITEM }} OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} run: | op user get --me From b92fca7e7f7e12b25915c7b54fc7da0ef9b733ac Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 14:56:28 -0600 Subject: [PATCH 020/130] Move composer install to separate action. --- .github/workflows/code-quality.yml | 11 ------ .github/workflows/composer-install.yml | 46 ++++++++++++++++++++++++++ .github/workflows/phpcs.yml | 43 +++--------------------- 3 files changed, 50 insertions(+), 50 deletions(-) create mode 100644 .github/workflows/composer-install.yml diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 7a1cad20..0b4132ec 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -11,19 +11,10 @@ on: - main - develop -env: - OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' - OP_ITEM: 'Test-Composer-Auth' - jobs: coding-standards: name: 'Coding Standards' uses: ./.github/workflows/phpcs.yml - env: - OP_VAULT: ${{ env.OP_VAULT }} - OP_ITEM: ${{ env.OP_ITEM }} - secrets: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} linting: name: 'Linting' @@ -33,8 +24,6 @@ jobs: name: 'Static Analysis' needs: [coding-standards, linting] uses: ./.github/workflows/static-analysis.yml - secrets: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} # Enable this job if you have PHPUnit tests # slic: diff --git a/.github/workflows/composer-install.yml b/.github/workflows/composer-install.yml new file mode 100644 index 00000000..00d2d4cf --- /dev/null +++ b/.github/workflows/composer-install.yml @@ -0,0 +1,46 @@ +name: 'Composer Install' + +on: + workflow_call: + secrets: + OP_SERVICE_ACCOUNT_TOKEN: + required: true + description: 1Password Service Account Token + +jobs: + composer-install: + name: Composer Install + runs-on: ubuntu-latest + steps: + - name: Configure PHP environment + uses: shivammathur/setup-php@v2 + with: + tools: composer:2 + php-version: '8.2' + + - name: Get Composer Cache Directory + id: composer-cache + run: | + echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT + + - uses: actions/cache@v4 + with: + path: ${{ steps.composer-cache.outputs.dir }} + key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} + restore-keys: | + ${{ runner.os }}-composer- + + - name: Install 1Password CLI + uses: 1password/install-cli-action@v1 + + - name: Create auth.json via 1Password CLI + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + run: | + op user get --me + op inject -i auth.template.json -o auth.json + + - name: Install Composer + run: | + composer install --ignore-platform-reqs --optimize-autoloader --no-progress + rm auth.json diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index adba01eb..c511265a 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -27,46 +27,11 @@ jobs: - added|modified: 'wp-content/mu-plugins/**/*.php' - added|modified: 'phpcs.xml.dist' - - name: Configure PHP environment - # if: steps.changed-files.outputs.phpcs == 'true' - uses: shivammathur/setup-php@v2 - with: - tools: composer:2 - php-version: '8.2' - - - name: Get Composer Cache Directory - id: composer-cache - # if: steps.changed-files.outputs.phpcs == 'true' - run: | - echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - - - uses: actions/cache@v4 - # if: steps.changed-files.outputs.phpcs == 'true' - with: - path: ${{ steps.composer-cache.outputs.dir }} - key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} - restore-keys: | - ${{ runner.os }}-composer- - - - name: Install 1Password CLI - # if: steps.changed-files.outputs.phpcs == 'true' - uses: 1password/install-cli-action@v1 - - - name: Create auth.json via 1Password CLI - # if: steps.changed-files.outputs.phpcs == 'true' - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json - - - name: Install Composer - # if: steps.changed-files.outputs.phpcs == 'true' - run: | - composer install --ignore-platform-reqs --optimize-autoloader --no-progress - rm auth.json + - name: Composer Install + if: steps.changed-files.outputs.phpcs == 'true' + uses: ./.github/workflows/composer-install.yml - name: Run PHPCS - # if: steps.changed-files.outputs.phpcs == 'true' + if: steps.changed-files.outputs.phpcs == 'true' run: | composer phpcs From 09ac3ec71178cd29ad3b336aed008c79610bad61 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 14:58:07 -0600 Subject: [PATCH 021/130] testing secrets --- .github/workflows/composer-install.yml | 4 ---- .github/workflows/phpcs.yml | 4 ---- 2 files changed, 8 deletions(-) diff --git a/.github/workflows/composer-install.yml b/.github/workflows/composer-install.yml index 00d2d4cf..d738529f 100644 --- a/.github/workflows/composer-install.yml +++ b/.github/workflows/composer-install.yml @@ -2,10 +2,6 @@ name: 'Composer Install' on: workflow_call: - secrets: - OP_SERVICE_ACCOUNT_TOKEN: - required: true - description: 1Password Service Account Token jobs: composer-install: diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index c511265a..b0442e60 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -2,10 +2,6 @@ name: Coding Standards on: workflow_call: - secrets: - OP_SERVICE_ACCOUNT_TOKEN: - required: true - description: 1Password Service Account Token jobs: phpcs: From 84168ebcec409ac05e1aaf1d25eed122b4a607d0 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 14:59:30 -0600 Subject: [PATCH 022/130] testing secrets --- .github/workflows/code-quality.yml | 2 -- .github/workflows/php-tests.yml | 4 ---- .github/workflows/static-analysis.yml | 4 ---- 3 files changed, 10 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 0b4132ec..99cc25be 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -30,5 +30,3 @@ jobs: # name: 'PHP Tests' # needs: [coding-standards, phpstan, linting] # uses: ./.github/workflows/php-tests.yml -# secrets: -# OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} diff --git a/.github/workflows/php-tests.yml b/.github/workflows/php-tests.yml index 5536be2e..ed4f68ab 100644 --- a/.github/workflows/php-tests.yml +++ b/.github/workflows/php-tests.yml @@ -2,10 +2,6 @@ name: 'PHP Tests' on: workflow_call: - secrets: - OP_SERVICE_ACCOUNT_TOKEN: - required: true - description: 1Password Service Account Token jobs: test: diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index a2986b2e..c17c1da8 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -2,10 +2,6 @@ name: Static Analysis on: workflow_call: - secrets: - OP_SERVICE_ACCOUNT_TOKEN: - required: true - description: 1Password Service Account Token jobs: phpstsan: From c59d5f6ae3c7d7f5f924418bf4e40333914d6153 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 15:00:29 -0600 Subject: [PATCH 023/130] testing secrets --- .github/workflows/phpcs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index b0442e60..f445f208 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -24,7 +24,7 @@ jobs: - added|modified: 'phpcs.xml.dist' - name: Composer Install - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/workflows/composer-install.yml - name: Run PHPCS From 5d030f28d510697bbce8ef323bee4c04bbe0108c Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 15:05:34 -0600 Subject: [PATCH 024/130] testing secrets --- .github/workflows/composer-install.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/composer-install.yml b/.github/workflows/composer-install.yml index d738529f..0714d401 100644 --- a/.github/workflows/composer-install.yml +++ b/.github/workflows/composer-install.yml @@ -8,6 +8,9 @@ jobs: name: Composer Install runs-on: ubuntu-latest steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Configure PHP environment uses: shivammathur/setup-php@v2 with: From f138ebb61d09ba745f8a346f9a44bfe9b5a4f71d Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 15:07:05 -0600 Subject: [PATCH 025/130] testing secrets --- .github/workflows/composer-install.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/composer-install.yml b/.github/workflows/composer-install.yml index 0714d401..415a1565 100644 --- a/.github/workflows/composer-install.yml +++ b/.github/workflows/composer-install.yml @@ -1,4 +1,4 @@ -name: 'Composer Install' +name: Composer Install on: workflow_call: @@ -8,9 +8,6 @@ jobs: name: Composer Install runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Configure PHP environment uses: shivammathur/setup-php@v2 with: From eac90e547296cddac68e264f5d11236d51ad7e64 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 15:27:45 -0600 Subject: [PATCH 026/130] Make it a composite action instead. --- .github/workflows/composer-install.yml | 65 ++++++++++++-------------- 1 file changed, 30 insertions(+), 35 deletions(-) diff --git a/.github/workflows/composer-install.yml b/.github/workflows/composer-install.yml index 415a1565..98441ee6 100644 --- a/.github/workflows/composer-install.yml +++ b/.github/workflows/composer-install.yml @@ -1,42 +1,37 @@ name: Composer Install -on: - workflow_call: +runs: + using: "composite" + steps: + - name: Configure PHP environment + uses: shivammathur/setup-php@v2 + with: + tools: composer:2 + php-version: '8.2' -jobs: - composer-install: - name: Composer Install - runs-on: ubuntu-latest - steps: - - name: Configure PHP environment - uses: shivammathur/setup-php@v2 - with: - tools: composer:2 - php-version: '8.2' + - name: Get Composer Cache Directory + id: composer-cache + run: | + echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - - name: Get Composer Cache Directory - id: composer-cache - run: | - echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT + - uses: actions/cache@v4 + with: + path: ${{ steps.composer-cache.outputs.dir }} + key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} + restore-keys: | + ${{ runner.os }}-composer- - - uses: actions/cache@v4 - with: - path: ${{ steps.composer-cache.outputs.dir }} - key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} - restore-keys: | - ${{ runner.os }}-composer- + - name: Install 1Password CLI + uses: 1password/install-cli-action@v1 - - name: Install 1Password CLI - uses: 1password/install-cli-action@v1 + - name: Create auth.json via 1Password CLI + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + run: | + op user get --me + op inject -i auth.template.json -o auth.json - - name: Create auth.json via 1Password CLI - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json - - - name: Install Composer - run: | - composer install --ignore-platform-reqs --optimize-autoloader --no-progress - rm auth.json + - name: Install Composer + run: | + composer install --ignore-platform-reqs --optimize-autoloader --no-progress + rm auth.json From 3ac35f965ce6737345062afd8fa05b967c02707b Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 15:35:27 -0600 Subject: [PATCH 027/130] Make it a composite action instead. --- .../composer-install/action.yml} | 0 .github/workflows/phpcs.yml | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename .github/{workflows/composer-install.yml => actions/composer-install/action.yml} (100%) diff --git a/.github/workflows/composer-install.yml b/.github/actions/composer-install/action.yml similarity index 100% rename from .github/workflows/composer-install.yml rename to .github/actions/composer-install/action.yml diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index f445f208..d4b55eeb 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -25,7 +25,7 @@ jobs: - name: Composer Install # if: steps.changed-files.outputs.phpcs == 'true' - uses: ./.github/workflows/composer-install.yml + uses: ./app/public/.github/actions/composer-install - name: Run PHPCS if: steps.changed-files.outputs.phpcs == 'true' From 702cc0c27bda8a5fc8ce03d81116542128010591 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 15:47:31 -0600 Subject: [PATCH 028/130] Use the right path, dummy. --- .github/workflows/phpcs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index d4b55eeb..bb183056 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -25,7 +25,7 @@ jobs: - name: Composer Install # if: steps.changed-files.outputs.phpcs == 'true' - uses: ./app/public/.github/actions/composer-install + uses: ./.github/actions/composer-install - name: Run PHPCS if: steps.changed-files.outputs.phpcs == 'true' From a06c53c154999148867b95d1ff4274c9c3b6b764 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 15:57:26 -0600 Subject: [PATCH 029/130] pass secret as an input. --- .github/actions/composer-install/action.yml | 10 +++++++++- .github/workflows/phpcs.yml | 2 ++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 98441ee6..f629a518 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -1,5 +1,10 @@ name: Composer Install +inputs: + token: + required: true + description: 1Password Service Account Token + runs: using: "composite" steps: @@ -13,6 +18,7 @@ runs: id: composer-cache run: | echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT + shell: bash - uses: actions/cache@v4 with: @@ -26,12 +32,14 @@ runs: - name: Create auth.json via 1Password CLI env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.token }} run: | op user get --me op inject -i auth.template.json -o auth.json + shell: bash - name: Install Composer run: | composer install --ignore-platform-reqs --optimize-autoloader --no-progress rm auth.json + shell: bash diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index bb183056..2f35774b 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -26,6 +26,8 @@ jobs: - name: Composer Install # if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install + with: + token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - name: Run PHPCS if: steps.changed-files.outputs.phpcs == 'true' From d7c3208595a33d9bf3be2269eefd440adade61b5 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:00:36 -0600 Subject: [PATCH 030/130] pass secret as an input. --- .github/workflows/phpcs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 2f35774b..3b274354 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -27,7 +27,7 @@ jobs: # if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install with: - token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + token: 'test-token' - name: Run PHPCS if: steps.changed-files.outputs.phpcs == 'true' From fb301c2456b5b454a62a810de1268d60d4d58e67 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:04:21 -0600 Subject: [PATCH 031/130] pass in SA token. --- .github/actions/composer-install/action.yml | 4 ++-- .github/workflows/code-quality.yml | 2 ++ .github/workflows/phpcs.yml | 5 ++++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index f629a518..f724c959 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -1,7 +1,7 @@ name: Composer Install inputs: - token: + op_service_account_token: required: true description: 1Password Service Account Token @@ -32,7 +32,7 @@ runs: - name: Create auth.json via 1Password CLI env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.token }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.op_service_account_token }} run: | op user get --me op inject -i auth.template.json -o auth.json diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 99cc25be..009899ba 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -15,6 +15,8 @@ jobs: coding-standards: name: 'Coding Standards' uses: ./.github/workflows/phpcs.yml + secrets: + op_service_account_token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} linting: name: 'Linting' diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 3b274354..6013357d 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -2,6 +2,9 @@ name: Coding Standards on: workflow_call: + secrets: + op_service_account_token: + required: true jobs: phpcs: @@ -27,7 +30,7 @@ jobs: # if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install with: - token: 'test-token' + op_service_account_token: ${{ secrets.op_service_account_token }} - name: Run PHPCS if: steps.changed-files.outputs.phpcs == 'true' From dada3abac8d731799f5a9f8e20edccfa0bbf1d53 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:05:24 -0600 Subject: [PATCH 032/130] run it all! --- .github/workflows/phpcs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 6013357d..b1fc187d 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -33,6 +33,6 @@ jobs: op_service_account_token: ${{ secrets.op_service_account_token }} - name: Run PHPCS - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' run: | composer phpcs From 3de0fb439783feaebef15e117a5941c4577831e7 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:14:26 -0600 Subject: [PATCH 033/130] Update secret name to all caps. --- .github/workflows/code-quality.yml | 2 +- .github/workflows/phpcs.yml | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 009899ba..b0adc75a 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -16,7 +16,7 @@ jobs: name: 'Coding Standards' uses: ./.github/workflows/phpcs.yml secrets: - op_service_account_token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} linting: name: 'Linting' diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index b1fc187d..7097cf1a 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -3,8 +3,9 @@ name: Coding Standards on: workflow_call: secrets: - op_service_account_token: + OP_SERVICE_ACCOUNT_TOKEN: required: true + description: 1Password Service Account Token jobs: phpcs: @@ -30,7 +31,7 @@ jobs: # if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install with: - op_service_account_token: ${{ secrets.op_service_account_token }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - name: Run PHPCS # if: steps.changed-files.outputs.phpcs == 'true' From 7dbeb8fb932ce6c0ce9c4d9f4f2ff2eec5b75112 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:14:48 -0600 Subject: [PATCH 034/130] Add opts for vault & item names. --- .github/actions/composer-install/action.yml | 22 +++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index f724c959..11b1aafe 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -1,9 +1,17 @@ name: Composer Install inputs: - op_service_account_token: + OP_SERVICE_ACCOUNT_TOKEN: required: true - description: 1Password Service Account Token + description: 1Password service account token + OP_VAULT: + required: true + description: 1Password vault to use + default: 'Engineering' + OP_ITEM: + required: true + description: 1Password item to use + default: 'MT-Composer-Auth' runs: using: "composite" @@ -16,9 +24,9 @@ runs: - name: Get Composer Cache Directory id: composer-cache + shell: bash run: | echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - shell: bash - uses: actions/cache@v4 with: @@ -31,15 +39,17 @@ runs: uses: 1password/install-cli-action@v1 - name: Create auth.json via 1Password CLI + shell: bash env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.op_service_account_token }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ inputs.OP_VAULT }} + OP_ITEM: ${{ inputs.OP_ITEM }} run: | op user get --me op inject -i auth.template.json -o auth.json - shell: bash - name: Install Composer + shell: bash run: | composer install --ignore-platform-reqs --optimize-autoloader --no-progress rm auth.json - shell: bash From 3028a8e63919d5f918904173e77fc6edb97b8172 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:17:15 -0600 Subject: [PATCH 035/130] Test opts overrides. --- .github/workflows/phpcs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 7097cf1a..e8c55a1b 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -32,6 +32,8 @@ jobs: uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' + OP_ITEM: 'Test-Composer-Auth' - name: Run PHPCS # if: steps.changed-files.outputs.phpcs == 'true' From 91e46e68e5db43e5f6c0087c9bbb85e4846c74e5 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:20:56 -0600 Subject: [PATCH 036/130] Test opts overrides passed as inputs. --- .github/workflows/phpcs.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index e8c55a1b..52c8f5b7 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -2,6 +2,11 @@ name: Coding Standards on: workflow_call: + inputs: + OP_VAULT: + description: 1Password vault to use + OP_ITEM: + description: 1Password item to use secrets: OP_SERVICE_ACCOUNT_TOKEN: required: true @@ -32,8 +37,8 @@ jobs: uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: 'vob6y2d3l6ohybeuefe3uly2l4' - OP_ITEM: 'Test-Composer-Auth' + OP_VAULT: ${{ inputs.OP_VAULT }} + OP_ITEM: ${{ inputs.OP_ITEM }} - name: Run PHPCS # if: steps.changed-files.outputs.phpcs == 'true' From 28211e23e0dc197bd2a874862ee423fe9bd6f46b Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:25:19 -0600 Subject: [PATCH 037/130] try again with empty defaults. --- .github/actions/composer-install/action.yml | 7 +++---- .github/workflows/phpcs.yml | 6 ++++-- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 11b1aafe..b68b977e 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -3,14 +3,14 @@ name: Composer Install inputs: OP_SERVICE_ACCOUNT_TOKEN: required: true - description: 1Password service account token + description: 1Password service account token to use for populating composer auth.json OP_VAULT: required: true - description: 1Password vault to use + description: 1Password vault to use for populating composer auth.json default: 'Engineering' OP_ITEM: required: true - description: 1Password item to use + description: 1Password item to use for populating composer auth.json default: 'MT-Composer-Auth' runs: @@ -47,7 +47,6 @@ runs: run: | op user get --me op inject -i auth.template.json -o auth.json - - name: Install Composer shell: bash run: | diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 52c8f5b7..252f0e61 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -4,9 +4,11 @@ on: workflow_call: inputs: OP_VAULT: - description: 1Password vault to use + required: false + description: 1Password vault to use for populating composer auth.json OP_ITEM: - description: 1Password item to use + required: false + description: 1Password item to use for populating composer auth.json secrets: OP_SERVICE_ACCOUNT_TOKEN: required: true From 4194080368b9e4a324cea2c8174d00819821f50a Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:27:27 -0600 Subject: [PATCH 038/130] add input type. --- .github/workflows/phpcs.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 252f0e61..284b93ed 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -4,15 +4,15 @@ on: workflow_call: inputs: OP_VAULT: - required: false + type: string description: 1Password vault to use for populating composer auth.json OP_ITEM: - required: false + type: string description: 1Password item to use for populating composer auth.json secrets: OP_SERVICE_ACCOUNT_TOKEN: required: true - description: 1Password Service Account Token + description: 1Password Service Account Token to use for populating composer auth.json jobs: phpcs: From 040860af30328dcf446a63fd6b7de0b9b7271fd2 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:38:49 -0600 Subject: [PATCH 039/130] Move defaults to conditionally set b/c empty strings are passed in. --- .github/actions/composer-install/action.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index b68b977e..eb4b9ac4 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -7,11 +7,9 @@ inputs: OP_VAULT: required: true description: 1Password vault to use for populating composer auth.json - default: 'Engineering' OP_ITEM: required: true description: 1Password item to use for populating composer auth.json - default: 'MT-Composer-Auth' runs: using: "composite" @@ -42,9 +40,9 @@ runs: shell: bash env: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ inputs.OP_VAULT }} - OP_ITEM: ${{ inputs.OP_ITEM }} run: | + echo "OP_VAULT=${{ inputs.OP_VAULT || 'Engineering' }}" >> $GITHUB_ENV + echo "OP_ITEM=${{ inputs.OP_ITEM || 'MT-Composer-Auth' }}" >> $GITHUB_ENV op user get --me op inject -i auth.template.json -o auth.json - name: Install Composer From 7ff4265859dcfe6970c215e9394bb3af77223ae8 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:43:04 -0600 Subject: [PATCH 040/130] testing passed values. --- .github/actions/composer-install/action.yml | 8 ++++++-- .github/workflows/phpcs.yml | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index eb4b9ac4..08be03dc 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -36,13 +36,17 @@ runs: - name: Install 1Password CLI uses: 1password/install-cli-action@v1 + - name: Set env vars for 1Password CLI + shell: bash + run: | + echo "OP_VAULT=${{ inputs.OP_VAULT || 'Engineering' }}" >> $GITHUB_ENV + echo "OP_ITEM=${{ inputs.OP_ITEM || 'MT-Composer-Auth' }}" >> $GITHUB_ENV + - name: Create auth.json via 1Password CLI shell: bash env: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} run: | - echo "OP_VAULT=${{ inputs.OP_VAULT || 'Engineering' }}" >> $GITHUB_ENV - echo "OP_ITEM=${{ inputs.OP_ITEM || 'MT-Composer-Auth' }}" >> $GITHUB_ENV op user get --me op inject -i auth.template.json -o auth.json - name: Install Composer diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 284b93ed..ee98732e 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -39,7 +39,7 @@ jobs: uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ inputs.OP_VAULT }} + OP_VAULT: 'test-vault' #${{ inputs.OP_VAULT }} OP_ITEM: ${{ inputs.OP_ITEM }} - name: Run PHPCS From 777f7018332191150f8b92d7bdb79b47e67b9ac4 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:49:27 -0600 Subject: [PATCH 041/130] Test passing config var. --- .github/workflows/code-quality.yml | 3 +++ .github/workflows/phpcs.yml | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index b0adc75a..9717b31f 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -17,6 +17,9 @@ jobs: uses: ./.github/workflows/phpcs.yml secrets: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + with: + OP_VAULT: ${{ vars.OP_VAULT }} + OP_ITEM: ${{ vars.OP_ITEM }} linting: name: 'Linting' diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index ee98732e..284b93ed 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -39,7 +39,7 @@ jobs: uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: 'test-vault' #${{ inputs.OP_VAULT }} + OP_VAULT: ${{ inputs.OP_VAULT }} OP_ITEM: ${{ inputs.OP_ITEM }} - name: Run PHPCS From d98eabcfd59ed4d8a7c06fe4257284d7139b90e3 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 16:56:49 -0600 Subject: [PATCH 042/130] Use secrets instead of inputs. --- .github/workflows/code-quality.yml | 5 ++--- .github/workflows/phpcs.yml | 15 ++++++--------- 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 9717b31f..dc19f018 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -17,9 +17,8 @@ jobs: uses: ./.github/workflows/phpcs.yml secrets: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - with: - OP_VAULT: ${{ vars.OP_VAULT }} - OP_ITEM: ${{ vars.OP_ITEM }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} linting: name: 'Linting' diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 284b93ed..6470b9f5 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -2,17 +2,14 @@ name: Coding Standards on: workflow_call: - inputs: - OP_VAULT: - type: string - description: 1Password vault to use for populating composer auth.json - OP_ITEM: - type: string - description: 1Password item to use for populating composer auth.json secrets: OP_SERVICE_ACCOUNT_TOKEN: required: true description: 1Password Service Account Token to use for populating composer auth.json + OP_VAULT: + description: 1Password vault to use for populating composer auth.json + OP_ITEM: + description: 1Password item to use for populating composer auth.json jobs: phpcs: @@ -39,8 +36,8 @@ jobs: uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ inputs.OP_VAULT }} - OP_ITEM: ${{ inputs.OP_ITEM }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} - name: Run PHPCS # if: steps.changed-files.outputs.phpcs == 'true' From 570a29b68950242c8e8ea9e5f37ddcb189d348d2 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 17:00:25 -0600 Subject: [PATCH 043/130] Re-enable conditional checks. --- .github/workflows/phpcs.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 6470b9f5..ea64151b 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -32,7 +32,7 @@ jobs: - added|modified: 'phpcs.xml.dist' - name: Composer Install - # if: steps.changed-files.outputs.phpcs == 'true' + if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} @@ -40,6 +40,6 @@ jobs: OP_ITEM: ${{ secrets.OP_ITEM }} - name: Run PHPCS - # if: steps.changed-files.outputs.phpcs == 'true' + if: steps.changed-files.outputs.phpcs == 'true' run: | composer phpcs From 4454b8adb3bd0f987a5f025309585966bad3555d Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 17:01:51 -0600 Subject: [PATCH 044/130] update phpstan action. --- .github/workflows/static-analysis.yml | 43 ++++----------------------- 1 file changed, 5 insertions(+), 38 deletions(-) diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index c17c1da8..995ede94 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -25,46 +25,13 @@ jobs: - added|modified: 'wp-content/mu-plugins/**/*.php' - added|modified: 'phpstan.neon.dist' - - name: Configure PHP environment - if: steps.changed-files.outputs.phpstan == 'true' - uses: shivammathur/setup-php@v2 - with: - php-version: '8.2' - extensions: mbstring, intl - coverage: none - tools: composer:2 - - - name: Get Composer Cache Directory - id: composer-cache - if: steps.changed-files.outputs.phpstan == 'true' - run: | - echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - - - uses: actions/cache@v4 - if: steps.changed-files.outputs.phpstan == 'true' + - name: Composer Install + if: steps.changed-files.outputs.phpcs == 'true' + uses: ./.github/actions/composer-install with: - path: ${{ steps.composer-cache.outputs.dir }} - key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} - restore-keys: | - ${{ runner.os }}-composer- - - - name: Install 1Password CLI - if: steps.changed-files.outputs.phpstan == 'true' - uses: 1password/install-cli-action@v1 - - - name: Create auth.json via 1Password CLI - if: steps.changed-files.outputs.phpstan == 'true' - env: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json - - - name: Install Composer - if: steps.changed-files.outputs.phpstan == 'true' - run: | - composer install --ignore-platform-reqs --optimize-autoloader --no-progress - rm auth.json + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} - name: Run PHPStan static analysis if: steps.changed-files.outputs.phpstan == 'true' From 00b36f45da9714291282378e84f033607d865c4e Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 17:04:05 -0600 Subject: [PATCH 045/130] temp disable check --- .github/workflows/static-analysis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index 995ede94..e994e5b7 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -26,7 +26,7 @@ jobs: - added|modified: 'phpstan.neon.dist' - name: Composer Install - if: steps.changed-files.outputs.phpcs == 'true' + # if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} @@ -34,5 +34,5 @@ jobs: OP_ITEM: ${{ secrets.OP_ITEM }} - name: Run PHPStan static analysis - if: steps.changed-files.outputs.phpstan == 'true' + # if: steps.changed-files.outputs.phpstan == 'true' run: composer phpstan From 05a25749bec346954cd50b3f460f53c847383b77 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 17:09:30 -0600 Subject: [PATCH 046/130] temp disable check --- .github/workflows/code-quality.yml | 4 ++++ .github/workflows/static-analysis.yml | 12 ++++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index dc19f018..f3d2ded9 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -28,6 +28,10 @@ jobs: name: 'Static Analysis' needs: [coding-standards, linting] uses: ./.github/workflows/static-analysis.yml + secrets: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} # Enable this job if you have PHPUnit tests # slic: diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index e994e5b7..ecf10680 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -2,6 +2,14 @@ name: Static Analysis on: workflow_call: + secrets: + OP_SERVICE_ACCOUNT_TOKEN: + required: true + description: 1Password Service Account Token to use for populating composer auth.json + OP_VAULT: + description: 1Password vault to use for populating composer auth.json + OP_ITEM: + description: 1Password item to use for populating composer auth.json jobs: phpstsan: @@ -26,7 +34,7 @@ jobs: - added|modified: 'phpstan.neon.dist' - name: Composer Install - # if: steps.changed-files.outputs.phpcs == 'true' + if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} @@ -34,5 +42,5 @@ jobs: OP_ITEM: ${{ secrets.OP_ITEM }} - name: Run PHPStan static analysis - # if: steps.changed-files.outputs.phpstan == 'true' + if: steps.changed-files.outputs.phpstan == 'true' run: composer phpstan From 1e3dfb9fc788cb913d946b1d6fc9d209b38bb687 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 17:09:52 -0600 Subject: [PATCH 047/130] add secrets to inputs. --- .github/workflows/code-quality.yml | 4 ++++ .github/workflows/php-tests.yml | 14 ++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index f3d2ded9..15365099 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -38,3 +38,7 @@ jobs: # name: 'PHP Tests' # needs: [coding-standards, phpstan, linting] # uses: ./.github/workflows/php-tests.yml +# secrets: +# OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} +# OP_VAULT: ${{ secrets.OP_VAULT }} +# OP_ITEM: ${{ secrets.OP_ITEM }} diff --git a/.github/workflows/php-tests.yml b/.github/workflows/php-tests.yml index ed4f68ab..dfaae65a 100644 --- a/.github/workflows/php-tests.yml +++ b/.github/workflows/php-tests.yml @@ -2,6 +2,14 @@ name: 'PHP Tests' on: workflow_call: + secrets: + OP_SERVICE_ACCOUNT_TOKEN: + required: true + description: 1Password Service Account Token to use for populating composer auth.json + OP_VAULT: + description: 1Password vault to use for populating composer auth.json + OP_ITEM: + description: 1Password item to use for populating composer auth.json jobs: test: @@ -100,6 +108,12 @@ jobs: if: steps.changed-files.outputs.tests == 'true' uses: 1password/install-cli-action@v1 + - name: Set env vars for 1Password CLI + if: steps.changed-files.outputs.tests == 'true' + run: | + echo "OP_VAULT=${{ secrets.OP_VAULT || 'Engineering' }}" >> $GITHUB_ENV + echo "OP_ITEM=${{ secrets.OP_ITEM || 'MT-Composer-Auth' }}" >> $GITHUB_ENV + - name: Create auth.json via 1Password CLI if: steps.changed-files.outputs.tests == 'true' env: From c3d1c904ae115fc023d9b9944d4f8ff3dcc377b5 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 20 Nov 2024 17:13:11 -0600 Subject: [PATCH 048/130] Skip linting check for root files. It's not necessary. --- .github/workflows/linting.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 05918eca..f938e860 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -21,7 +21,6 @@ jobs: - added|modified: 'wp-content/plugins/core/**/*.{pcss,json,js}' - added|modified: 'wp-content/themes/core/**/*.{pcss,json,js}' - added|modified: 'wp-content/mu-plugins/**/*.{pcss,json,js}' - - added|modified: '*.{json,js}' - name: Set up node if: steps.changed-files.outputs.linting == 'true' From a23ee05c88c8669094ca7ff1765e2dbe20ac8618 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Thu, 21 Nov 2024 10:52:31 -0600 Subject: [PATCH 049/130] Adjust changed files check for linting task. --- .github/workflows/linting.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index f938e860..01365f68 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -21,6 +21,7 @@ jobs: - added|modified: 'wp-content/plugins/core/**/*.{pcss,json,js}' - added|modified: 'wp-content/themes/core/**/*.{pcss,json,js}' - added|modified: 'wp-content/mu-plugins/**/*.{pcss,json,js}' + - added|modified: './*.{json,js}' - name: Set up node if: steps.changed-files.outputs.linting == 'true' From a829dd2403e29d46a287b26e8215fe74a587237a Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Thu, 21 Nov 2024 11:11:30 -0600 Subject: [PATCH 050/130] Formatting. --- dev/templates/package.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/dev/templates/package.json b/dev/templates/package.json index 1c7422ed..2aca522f 100644 --- a/dev/templates/package.json +++ b/dev/templates/package.json @@ -1,7 +1,7 @@ { - "name": "tribe-block-templates", - "version": "1.0.0", - "description": "Custom block templates for the WP create-block script to use", + "name": "tribe-block-templates", + "version": "1.0.0", + "description": "Custom block templates for the WP create-block script to use", "author": "Modern Tribe ", "license": "GPL-2.0-or-later", "keywords": [], @@ -11,7 +11,7 @@ "email": "admin@tri.be" }, "main": "index.js", - "scripts": { - "test": "echo \"Error: no test specified\" && exit 1" - } + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + } } From 56b3a6e22c853b8989d07e6f71659c42b0e113d7 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Thu, 21 Nov 2024 11:16:20 -0600 Subject: [PATCH 051/130] Add a composer command shortcut to create the auth.json file via 1Pass CLI --- composer.json | 2 ++ 1 file changed, 2 insertions(+) diff --git a/composer.json b/composer.json index 6c3dcc43..dd560645 100644 --- a/composer.json +++ b/composer.json @@ -21,6 +21,7 @@ "minimum-stability": "dev", "prefer-stable": true, "scripts": { + "create-auth": "op inject -i auth.template.json -o auth.json", "phpcbf": "./vendor/bin/phpcbf -s", "phpcs": "./vendor/bin/phpcs", "phpstan": "./vendor/bin/phpstan analyse --memory-limit=-1", @@ -39,6 +40,7 @@ ] }, "scripts-descriptions": { + "create-auth": "Create or update the auth.json file for Composer via 1Password CLI.", "phpcs": "Run PHPCS on the project.", "phpcbf": "Run PHPCBF on the project.", "phpstan": "Run PHPStan on the project.", From 6a2287ab56fd48fb0432ac1892a33152627b909e Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Thu, 21 Nov 2024 11:16:39 -0600 Subject: [PATCH 052/130] Remove unnecessary bash script for creating auth.json. --- dev/scripts/create-auth-json.sh | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100755 dev/scripts/create-auth-json.sh diff --git a/dev/scripts/create-auth-json.sh b/dev/scripts/create-auth-json.sh deleted file mode 100755 index 93930bed..00000000 --- a/dev/scripts/create-auth-json.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -# Create auth.json file for Composer using the 1Password CLI - -# Check if 1Password CLI is installed -if ! command -v op > /dev/null 2>&1; then - echo >&2 "It appears that the 1Password CLI is not installed. Skipping."; - exit 0; -fi - -# Exit if there is an existing auth.json file -if [ -f auth.json ]; then - echo >&2 "auth.json already exists. Skipping."; - exit 0; -fi - -# Create auth.json file using 1Password CLI -echo "Creating auth.json file for Composer using 1Password CLI..."; -op inject -i auth.template.json -o auth.json - -exit 0; From 2b9f53e0dbb9f2d192ed8f3d7ab6e83ce194fc7c Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Mon, 2 Dec 2024 14:52:38 -0600 Subject: [PATCH 053/130] Reorg composer commands. --- composer.json | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/composer.json b/composer.json index 11bec603..639be812 100644 --- a/composer.json +++ b/composer.json @@ -22,30 +22,33 @@ "prefer-stable": true, "scripts": { "create-auth": "op inject -i auth.template.json -o auth.json", - "phpcbf": "./vendor/bin/phpcbf -s", - "phpcs": "./vendor/bin/phpcs", - "phpstan": "./vendor/bin/phpstan analyse --memory-limit=-1", "copy-local-configs": [ "@php -r \"file_exists('local-config.php') || copy('local-config-sample.php', 'local-config.php');\"", "@php -r \"file_exists('local-config.json') || copy('local-config-sample.json', 'local-config.json');\"" ], - "install-wordpress": "./vendor/bin/wp core download --version=6.7 --skip-content --force", + "install-wordpress": "./vendor/bin/wp core download --version=6.7.1 --skip-content --force", + "phpcbf": "./vendor/bin/phpcbf -s", + "phpcs": "./vendor/bin/phpcs", + "phpstan": "./vendor/bin/phpstan analyse --memory-limit=-1", "update-db": "./vendor/bin/wp core update-db", - "post-install-cmd": [ + "post-root-package-install": [ "@copy-local-configs", "@install-wordpress" ], + "post-install-cmd": [ + "@install-wordpress" + ], "post-update-cmd": [ "@install-wordpress" ] }, "scripts-descriptions": { "create-auth": "Create or update the auth.json file for Composer via 1Password CLI.", + "copy-local-configs": "Copies the local-config.php and local-config.json files.", + "install-wordpress": "Runs the wpcli command to download and install core WordPress. To change the WordPress version, update the --version value.", "phpcs": "Run PHPCS on the project.", "phpcbf": "Run PHPCBF on the project.", "phpstan": "Run PHPStan on the project.", - "copy-local-configs": "Copies the local-config.php and local-config.json files.", - "install-wordpress": "Runs the wpcli command to download and install core WordPress. To change the WordPress version, update the --version value.", "update-db": "Runs the wpcli command to update the WordPress database. This is sometimes required after a version update." }, "repositories": { From f5b4c8fb3663ce2426a5c99ff77fa076a9f1a4f5 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Mon, 2 Dec 2024 15:02:38 -0600 Subject: [PATCH 054/130] Fix a typo. --- .github/workflows/static-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index ecf10680..8722141f 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -34,7 +34,7 @@ jobs: - added|modified: 'phpstan.neon.dist' - name: Composer Install - if: steps.changed-files.outputs.phpcs == 'true' + if: steps.changed-files.outputs.phpstan == 'true' uses: ./.github/actions/composer-install with: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} From daf10e35d019a0445bfda11aec97986893c3d4a4 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Mon, 2 Dec 2024 15:05:31 -0600 Subject: [PATCH 055/130] Automatically run composer install after the first time lando services are started. --- .lando.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.lando.yml b/.lando.yml index cc00706a..70c3becf 100644 --- a/.lando.yml +++ b/.lando.yml @@ -9,6 +9,8 @@ config: memcached: true services: appserver: + run: + - composer install overrides: environment: - XDEBUG_TRIGGER=1 From 70d7dcd3ae6671292fcd9ec405caf4cd55275358 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Mon, 2 Dec 2024 15:14:57 -0600 Subject: [PATCH 056/130] Remove unused `post-root-package-install` commands. (We don't generally do `create project`). --- composer.json | 4 ---- 1 file changed, 4 deletions(-) diff --git a/composer.json b/composer.json index 639be812..145710ab 100644 --- a/composer.json +++ b/composer.json @@ -31,10 +31,6 @@ "phpcs": "./vendor/bin/phpcs", "phpstan": "./vendor/bin/phpstan analyse --memory-limit=-1", "update-db": "./vendor/bin/wp core update-db", - "post-root-package-install": [ - "@copy-local-configs", - "@install-wordpress" - ], "post-install-cmd": [ "@install-wordpress" ], From b3d54b75c96ee876381e38a438c9cde0ecb3cc3e Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Mon, 2 Dec 2024 15:15:29 -0600 Subject: [PATCH 057/130] Automatically generate local configs after composer install. --- .lando.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.lando.yml b/.lando.yml index 70c3becf..dc1737c7 100644 --- a/.lando.yml +++ b/.lando.yml @@ -11,6 +11,7 @@ services: appserver: run: - composer install + - composer run copy-local-configs overrides: environment: - XDEBUG_TRIGGER=1 From 227a4fefc342ccbdc7afc37bd5e5e490178c4cc5 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 11:54:53 -0600 Subject: [PATCH 058/130] Update composer install action to allow it to be run by deployment workflows: - Add optional build folder input that defaults to the GH workspace - Add composer install flags input to allow workflows to specify different combinations of flags depending on the context. - Give all action steps a name and wrap all named values in quotes (code clean up) --- .github/actions/composer-install/action.yml | 36 ++++++++++++++------- 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 08be03dc..4ad00283 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -1,56 +1,68 @@ name: Composer Install inputs: + BUILD_FOLDER: + description: 'Folder to run shell commands in. Defaults to ' + required: false + default: ${{ github.workspace }} + COMPOSER_INSTALL_FLAGS: + description: 'Flags to pass to the `composer install` command.' + required: true OP_SERVICE_ACCOUNT_TOKEN: required: true - description: 1Password service account token to use for populating composer auth.json + description: '1Password service account token to use for populating composer auth.json' OP_VAULT: + description: '1Password vault to use for populating composer auth.json' required: true - description: 1Password vault to use for populating composer auth.json OP_ITEM: + description: '1Password item to use for populating composer auth.json' required: true - description: 1Password item to use for populating composer auth.json runs: using: "composite" steps: - - name: Configure PHP environment + - name: 'Configure PHP environment' uses: shivammathur/setup-php@v2 with: - tools: composer:2 php-version: '8.2' - - name: Get Composer Cache Directory + - name: 'Get composer cache directory' + working-directory: ${{ inputs.BUILD_FOLDER }} id: composer-cache shell: bash run: | echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - - uses: actions/cache@v4 + - name: 'Cache composer dependencies' + uses: actions/cache@v4 with: path: ${{ steps.composer-cache.outputs.dir }} key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} restore-keys: | ${{ runner.os }}-composer- - - name: Install 1Password CLI + - name: 'Install 1Password CLI' uses: 1password/install-cli-action@v1 - - name: Set env vars for 1Password CLI + - name: 'Set env vars for 1Password CLI' + working-directory: ${{ inputs.BUILD_FOLDER }} shell: bash run: | echo "OP_VAULT=${{ inputs.OP_VAULT || 'Engineering' }}" >> $GITHUB_ENV echo "OP_ITEM=${{ inputs.OP_ITEM || 'MT-Composer-Auth' }}" >> $GITHUB_ENV - - name: Create auth.json via 1Password CLI + - name: 'Create auth.json via 1Password CLI' + working-directory: ${{ inputs.BUILD_FOLDER }} shell: bash env: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} run: | op user get --me op inject -i auth.template.json -o auth.json - - name: Install Composer + + - name: 'Install Composer' + working-directory: ${{ inputs.BUILD_FOLDER }} shell: bash run: | - composer install --ignore-platform-reqs --optimize-autoloader --no-progress + composer install ${{ inputs.COMPOSER_INSTALL_FLAGS }} rm auth.json From b7ed6329b3ef3e23a749d0c81b85f8c93bdeab9c Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 12:00:29 -0600 Subject: [PATCH 059/130] - Update code quality workflows to use new install flags input - Clean up all step names and values (code clean up). --- .github/workflows/phpcs.yml | 15 ++++++++------- .github/workflows/static-analysis.yml | 17 ++++++++--------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index ea64151b..d0bf57f5 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -5,21 +5,21 @@ on: secrets: OP_SERVICE_ACCOUNT_TOKEN: required: true - description: 1Password Service Account Token to use for populating composer auth.json + description: '1Password Service Account Token to use for populating composer auth.json' OP_VAULT: - description: 1Password vault to use for populating composer auth.json + description: '1Password vault to use for populating composer auth.json' OP_ITEM: - description: 1Password item to use for populating composer auth.json + description: '1Password item to use for populating composer auth.json' jobs: phpcs: name: phpcs runs-on: ubuntu-latest steps: - - name: Checkout + - name: 'Checkout' uses: actions/checkout@v4 - - name: Detect File Changes + - name: 'Detect file changes' uses: dorny/paths-filter@v3 id: changed-files with: @@ -31,15 +31,16 @@ jobs: - added|modified: 'wp-content/mu-plugins/**/*.php' - added|modified: 'phpcs.xml.dist' - - name: Composer Install + - name: 'Composer install' if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install with: + COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader' OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} - - name: Run PHPCS + - name: 'Run PHPCS' if: steps.changed-files.outputs.phpcs == 'true' run: | composer phpcs diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index 8722141f..89aa17fb 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -5,23 +5,21 @@ on: secrets: OP_SERVICE_ACCOUNT_TOKEN: required: true - description: 1Password Service Account Token to use for populating composer auth.json + description: '1Password Service Account Token to use for populating composer auth.json' OP_VAULT: - description: 1Password vault to use for populating composer auth.json + description: '1Password vault to use for populating composer auth.json' OP_ITEM: - description: 1Password item to use for populating composer auth.json + description: '1Password item to use for populating composer auth.json' jobs: phpstsan: name: phpstan runs-on: ubuntu-latest steps: - - name: Checkout + - name: 'Checkout' uses: actions/checkout@v4 - with: - fetch-depth: 1 - - name: Detect File Changes + - name: 'Detect file changes' uses: dorny/paths-filter@v3 id: changed-files with: @@ -33,14 +31,15 @@ jobs: - added|modified: 'wp-content/mu-plugins/**/*.php' - added|modified: 'phpstan.neon.dist' - - name: Composer Install + - name: 'Composer install' if: steps.changed-files.outputs.phpstan == 'true' uses: ./.github/actions/composer-install with: + COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader' OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} - - name: Run PHPStan static analysis + - name: 'Run PHPStan static analysis' if: steps.changed-files.outputs.phpstan == 'true' run: composer phpstan From 7b3ccb428cc6a9eba353630e4e38848f183daf07 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 12:01:22 -0600 Subject: [PATCH 060/130] - Update deployment workflows to use composite composer-install action. --- .github/workflows/deploy-dev.yml | 35 +++++++----------------------- .github/workflows/deploy-prod.yml | 34 +++++++---------------------- .github/workflows/deploy-stage.yml | 34 +++++++---------------------- 3 files changed, 24 insertions(+), 79 deletions(-) diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index 7ea23181..4c648f2b 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -14,16 +14,6 @@ jobs: DEPLOY_REPO: ${{ secrets.DEV_DEPLOY_REPO }} steps: - - ########## - ### BUILD: General SquareOne build steps - - name: Setup PHP, with composer and extensions - uses: shivammathur/setup-php@v2 #https://github.com/shivammathur/setup-php - with: - php-version: '8.2' - env: - COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # Get Build Repository - name: Check out build branch uses: actions/checkout@v4 @@ -31,24 +21,15 @@ jobs: path: ${{ env.BUILD_FOLDER }} ref: ${{github.ref}} - - name: Get composer cache directory - id: composer-cache - run: echo "::set-output name=dir::$(composer config cache-files-dir)" - - - name: Cache composer dependencies - uses: actions/cache@v4 + # Composer install + - name: 'Composer install' + uses: ./.github/actions/composer-install with: - path: ${{ steps.composer-cache.outputs.dir }} - key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} - restore-keys: ${{ runner.os }}-composer- - - # Install composer: Add env for plugin keys, composer install, and cleanup - - name: Install composer dependencies - working-directory: ${{ env.BUILD_FOLDER }} - run: | - echo '${{ secrets.COMPOSER_AUTH_JSON }}' > auth.json - composer install --optimize-autoloader --ignore-platform-reqs --no-dev - rm auth.json + BUILD_FOLDER: ${{ env.BUILD_FOLDER }} + COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader --no-dev' + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} # Set up node version - name: Set up node diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index 247f6002..ec5d3e50 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -17,15 +17,6 @@ jobs: steps: - ########## - ### BUILD: General SquareOne build steps - - name: Setup PHP, with composer and extensions - uses: shivammathur/setup-php@v2 #https://github.com/shivammathur/setup-php - with: - php-version: '8.2' - env: - COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # Get Build Repository - name: Check out build branch uses: actions/checkout@v4 @@ -33,24 +24,15 @@ jobs: path: ${{ env.BUILD_FOLDER }} ref: ${{github.ref}} - - name: Get composer cache directory - id: composer-cache - run: echo "::set-output name=dir::$(composer config cache-files-dir)" - - - name: Cache composer dependencies - uses: actions/cache@v4 + # Composer install + - name: 'Composer install' + uses: ./.github/actions/composer-install with: - path: ${{ steps.composer-cache.outputs.dir }} - key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} - restore-keys: ${{ runner.os }}-composer- - - # Install composer: Add env for plugin keys, composer install, and cleanup - - name: Install composer dependencies - working-directory: ${{ env.BUILD_FOLDER }} - run: | - echo '${{ secrets.COMPOSER_AUTH_JSON }}' > auth.json - composer install --optimize-autoloader --ignore-platform-reqs --no-dev - rm auth.json + BUILD_FOLDER: ${{ env.BUILD_FOLDER }} + COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader --no-dev' + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} # Set up node version - name: Set up node diff --git a/.github/workflows/deploy-stage.yml b/.github/workflows/deploy-stage.yml index 3cd544c5..2134fa7e 100644 --- a/.github/workflows/deploy-stage.yml +++ b/.github/workflows/deploy-stage.yml @@ -18,15 +18,6 @@ jobs: steps: - ########## - ### BUILD: General SquareOne build steps - - name: Setup PHP, with composer and extensions - uses: shivammathur/setup-php@v2 #https://github.com/shivammathur/setup-php - with: - php-version: '8.2' - env: - COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # Get Build Repository - name: Check out build branch uses: actions/checkout@v4 @@ -34,24 +25,15 @@ jobs: path: ${{ env.BUILD_FOLDER }} ref: ${{github.ref}} - - name: Get composer cache directory - id: composer-cache - run: echo "::set-output name=dir::$(composer config cache-files-dir)" - - - name: Cache composer dependencies - uses: actions/cache@v4 + # Composer install + - name: 'Composer install' + uses: ./.github/actions/composer-install with: - path: ${{ steps.composer-cache.outputs.dir }} - key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} - restore-keys: ${{ runner.os }}-composer- - - # Install composer: Add env for plugin keys, composer install, and cleanup - - name: Install composer dependencies - working-directory: ${{ env.BUILD_FOLDER }} - run: | - echo '${{ secrets.COMPOSER_AUTH_JSON }}' > auth.json - composer install --optimize-autoloader --ignore-platform-reqs --no-dev - rm auth.json + BUILD_FOLDER: ${{ env.BUILD_FOLDER }} + COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader --no-dev' + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} # Set up node version - name: Set up node From c5c3ab14e44218cb947b6c6f1a78cca0649119b2 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 13:15:43 -0600 Subject: [PATCH 061/130] - Remove default values for OP_VAULT & OP_ITEM. This simplifies things and makes them "required" on each project. - Eliminate the 1Pass current user info as we don't need to leak that during action runs. --- .github/actions/composer-install/action.yml | 13 +++---------- .github/workflows/php-tests.yml | 12 +++--------- 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 4ad00283..2307d750 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -44,21 +44,14 @@ runs: - name: 'Install 1Password CLI' uses: 1password/install-cli-action@v1 - - name: 'Set env vars for 1Password CLI' - working-directory: ${{ inputs.BUILD_FOLDER }} - shell: bash - run: | - echo "OP_VAULT=${{ inputs.OP_VAULT || 'Engineering' }}" >> $GITHUB_ENV - echo "OP_ITEM=${{ inputs.OP_ITEM || 'MT-Composer-Auth' }}" >> $GITHUB_ENV - - name: 'Create auth.json via 1Password CLI' working-directory: ${{ inputs.BUILD_FOLDER }} shell: bash env: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json + OP_VAULT: ${{ inputs.OP_VAULT }} + OP_ITEM: ${{ inputs.OP_ITEM }} + run: op inject -i auth.template.json -o auth.json - name: 'Install Composer' working-directory: ${{ inputs.BUILD_FOLDER }} diff --git a/.github/workflows/php-tests.yml b/.github/workflows/php-tests.yml index dfaae65a..a478ea34 100644 --- a/.github/workflows/php-tests.yml +++ b/.github/workflows/php-tests.yml @@ -108,19 +108,13 @@ jobs: if: steps.changed-files.outputs.tests == 'true' uses: 1password/install-cli-action@v1 - - name: Set env vars for 1Password CLI - if: steps.changed-files.outputs.tests == 'true' - run: | - echo "OP_VAULT=${{ secrets.OP_VAULT || 'Engineering' }}" >> $GITHUB_ENV - echo "OP_ITEM=${{ secrets.OP_ITEM || 'MT-Composer-Auth' }}" >> $GITHUB_ENV - - name: Create auth.json via 1Password CLI if: steps.changed-files.outputs.tests == 'true' env: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} + run: op inject -i auth.template.json -o auth.json - name: Set up site for CI if: steps.changed-files.outputs.tests == 'true' From 3e60c875b1d8e0ee4f5fe98d790f75408f011dd9 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 13:17:04 -0600 Subject: [PATCH 062/130] - Update dokku actions to use 1Pass CLI integration for auth.json creation. --- .github/workflows/dokku-dev.yml | 4 +++- .github/workflows/dokku-review-app.yml | 4 +++- .github/workflows/pipeline-dokku.yml | 21 +++++++++++++++++---- 3 files changed, 23 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dokku-dev.yml b/.github/workflows/dokku-dev.yml index f368ed2d..e476d1a4 100644 --- a/.github/workflows/dokku-dev.yml +++ b/.github/workflows/dokku-dev.yml @@ -19,4 +19,6 @@ jobs: github_pat_token: ${{ secrets.GH_BOT_TOKEN }} ssh_private_key: ${{ secrets.DOKKU_DEPLOY_KEY }} slack_webhook: ${{ secrets.SLACK_WEBHOOK }} - composer_auth_json: ${{ secrets.COMPOSER_AUTH_JSON }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} diff --git a/.github/workflows/dokku-review-app.yml b/.github/workflows/dokku-review-app.yml index 9ff4a872..1bc0889b 100644 --- a/.github/workflows/dokku-review-app.yml +++ b/.github/workflows/dokku-review-app.yml @@ -34,7 +34,9 @@ jobs: github_pat_token: ${{ secrets.GH_BOT_TOKEN }} ssh_private_key: ${{ secrets.DOKKU_DEPLOY_KEY }} slack_webhook: ${{ secrets.SLACK_WEBHOOK }} - composer_auth_json: ${{ secrets.COMPOSER_AUTH_JSON }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} destroy_review_app: if: (github.event_name == 'pull_request' && github.event.action == 'closed') && contains(github.event.pull_request.labels.*.name, 'Launch Environment') diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index c6aa9839..efb7f63d 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -30,7 +30,14 @@ on: required: true slack_webhook: required: true - composer_auth_json: + OP_SERVICE_ACCOUNT_TOKEN: + required: true + description: '1Password service account token to use for populating composer auth.json' + OP_VAULT: + description: '1Password vault to use for populating composer auth.json' + required: true + OP_ITEM: + description: '1Password item to use for populating composer auth.json' required: true jobs: @@ -73,9 +80,15 @@ jobs: - name: NPM Build run: npm run dist - - name: Composer Auth Setup - run: | - echo '${{ secrets.composer_auth_json }}' > auth.json + - name: 'Install 1Password CLI' + uses: 1password/install-cli-action@v1 + + - name: 'Create auth.json via 1Password CLI' + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} + run: op inject -i auth.template.json -o auth.json - name: Commit Files uses: moderntribe/actions/utils/commit-files@v1 From ee50347f33832a35fb8b8437b11244d9547f029f Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 15:10:41 -0600 Subject: [PATCH 063/130] Remove sample auth.json file. --- auth-sample.json | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 auth-sample.json diff --git a/auth-sample.json b/auth-sample.json deleted file mode 100644 index 5a9f39cd..00000000 --- a/auth-sample.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "http-basic": { - "connect.advancedcustomfields.com": { - "username": "ACF License Key", - "password": "https://moose.lando.site" - }, - "composer.gravity.io": { - "username": "GF License Key", - "password": "https://moose.lndo.site" - } - } -} From 7a2f048701692cb9fee426cc67731ac35851b228 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 15:10:52 -0600 Subject: [PATCH 064/130] Fix an typo. --- .github/actions/composer-install/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 2307d750..9a80288b 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -2,7 +2,7 @@ name: Composer Install inputs: BUILD_FOLDER: - description: 'Folder to run shell commands in. Defaults to ' + description: 'Folder to run shell commands in.' required: false default: ${{ github.workspace }} COMPOSER_INSTALL_FLAGS: From 22db53b2027a4b07cdd9ff4b124fe63ecc8de942 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 15:15:45 -0600 Subject: [PATCH 065/130] Set a default for composer install flags and remove the defaults from deploy actions. --- .github/actions/composer-install/action.yml | 3 ++- .github/workflows/deploy-dev.yml | 1 - .github/workflows/deploy-prod.yml | 1 - .github/workflows/deploy-stage.yml | 1 - 4 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 9a80288b..22e7d8b5 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -7,7 +7,8 @@ inputs: default: ${{ github.workspace }} COMPOSER_INSTALL_FLAGS: description: 'Flags to pass to the `composer install` command.' - required: true + required: false + default: '--optimize-autoloader --no-dev' OP_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password service account token to use for populating composer auth.json' diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index 4c648f2b..82564944 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -26,7 +26,6 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader --no-dev' OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index ec5d3e50..0c09b2c8 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -29,7 +29,6 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader --no-dev' OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} diff --git a/.github/workflows/deploy-stage.yml b/.github/workflows/deploy-stage.yml index 2134fa7e..436e7661 100644 --- a/.github/workflows/deploy-stage.yml +++ b/.github/workflows/deploy-stage.yml @@ -30,7 +30,6 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader --no-dev' OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} From f4bc31a8cb53c156a44374032bda8ac901ae4d24 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 15:16:04 -0600 Subject: [PATCH 066/130] Remove the platform ignore flag. --- .github/workflows/php-tests.yml | 2 +- .github/workflows/phpcs.yml | 2 +- .github/workflows/static-analysis.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/php-tests.yml b/.github/workflows/php-tests.yml index a478ea34..79695e1f 100644 --- a/.github/workflows/php-tests.yml +++ b/.github/workflows/php-tests.yml @@ -120,7 +120,7 @@ jobs: if: steps.changed-files.outputs.tests == 'true' run: | ${SLIC_BIN} use site - ${SLIC_BIN} composer install --ignore-platform-reqs --optimize-autoloader --no-progress + ${SLIC_BIN} composer install --optimize-autoloader --no-progress ${SLIC_BIN} rm auth.json - name: Run suite tests diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index d0bf57f5..c2114ef0 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -35,7 +35,7 @@ jobs: if: steps.changed-files.outputs.phpcs == 'true' uses: ./.github/actions/composer-install with: - COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader' + COMPOSER_INSTALL_FLAGS: '--optimize-autoloader' OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index 89aa17fb..1dfc09d7 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -35,7 +35,7 @@ jobs: if: steps.changed-files.outputs.phpstan == 'true' uses: ./.github/actions/composer-install with: - COMPOSER_INSTALL_FLAGS: '--ignore-platform-reqs --optimize-autoloader' + COMPOSER_INSTALL_FLAGS: '--optimize-autoloader' OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} From 088a9a61b833cd6c4c0752568c44dc59661c21b7 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 15:16:22 -0600 Subject: [PATCH 067/130] Bump PHP version to march composer platform req. --- .github/actions/composer-install/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 22e7d8b5..4548d91c 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -25,7 +25,7 @@ runs: - name: 'Configure PHP environment' uses: shivammathur/setup-php@v2 with: - php-version: '8.2' + php-version: '8.3' - name: 'Get composer cache directory' working-directory: ${{ inputs.BUILD_FOLDER }} From 45d48e43360dfbca501bb8bc06598b5e6b698837 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 15:28:44 -0600 Subject: [PATCH 068/130] Quick change to test dokku deployment. --- .github/actions/composer-install/action.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 4548d91c..e8920a54 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -52,7 +52,9 @@ runs: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ inputs.OP_VAULT }} OP_ITEM: ${{ inputs.OP_ITEM }} - run: op inject -i auth.template.json -o auth.json + run: | + op user get --me + op inject -i auth.template.json -o auth.json - name: 'Install Composer' working-directory: ${{ inputs.BUILD_FOLDER }} From 7394865d42f19c9a3cb97dbe557be42658d20a9f Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 3 Dec 2024 15:43:50 -0600 Subject: [PATCH 069/130] Reset op action command. --- .github/actions/composer-install/action.yml | 4 +--- .github/workflows/pipeline-dokku.yml | 1 - 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index e8920a54..4548d91c 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -52,9 +52,7 @@ runs: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ inputs.OP_VAULT }} OP_ITEM: ${{ inputs.OP_ITEM }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json + run: op inject -i auth.template.json -o auth.json - name: 'Install Composer' working-directory: ${{ inputs.BUILD_FOLDER }} diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index efb7f63d..819b24f7 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -118,4 +118,3 @@ jobs: app_url: "${{ steps.define_app.outputs.deploy_app }}.${{ inputs.server }}" gha_url: ${{ env.GHA_URL }} status: ${{ job.status }} - From 040022635812896d19102dce6ea70d315d2cf0cb Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 6 Dec 2024 15:36:20 -0600 Subject: [PATCH 070/130] Work on updated README.md --- README.md | 57 ++++++++++++++++++++++++++++++------------------------- 1 file changed, 31 insertions(+), 26 deletions(-) diff --git a/README.md b/README.md index b121b9ec..db868803 100644 --- a/README.md +++ b/README.md @@ -1,41 +1,46 @@ # Moose ## Requirements +* +* [Git](https://git-scm.com/) +* [Composer](https://getcomposer.org/) +* [Node & NPM](https://nodejs.org/) + * [NVM](https://github.com/nvm-sh/nvm) is recommended for managing multiple versions of node on the same workstation. +* [Lando](https://lando.dev/) (Optional) Provides a consistent local development environment for all team members. +* [1Password CLI](https://developer.1password.com/docs/cli/) (Optional) Automates the creation of composer's `auth.json` +file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity Forms can be installed via composer. + +> [!TIP] +> This starter is designed to allow developers the freedom to use any local development tooling that works best for +> them. The following instructions assume the use of Lando, but any local development platform should work as long as it +> provides a basic LAMP or LEMP stack and uses the correct version of PHP as defined in `composer.json`. -* Git -* Composer -* Node v16.13.1 or higher & NPM v8.1.2 or higher -* NVM is recommended for managing multiple versions of node on the same workstation. - -## Local Development - -One of the goals of this starter is to allow developers to use whatever local development platform that works best for them. There are some details below for Lando and Local by Flywheel. If you are using a different environment, feel free to add it. - -### Lando - -You can use [Lando](https://lando.dev/download/) to for your local development. When starting a new project, change the name value in the `.lando.yml` file to the name of the project. Then run `lando start` to build the environment. The `local-config.php` is setup to support lando out of the box. Once the lando is running, you can follow the BE Setup instructions for the composer commands to finish the setup. When running composer commands make sure to run `lando composer [command]` in order to run composer in the container. - -### Local by Flywheel +## Getting Started -It is recommended to create a blank blueprint in Local by Flywheel in order to make it easier to startup a project. Select the blank blueprint, clone in the repository to the public folder and then follow the BE Setup instructions for getting started. Make sure to use the Open Site Shell option to run composer commands allowing you to have the right PHP version in your shell path. +1. Clone the repository +2. Run `composer create-auth` to create the `auth.json` file. (Assumes you are using the 1Password CLI.) +3. Run `lando start` to create the local environment. +4. Run `nvm use` to ensure the correct version of node is in use. +5. Run `npm install` to install the required npm dependencies. +6. Run `npm run dist` to build the theme assets. -## Getting Started +That should be it! After Lando starts the first time, it should automatically trigger a composer install and create the +necessary local config files for the project. -### BE Setup +## Composer +TBD: Outline deps management, updating WP, scripts, etc. ... For WordPress updates, you can change the `--version=` value in the `setup-wordpress` composer script. -Run `composer run setup-project` to copy the `auth.json`, and `local-config` files over. Once that has completed, update the `auth.json` to include the [ACF License for the username](https://www.advancedcustomfields.com/resources/installing-acf-pro-with-composer/) and the site url (`https://moose.lndo.site`) in the password section. Once the keys are up to date, run `composer install` to pull in the required libraries. Then run `composer setup-wordpress` to install WordPress using WP Cli. Depending on your local environment you may need to update your `local-config.php` for the local environment you are working in. +## Lando Updates +TBD: outline lando commands, db management, etc. -``` bash -composer setup-project -# ... update auth.json file if you need ACF Pro -composer install -composer setup-wordpress -``` +## 1Password CLI +TBD: outline 1Password CLI integration -For WordPress updates, you can change the `--version=` value in the `setup-wordpress` composer script. +## GH Actions +TBD: Outline GH Actions ### Front End Dev - +RBD: Update this to latest. 1. Duplicate the `local-config-sample.json` file into a git-ignored `local-config.json` and update the certsPath and host entries to match your local dev set up. 1. In the root of the project, run `nvm use` to confirm the correct version of node is in-use. 1. Run `npm install` to install the required dependencies. From 355a7008ec781750229134869ad60e3d413f1543 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 09:54:38 -0600 Subject: [PATCH 071/130] Update docs for NPM scripts, etc. --- README.md | 26 +------------------------- docs/npm.md | 41 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 25 deletions(-) create mode 100644 docs/npm.md diff --git a/README.md b/README.md index db868803..1d62b5ff 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ # Moose ## Requirements -* * [Git](https://git-scm.com/) * [Composer](https://getcomposer.org/) * [Node & NPM](https://nodejs.org/) @@ -39,30 +38,6 @@ TBD: outline 1Password CLI integration ## GH Actions TBD: Outline GH Actions -### Front End Dev -RBD: Update this to latest. -1. Duplicate the `local-config-sample.json` file into a git-ignored `local-config.json` and update the certsPath and host entries to match your local dev set up. -1. In the root of the project, run `nvm use` to confirm the correct version of node is in-use. -1. Run `npm install` to install the required dependencies. -1. Run `npm run dev` to start the webpack watch & browsersync tasks. - -### Front End Scripts - -* `npm run dist`: Builds production versions of all assets. -* `npm run dev`: Builds dev assets and starts an instance of browsersync to handle live-reload for changes. -* `npm run create-block`: Starts an interactive shell script to generate a new block per WordPress's [Create Block script](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-create-block/) and the theme config. -* `npm run format`: Runs Prettier on all theme assets (css, scss, js, & json files). -* `npm run lint`: Prettifies, lints (and fixes) theme & root assets (css, scss, js, & json files). Also see the sub-tasks for specific file types. -* `npm run server_dist`: Alias for the `dist` task. - -These scripts are based on WordPress's [WP-Scripts](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-scripts/) package. See the documentation there for additional information. - -There are also several additional scripts aliased directly from wp-scripts that may be useful: - -* `packages-check` -* `check-engines` -* `check-licenses` - ## Testing A test suite is ready to use utilizing [Slic](https://github.com/stellarwp/slic). You can follow the instructions on the Slic readme to configure testing locally. Slic utilizes [WP-Browser](https://wpbrowser.wptestkit.dev/) and [Codeception](https://codeception.com/) to run tests in a docker container allowing us to use all the generate commands those libraries have to offer. @@ -77,6 +52,7 @@ We use GitHub Action as a CI for deployments, testing and many other features. ## Additional Documentation Specific features and functionality may have additional documentation in the [./docs](./docs) folder. +* [NPM Scripts & Building Assets](./docs/npm.md) * [GitHub Actions](./docs/actions.md) * [Create Block Script Templates](./docs/block-templates.md) * [Create WP Controls Script](./docs/wp-controls-templates.md) diff --git a/docs/npm.md b/docs/npm.md new file mode 100644 index 00000000..f24c1599 --- /dev/null +++ b/docs/npm.md @@ -0,0 +1,41 @@ +# NPM Scripts & Building Assets + +These scripts are based on WordPress's [WP-Scripts](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-scripts/) package. See the documentation there for more information. + +## Building Assets + +To build the theme assets for your local development environment, the following steps are sufficient: + +1. In the root of the project, run `nvm use` to confirm the correct version of node is in-use. +1. Run `npm install` to install the required dependencies. +1. Run `npm run dist` to build the production assets + +## Using Browsersync for Local Dev + +To handle live-reload for changes, Moose utilizes Browsersync to watch for asset file changes and reload the browser. +In addition, Browsersync can be configured via a `local-config.json` file to proxy your local environment's +SSL configuration to allow live-reloading from a specific local project URL rather than localhost. To use Browsersync +for local development follow the steps below: + +1. Duplicate the `local-config-sample.json` file into a git-ignored `local-config.json` and update the `certsPath`, +`certName` and `host` values to match your local dev set up. Examples are provided for Lando and LocalWP. +1. In the root of the project, run `nvm use` to confirm the correct version of node is in-use. +1. Run `npm install` to install the required dependencies. +1. Run `npm run dev` to start the webpack watch & browsersync tasks. + +## NPM Scripts + +* `npm run dist`: Builds production versions of all assets. +* `npm run build`: Builds non-production versions of all assets. +* `npm run dev`: Builds dev assets and starts an instance of browsersync to handle live-reload for changes. +* `npm run format`: Runs Prettier on all theme assets (css, scss, js, & json files). +* `npm run lint`: Prettifies, lints (and fixes) theme & root assets (css, scss, js, & json files). +* `npm run create-block`: Starts an interactive shell script to generate a new block per WordPress's + [Create Block script](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-create-block/) and the theme config. + +Several scripts have sub-tasks that can be run individually. Reference `package.json` for details. +Additionally, there are several scripts aliased directly from wp-scripts that may be useful: + +* `packages-check` +* `check-engines` +* `check-licenses` From bd673dfe34803cfdf7ecb3ab5822335ef7b97c9a Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 09:55:08 -0600 Subject: [PATCH 072/130] Update server:lint script name to conform with other scripts. --- .github/workflows/linting.yml | 2 +- package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 01365f68..48f4078c 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -37,4 +37,4 @@ jobs: - name: Check linting if: steps.changed-files.outputs.linting == 'true' - run: npm run server-lint + run: npm run lint:server diff --git a/package.json b/package.json index 7b921852..5107cf28 100644 --- a/package.json +++ b/package.json @@ -55,10 +55,10 @@ "lint:configs": "wp-scripts lint-js \"./*.js\"", "lint:configs:fix": "wp-scripts lint-js \"./*.js\" --fix", "lint:pkg-json": "wp-scripts lint-pkg-json \"./package.json\"", + "lint:server": "npm run lint:js && npm run lint:css && npm run lint:configs && npm run lint:pkg-json" "create-block": "cd \"$npm_package_config_coreThemeBlocksDir/tribe\" && npx @wordpress/create-block --no-plugin --namespace tribe --template $npm_package_config_coreBlockTemplatesDir", "packages-update": "wp-scripts packages-update", "check-engines": "wp-scripts check-engines", "check-licenses": "wp-scripts check-licenses", - "server-lint": "npm run lint:js && npm run lint:css && npm run lint:configs && npm run lint:pkg-json" } } From a51ae04410560808a726c1affccd68f71b66abca Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 10:19:33 -0600 Subject: [PATCH 073/130] Update GH Actions docs. --- README.md | 6 ++++-- docs/actions.md | 28 +++++++++++++++++++++++----- 2 files changed, 27 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 1d62b5ff..9abe80c8 100644 --- a/README.md +++ b/README.md @@ -35,8 +35,10 @@ TBD: outline lando commands, db management, etc. ## 1Password CLI TBD: outline 1Password CLI integration -## GH Actions -TBD: Outline GH Actions +## GitHub Actions + +We use GitHub Action as a CI for deployments, testing and many other features. Take a look at [./docs/actions.md](./docs/actions.md) +to learn more about each action. ## Testing diff --git a/docs/actions.md b/docs/actions.md index a58a9362..763a6ddc 100644 --- a/docs/actions.md +++ b/docs/actions.md @@ -1,21 +1,39 @@ # GitHub Actions -We use GitHub Actions for many automated tasks. Some actions run on push, some run when creating a release and others might only run when selecting them in the UI (workflow_dispatch). You can learn more about GitHub Actions through the documentation located at [docs.github.com/en/actions](https://docs.github.com/en/actions). All of these actions are a starting point for your project and you should be adjusting/adding/removing actions to best fit your project needs. +We use GitHub Actions for many automated tasks. Some actions run on push, some run when creating a release and others +might only run when selecting them in the UI (workflow_dispatch). You can learn more about GitHub Actions through the +documentation located at [docs.github.com/en/actions](https://docs.github.com/en/actions). All of these actions are a starting point for your project +and you should be adjusting/adding/removing actions to best fit your project needs. ## Deployments ### Dokku Deployment Workflows -The [Dokku](https://dokku.com/) deployments are for internal qa and development testing. These include the dokku-dev.yml, dokku-review-app.yml, and pipeline-dokku.yml workflows. To use these deployments you need to update the `app_name` from `moose-dev` to the unique name for your projects environment and setup the environment in our private dokku-ansible repo to accept the connection. +The [Dokku](https://dokku.com/) deployments are for internal qa and development testing. These include the dokku-dev.yml, +dokku-review-app.yml, and pipeline-dokku.yml workflows. To use these deployments you need to update the `app_name` +from `moose-dev` to the unique name for your projects environment and setup the environment in our private +dokku-ansible repo to accept the connection. ### Production Deployment Workflows -We have 3 deployment workflows to interface with whatever hosting environment is needed (deploy-dev.yml, deploy-stage.yml, deploy-prod.yml). You will need to update the `[DEV|STAGE|PROD]_DEPLOY_REPO`, `DEPLOY_PRIVATE_SSH_KEY`, and `COMPOSER_AUTH_JSON` secrets to use these deployments in your project. These are intended to be deploying to the hosting service where the site will live. Most hosting companies work with `git` making it the default push we currently use. +We have 3 deployment workflows to interface with whatever hosting environment is needed (deploy-dev.yml, +deploy-stage.yml, deploy-prod.yml). You will need to update the `[DEV|STAGE|PROD]_DEPLOY_REPO`, +`DEPLOY_PRIVATE_SSH_KEY`, and 1Password secrets (`OP_SERVICE_ACCOUNT_TOKEN`, `OP_VAULT`, `OP_ITEM`) to use these +deployments in your project. These are intended to be deploying to the hosting service where the site will live. Most +hosting companies work with `git` making it the default push we currently use. ## Static Analysis and Testing -There are a series of workflows that must pass in order to allow a pull request to be merged. These are highlighted in the `workflows.yml` file and include the coding standards, static analysis, linting, and the php test suite using [Slic](https://github.com/stellarwp/slic). +There are a series of workflows that must pass in order to allow a pull request to be merged. These are highlighted in +the `workflows.yml` file and include the coding standards, static analysis, linting, and the php test suite using +[Slic](https://github.com/stellarwp/slic). ## Lighthouse Testing -We are using the [Lighthouse CI](https://github.com/treosh/lighthouse-ci-action/tree/main) for testing list of production urls that we would like to run lighthouse tests on and stores the results as artifacts of the action. There are parameters that we set in the [lighthouserc.json](../.github/lighthouse/lighthouserc.json) file allowing us to set the minimum values for each of the lighthouse matrix. There are minimum values set as a baseline but each value should be updated once a project is live in order to track that updates made do not effect the results over time along with the urls that you want to check. It is recommended that you check production URLs so that you are getting a realistic representation of the content, images, and caching for the live site. **You will need to edit the lighthouserc.json file for your project to take advantage of this action**. +We are using the [Lighthouse CI](https://github.com/treosh/lighthouse-ci-action/tree/main) for testing list of production urls that we would like to run lighthouse tests on +and stores the results as artifacts of the action. There are parameters that we set in the [lighthouserc.json](../.github/lighthouse/lighthouserc.json) +file allowing us to set the minimum values for each of the lighthouse matrix. There are minimum values set as a +baseline but each value should be updated once a project is live in order to track that updates made do not effect the +results over time along with the urls that you want to check. It is recommended that you check production URLs so that +you are getting a realistic representation of the content, images, and caching for the live site. **You will need to +edit the lighthouserc.json file for your project to take advantage of this action**. From 0cfe5dbdd207022a95e195791b46f31ce02dcadf Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 10:21:24 -0600 Subject: [PATCH 074/130] Reorder composer repositories. --- composer.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index 73d29ab4..60baa76f 100644 --- a/composer.json +++ b/composer.json @@ -48,23 +48,23 @@ "update-db": "Runs the wpcli command to update the WordPress database. This is sometimes required after a version update." }, "repositories": { - "gravity": { - "type": "composer", - "url": "https://composer.gravity.io" - }, "0": { "type": "composer", - "url": "https://wpackagist.org" + "url": "https://composer.gravity.io" }, "1": { - "type": "vcs", - "url": "https://github.com/moderntribe/tribe-glomar.git" + "type": "composer", + "url": "https://connect.advancedcustomfields.com" }, "2": { "type": "composer", - "url": "https://connect.advancedcustomfields.com" + "url": "https://wpackagist.org" }, "3": { + "type": "vcs", + "url": "https://github.com/moderntribe/tribe-glomar.git" + }, + "4": { "type": "package", "package": { "name": "block-editor-custom-alignments/block-editor-custom-alignments", From 899a9c61012c88a235c6de743a0870870a17168a Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 10:26:49 -0600 Subject: [PATCH 075/130] Re-title NPM docs. --- README.md | 7 ++++++- docs/npm.md | 6 ++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 9abe80c8..2cc5014a 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,11 @@ file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity That should be it! After Lando starts the first time, it should automatically trigger a composer install and create the necessary local config files for the project. +## NPM Packages, Scripts & Building Frontend Assets + +We use a variety of npm scripts for managing the frontend assets. Learn more about the available scripts and how to use +them in the [./docs/npm.md](./docs/npm.md) documentation. + ## Composer TBD: Outline deps management, updating WP, scripts, etc. ... For WordPress updates, you can change the `--version=` value in the `setup-wordpress` composer script. @@ -54,7 +59,7 @@ We use GitHub Action as a CI for deployments, testing and many other features. ## Additional Documentation Specific features and functionality may have additional documentation in the [./docs](./docs) folder. -* [NPM Scripts & Building Assets](./docs/npm.md) +* [NPM Packages, Scripts & Building Assets](./docs/npm.md) * [GitHub Actions](./docs/actions.md) * [Create Block Script Templates](./docs/block-templates.md) * [Create WP Controls Script](./docs/wp-controls-templates.md) diff --git a/docs/npm.md b/docs/npm.md index f24c1599..c609a09a 100644 --- a/docs/npm.md +++ b/docs/npm.md @@ -1,6 +1,8 @@ -# NPM Scripts & Building Assets +# NPM Packages, Scripts & Building Assets -These scripts are based on WordPress's [WP-Scripts](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-scripts/) package. See the documentation there for more information. +NPM is used to manage frontend dependencies. There are also a number of npm scripts defined to assist in day-to-day +development. These npm scripts are based on WordPress's [WP-Scripts](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-scripts/) package. See the documentation there for +further details. ## Building Assets From 8bf11cd3072c6c002eb2d021af5946c7819227fe Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 10:29:44 -0600 Subject: [PATCH 076/130] Move PHP tests to separate doc. --- README.md | 12 +----------- docs/php-tests.md | 13 +++++++++++++ 2 files changed, 14 insertions(+), 11 deletions(-) create mode 100644 docs/php-tests.md diff --git a/README.md b/README.md index 2cc5014a..f7f6663b 100644 --- a/README.md +++ b/README.md @@ -45,22 +45,12 @@ TBD: outline 1Password CLI integration We use GitHub Action as a CI for deployments, testing and many other features. Take a look at [./docs/actions.md](./docs/actions.md) to learn more about each action. -## Testing - -A test suite is ready to use utilizing [Slic](https://github.com/stellarwp/slic). You can follow the instructions on the Slic readme to configure testing locally. Slic utilizes [WP-Browser](https://wpbrowser.wptestkit.dev/) and [Codeception](https://codeception.com/) to run tests in a docker container allowing us to use all the generate commands those libraries have to offer. - -The only major setup config you must do for slic is set the php-version to 8.0 since the default is 7.4. You can do this by running `slic php-version set 8.0`. - -Once Slic is installed, you can go to the project root and enter `slic here` telling slic that you want to run tests from this folder. Then run `slic use site` telling slic that you want to run the tests for the full site and not just a singular plugin or theme. Then you are ready to start testing by running `slic run wpunit`. You can exchange out the `wpunit` for any of the testing suites you would like to run (`wpunit`, `unit`, `functional`, or `acceptance`). - -## GitHub Actions - -We use GitHub Action as a CI for deployments, testing and many other features. To learn more about each action, checkout the [./docs/actions.md](./docs/actions.md) for details. ## Additional Documentation Specific features and functionality may have additional documentation in the [./docs](./docs) folder. * [NPM Packages, Scripts & Building Assets](./docs/npm.md) * [GitHub Actions](./docs/actions.md) +* [PHP Tests](./docs/php-tests.md) * [Create Block Script Templates](./docs/block-templates.md) * [Create WP Controls Script](./docs/wp-controls-templates.md) * [Supported Block Features](./docs/block-features.md) diff --git a/docs/php-tests.md b/docs/php-tests.md new file mode 100644 index 00000000..87267bdb --- /dev/null +++ b/docs/php-tests.md @@ -0,0 +1,13 @@ +# PHP Tests + +A test suite is ready to use utilizing [Slic](https://github.com/stellarwp/slic). You can follow the instructions on the Slic readme to configure +testing locally. Slic utilizes [WP-Browser](https://wpbrowser.wptestkit.dev/) and [Codeception](https://codeception.com/) to run tests in a docker container allowing us +to use all the generate commands those libraries have to offer. + +The only major setup config you must do for slic is set the php-version to the correct version for this project. +You can do this by running `slic php-version set `. + +Once Slic is installed, you can go to the project root and enter `slic here` telling slic that you want to run tests +from this folder. Then run `slic use site` telling slic that you want to run the tests for the full site and not just +a singular plugin or theme. Then you are ready to start testing by running `slic run wpunit`. You can exchange out the +`wpunit` for any of the testing suites you would like to run (`wpunit`, `unit`, `functional`, or `acceptance`). From c6ac7c895faa68328b4a1785a2db24aa059a356f Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 10:33:32 -0600 Subject: [PATCH 077/130] Update document outline. --- README.md | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index f7f6663b..f26faca5 100644 --- a/README.md +++ b/README.md @@ -26,10 +26,14 @@ file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity That should be it! After Lando starts the first time, it should automatically trigger a composer install and create the necessary local config files for the project. -## NPM Packages, Scripts & Building Frontend Assets +## Documentation + +### NPM Packages, Scripts & Building Frontend Assets We use a variety of npm scripts for managing the frontend assets. Learn more about the available scripts and how to use -them in the [./docs/npm.md](./docs/npm.md) documentation. +them in the [NPM Docs](./docs/npm.md). + +### Composer ## Composer TBD: Outline deps management, updating WP, scripts, etc. ... For WordPress updates, you can change the `--version=` value in the `setup-wordpress` composer script. @@ -37,16 +41,15 @@ TBD: Outline deps management, updating WP, scripts, etc. ... For WordPress updat ## Lando Updates TBD: outline lando commands, db management, etc. -## 1Password CLI +### 1Password CLI TBD: outline 1Password CLI integration -## GitHub Actions - -We use GitHub Action as a CI for deployments, testing and many other features. Take a look at [./docs/actions.md](./docs/actions.md) -to learn more about each action. +### GitHub Actions +We use GitHub Action as a CI for deployments, testing and many other features. Take a look at the +[GitHub Action Docs](./docs/actions.md) to learn more about each action. -## Additional Documentation +### Additional Documentation Specific features and functionality may have additional documentation in the [./docs](./docs) folder. * [NPM Packages, Scripts & Building Assets](./docs/npm.md) * [GitHub Actions](./docs/actions.md) From d9364007971f2813d6933ed552b3f8b733699526 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 10:35:06 -0600 Subject: [PATCH 078/130] reword npm outline. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f26faca5..130b3749 100644 --- a/README.md +++ b/README.md @@ -30,8 +30,8 @@ necessary local config files for the project. ### NPM Packages, Scripts & Building Frontend Assets -We use a variety of npm scripts for managing the frontend assets. Learn more about the available scripts and how to use -them in the [NPM Docs](./docs/npm.md). +NPM use used for managing frontend dependencies and npm scripts for managing the frontend assets. Learn more about the +available scripts and how to use them in the [NPM Docs](./docs/npm.md). ### Composer From 75c024599ea86ce6804eaf0c7d6891f31ac39295 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 11:01:08 -0600 Subject: [PATCH 079/130] Add Composer docs & compsoer update. --- README.md | 14 +- composer.lock | 441 ++++++++++++++++++++++++----------------------- docs/composer.md | 40 +++++ 3 files changed, 272 insertions(+), 223 deletions(-) create mode 100644 docs/composer.md diff --git a/README.md b/README.md index 130b3749..9cd60d04 100644 --- a/README.md +++ b/README.md @@ -30,15 +30,20 @@ necessary local config files for the project. ### NPM Packages, Scripts & Building Frontend Assets -NPM use used for managing frontend dependencies and npm scripts for managing the frontend assets. Learn more about the +NPM is used for managing frontend dependencies and npm scripts for managing the frontend assets. Learn more about the available scripts and how to use them in the [NPM Docs](./docs/npm.md). ### Composer -## Composer -TBD: Outline deps management, updating WP, scripts, etc. ... For WordPress updates, you can change the `--version=` value in the `setup-wordpress` composer script. +Composer is configured to manage PHP dependencies. There are also a number of composer scripts set up to assist with +day-today PHP development. You can learn more about the available scripts and how to use them in the +[Composer Docs](./docs/composer.md). -## Lando Updates +#### Updating WordPress + +To update the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. + +### Lando Updates TBD: outline lando commands, db management, etc. ### 1Password CLI @@ -52,6 +57,7 @@ We use GitHub Action as a CI for deployments, testing and many other features. T ### Additional Documentation Specific features and functionality may have additional documentation in the [./docs](./docs) folder. * [NPM Packages, Scripts & Building Assets](./docs/npm.md) +* [Composer](./docs/composer.md) * [GitHub Actions](./docs/actions.md) * [PHP Tests](./docs/php-tests.md) * [Create Block Script Templates](./docs/block-templates.md) diff --git a/composer.lock b/composer.lock index 1276d67d..11ae078c 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "f360e1ce4b6d57f35b63550a0cdedb5e", + "content-hash": "e1d9d33214967735750a64a8bf6e8f78", "packages": [ { "name": "aws/aws-crt-php", @@ -62,16 +62,16 @@ }, { "name": "aws/aws-sdk-php", - "version": "3.334.1", + "version": "3.336.6", "source": { "type": "git", "url": "https://github.com/aws/aws-sdk-php.git", - "reference": "3938b3467f64a30fed7ee1762a6785f808a5ae4d" + "reference": "0a99dab427f0a1c082775301141aeac3558691ad" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/3938b3467f64a30fed7ee1762a6785f808a5ae4d", - "reference": "3938b3467f64a30fed7ee1762a6785f808a5ae4d", + "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/0a99dab427f0a1c082775301141aeac3558691ad", + "reference": "0a99dab427f0a1c082775301141aeac3558691ad", "shasum": "" }, "require": { @@ -154,9 +154,9 @@ "support": { "forum": "https://forums.aws.amazon.com/forum.jspa?forumID=80", "issues": "https://github.com/aws/aws-sdk-php/issues", - "source": "https://github.com/aws/aws-sdk-php/tree/3.334.1" + "source": "https://github.com/aws/aws-sdk-php/tree/3.336.6" }, - "time": "2024-12-05T01:17:41+00:00" + "time": "2024-12-28T04:16:13+00:00" }, { "name": "block-editor-custom-alignments/block-editor-custom-alignments", @@ -321,16 +321,16 @@ }, { "name": "composer/composer", - "version": "2.8.3", + "version": "2.8.4", "source": { "type": "git", "url": "https://github.com/composer/composer.git", - "reference": "2a7c71266b2545a3bed9f4860734081963f6e688" + "reference": "112e37d1dca22b3fdb81cf3524ab4994f47fdb8c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/composer/composer/zipball/2a7c71266b2545a3bed9f4860734081963f6e688", - "reference": "2a7c71266b2545a3bed9f4860734081963f6e688", + "url": "https://api.github.com/repos/composer/composer/zipball/112e37d1dca22b3fdb81cf3524ab4994f47fdb8c", + "reference": "112e37d1dca22b3fdb81cf3524ab4994f47fdb8c", "shasum": "" }, "require": { @@ -415,7 +415,7 @@ "irc": "ircs://irc.libera.chat:6697/composer", "issues": "https://github.com/composer/composer/issues", "security": "https://github.com/composer/composer/security/policy", - "source": "https://github.com/composer/composer/tree/2.8.3" + "source": "https://github.com/composer/composer/tree/2.8.4" }, "funding": [ { @@ -431,7 +431,7 @@ "type": "tidelift" } ], - "time": "2024-11-17T12:13:04+00:00" + "time": "2024-12-11T10:57:47+00:00" }, { "name": "composer/installers", @@ -675,13 +675,13 @@ }, "type": "library", "extra": { - "branch-alias": { - "dev-main": "3.x-dev" - }, "phpstan": { "includes": [ "extension.neon" ] + }, + "branch-alias": { + "dev-main": "3.x-dev" } }, "autoload": { @@ -3337,12 +3337,12 @@ }, "type": "library", "extra": { + "thanks": { + "url": "https://github.com/symfony/contracts", + "name": "symfony/contracts" + }, "branch-alias": { "dev-main": "3.5-dev" - }, - "thanks": { - "name": "symfony/contracts", - "url": "https://github.com/symfony/contracts" } }, "autoload": { @@ -3540,8 +3540,8 @@ "type": "library", "extra": { "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" } }, "autoload": { @@ -3616,8 +3616,8 @@ "type": "library", "extra": { "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" } }, "autoload": { @@ -3694,8 +3694,8 @@ "type": "library", "extra": { "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" } }, "autoload": { @@ -3778,8 +3778,8 @@ "type": "library", "extra": { "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" } }, "autoload": { @@ -3852,8 +3852,8 @@ "type": "library", "extra": { "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" } }, "autoload": { @@ -3928,8 +3928,8 @@ "type": "library", "extra": { "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" } }, "autoload": { @@ -4008,8 +4008,8 @@ "type": "library", "extra": { "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" } }, "autoload": { @@ -4149,12 +4149,12 @@ }, "type": "library", "extra": { + "thanks": { + "url": "https://github.com/symfony/contracts", + "name": "symfony/contracts" + }, "branch-alias": { "dev-main": "3.5-dev" - }, - "thanks": { - "name": "symfony/contracts", - "url": "https://github.com/symfony/contracts" } }, "autoload": { @@ -4464,9 +4464,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "cache", @@ -4487,7 +4484,10 @@ "transient set", "transient type", "transient list" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -4539,14 +4539,14 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "core verify-checksums", "plugin verify-checksums" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -4599,9 +4599,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "config", @@ -4615,7 +4612,10 @@ "config path", "config set", "config shuffle-salts" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -4651,21 +4651,21 @@ }, { "name": "wp-cli/core-command", - "version": "v2.1.18", + "version": "v2.1.19", "source": { "type": "git", "url": "https://github.com/wp-cli/core-command.git", - "reference": "f7580f93fe66a5584fa7b7c42bd2c0c1435c9d2e" + "reference": "ab65d194bbf00b018daca9d625b0297c5f813fca" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/wp-cli/core-command/zipball/f7580f93fe66a5584fa7b7c42bd2c0c1435c9d2e", - "reference": "f7580f93fe66a5584fa7b7c42bd2c0c1435c9d2e", + "url": "https://api.github.com/repos/wp-cli/core-command/zipball/ab65d194bbf00b018daca9d625b0297c5f813fca", + "reference": "ab65d194bbf00b018daca9d625b0297c5f813fca", "shasum": "" }, "require": { "composer/semver": "^1.4 || ^2 || ^3", - "wp-cli/wp-cli": "^2.5.1" + "wp-cli/wp-cli": "^2.12" }, "require-dev": { "wp-cli/checksum-command": "^1 || ^2", @@ -4676,9 +4676,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "core", @@ -4691,7 +4688,10 @@ "core update", "core update-db", "core version" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -4716,9 +4716,9 @@ "homepage": "https://github.com/wp-cli/core-command", "support": { "issues": "https://github.com/wp-cli/core-command/issues", - "source": "https://github.com/wp-cli/core-command/tree/v2.1.18" + "source": "https://github.com/wp-cli/core-command/tree/v2.1.19" }, - "time": "2024-04-12T09:36:36+00:00" + "time": "2024-12-20T15:13:02+00:00" }, { "name": "wp-cli/cron-command", @@ -4745,9 +4745,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "cron", @@ -4760,7 +4757,10 @@ "cron schedule", "cron schedule list", "cron event unschedule" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -4812,9 +4812,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "db", @@ -4834,7 +4831,10 @@ "db tables", "db size", "db columns" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -4886,9 +4886,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "embed", @@ -4902,7 +4899,10 @@ "embed cache clear", "embed cache find", "embed cache trigger" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -4957,9 +4957,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "comment", @@ -5138,7 +5135,10 @@ "user term set", "user unspam", "user update" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5189,14 +5189,14 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "eval", "eval-file" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5253,13 +5253,13 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "export" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5315,9 +5315,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "plugin", @@ -5352,7 +5349,10 @@ "theme status", "theme update", "theme mod list" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5388,23 +5388,23 @@ }, { "name": "wp-cli/i18n-command", - "version": "v2.6.3", + "version": "v2.6.4", "source": { "type": "git", "url": "https://github.com/wp-cli/i18n-command.git", - "reference": "065bb3758fcbff922f1b7a01ab702aab0da79803" + "reference": "bf6720f63b6d9fc00cc13d02ef85e1f343e47d3c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/wp-cli/i18n-command/zipball/065bb3758fcbff922f1b7a01ab702aab0da79803", - "reference": "065bb3758fcbff922f1b7a01ab702aab0da79803", + "url": "https://api.github.com/repos/wp-cli/i18n-command/zipball/bf6720f63b6d9fc00cc13d02ef85e1f343e47d3c", + "reference": "bf6720f63b6d9fc00cc13d02ef85e1f343e47d3c", "shasum": "" }, "require": { "eftec/bladeone": "3.52", "gettext/gettext": "^4.8", "mck89/peast": "^1.13.11", - "wp-cli/wp-cli": "^2.5" + "wp-cli/wp-cli": "^2.12" }, "require-dev": { "wp-cli/scaffold-command": "^1.2 || ^2", @@ -5451,9 +5451,9 @@ "homepage": "https://github.com/wp-cli/i18n-command", "support": { "issues": "https://github.com/wp-cli/i18n-command/issues", - "source": "https://github.com/wp-cli/i18n-command/tree/v2.6.3" + "source": "https://github.com/wp-cli/i18n-command/tree/v2.6.4" }, - "time": "2024-10-01T11:16:25+00:00" + "time": "2024-12-20T12:34:36+00:00" }, { "name": "wp-cli/import-command", @@ -5480,13 +5480,13 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "import" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5540,9 +5540,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "language", @@ -5566,7 +5563,10 @@ "language theme uninstall", "language theme update", "site switch-language" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5617,9 +5617,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "maintenance-mode", @@ -5627,7 +5624,10 @@ "maintenance-mode deactivate", "maintenance-mode status", "maintenance-mode is-active" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5680,16 +5680,16 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "media", "media import", "media regenerate", "media image-size" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5794,9 +5794,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "package", @@ -5805,7 +5802,10 @@ "package list", "package update", "package uninstall" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5836,20 +5836,20 @@ }, { "name": "wp-cli/php-cli-tools", - "version": "v0.11.22", + "version": "v0.12.1", "source": { "type": "git", "url": "https://github.com/wp-cli/php-cli-tools.git", - "reference": "a6bb94664ca36d0962f9c2ff25591c315a550c51" + "reference": "d1fe500378f53fb5ae1072c0daa77095c384a082" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/wp-cli/php-cli-tools/zipball/a6bb94664ca36d0962f9c2ff25591c315a550c51", - "reference": "a6bb94664ca36d0962f9c2ff25591c315a550c51", + "url": "https://api.github.com/repos/wp-cli/php-cli-tools/zipball/d1fe500378f53fb5ae1072c0daa77095c384a082", + "reference": "d1fe500378f53fb5ae1072c0daa77095c384a082", "shasum": "" }, "require": { - "php": ">= 5.3.0" + "php": ">= 5.6.0" }, "require-dev": { "roave/security-advisories": "dev-latest", @@ -5893,9 +5893,9 @@ ], "support": { "issues": "https://github.com/wp-cli/php-cli-tools/issues", - "source": "https://github.com/wp-cli/php-cli-tools/tree/v0.11.22" + "source": "https://github.com/wp-cli/php-cli-tools/tree/v0.12.1" }, - "time": "2023-12-03T19:25:05+00:00" + "time": "2024-10-01T11:13:49+00:00" }, { "name": "wp-cli/rewrite-command", @@ -5920,16 +5920,16 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "rewrite", "rewrite flush", "rewrite list", "rewrite structure" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -5980,9 +5980,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "role", @@ -5995,7 +5992,10 @@ "cap add", "cap list", "cap remove" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -6047,9 +6047,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "scaffold", @@ -6061,7 +6058,10 @@ "scaffold post-type", "scaffold taxonomy", "scaffold theme-tests" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -6115,13 +6115,13 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "search-replace" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -6173,13 +6173,13 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "server" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -6230,13 +6230,13 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "shell" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -6288,16 +6288,16 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "super-admin", "super-admin add", "super-admin list", "super-admin remove" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -6349,9 +6349,6 @@ }, "type": "wp-cli-package", "extra": { - "branch-alias": { - "dev-main": "2.x-dev" - }, "bundled": true, "commands": [ "widget", @@ -6364,7 +6361,10 @@ "widget update", "sidebar", "sidebar list" - ] + ], + "branch-alias": { + "dev-main": "2.x-dev" + } }, "autoload": { "files": [ @@ -6395,16 +6395,16 @@ }, { "name": "wp-cli/wp-cli", - "version": "v2.11.0", + "version": "dev-main", "source": { "type": "git", "url": "https://github.com/wp-cli/wp-cli.git", - "reference": "53f0df112901fcf95099d0f501912a209429b6a9" + "reference": "0187f2b4ce7e83f31bf4beecd5ad4f11ddf8b57b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/wp-cli/wp-cli/zipball/53f0df112901fcf95099d0f501912a209429b6a9", - "reference": "53f0df112901fcf95099d0f501912a209429b6a9", + "url": "https://api.github.com/repos/wp-cli/wp-cli/zipball/0187f2b4ce7e83f31bf4beecd5ad4f11ddf8b57b", + "reference": "0187f2b4ce7e83f31bf4beecd5ad4f11ddf8b57b", "shasum": "" }, "require": { @@ -6413,7 +6413,7 @@ "php": "^5.6 || ^7.0 || ^8.0", "symfony/finder": ">2.7", "wp-cli/mustangostang-spyc": "^0.6.3", - "wp-cli/php-cli-tools": "~0.11.2" + "wp-cli/php-cli-tools": "~0.12.1" }, "require-dev": { "roave/security-advisories": "dev-latest", @@ -6427,6 +6427,7 @@ "ext-readline": "Include for a better --prompt implementation", "ext-zip": "Needed to support extraction of ZIP archives when doing downloads or updates" }, + "default-branch": true, "bin": [ "bin/wp", "bin/wp.bat" @@ -6434,7 +6435,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "2.11.x-dev" + "dev-main": "2.12.x-dev" } }, "autoload": { @@ -6461,7 +6462,7 @@ "issues": "https://github.com/wp-cli/wp-cli/issues", "source": "https://github.com/wp-cli/wp-cli" }, - "time": "2024-08-08T03:04:55+00:00" + "time": "2024-11-26T19:13:58+00:00" }, { "name": "wp-cli/wp-cli-bundle", @@ -6749,16 +6750,16 @@ "packages-dev": [ { "name": "antecedent/patchwork", - "version": "2.2.0", + "version": "2.2.1", "source": { "type": "git", "url": "https://github.com/antecedent/patchwork.git", - "reference": "b07d4fb37c3c723c8755122160c089e077d5de65" + "reference": "1bf183a3e1bd094f231a2128b9ecc5363c269245" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/antecedent/patchwork/zipball/b07d4fb37c3c723c8755122160c089e077d5de65", - "reference": "b07d4fb37c3c723c8755122160c089e077d5de65", + "url": "https://api.github.com/repos/antecedent/patchwork/zipball/1bf183a3e1bd094f231a2128b9ecc5363c269245", + "reference": "1bf183a3e1bd094f231a2128b9ecc5363c269245", "shasum": "" }, "require": { @@ -6791,9 +6792,9 @@ ], "support": { "issues": "https://github.com/antecedent/patchwork/issues", - "source": "https://github.com/antecedent/patchwork/tree/2.2.0" + "source": "https://github.com/antecedent/patchwork/tree/2.2.1" }, - "time": "2024-09-27T16:59:55+00:00" + "time": "2024-12-11T10:19:54+00:00" }, { "name": "automattic/vipwpcs", @@ -7981,16 +7982,16 @@ }, { "name": "illuminate/collections", - "version": "v11.34.2", + "version": "v11.36.1", "source": { "type": "git", "url": "https://github.com/illuminate/collections.git", - "reference": "fd2103ddc121449a7926fc34a9d220e5b88183c1" + "reference": "21868f9ac221a42d4346dc56495d11ab7e0d339a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/illuminate/collections/zipball/fd2103ddc121449a7926fc34a9d220e5b88183c1", - "reference": "fd2103ddc121449a7926fc34a9d220e5b88183c1", + "url": "https://api.github.com/repos/illuminate/collections/zipball/21868f9ac221a42d4346dc56495d11ab7e0d339a", + "reference": "21868f9ac221a42d4346dc56495d11ab7e0d339a", "shasum": "" }, "require": { @@ -8010,6 +8011,7 @@ }, "autoload": { "files": [ + "functions.php", "helpers.php" ], "psr-4": { @@ -8032,11 +8034,11 @@ "issues": "https://github.com/laravel/framework/issues", "source": "https://github.com/laravel/framework" }, - "time": "2024-11-27T14:51:56+00:00" + "time": "2024-12-13T13:58:10+00:00" }, { "name": "illuminate/conditionable", - "version": "v11.34.2", + "version": "v11.36.1", "source": { "type": "git", "url": "https://github.com/illuminate/conditionable.git", @@ -8082,7 +8084,7 @@ }, { "name": "illuminate/contracts", - "version": "v11.34.2", + "version": "v11.36.1", "source": { "type": "git", "url": "https://github.com/illuminate/contracts.git", @@ -8130,7 +8132,7 @@ }, { "name": "illuminate/macroable", - "version": "v11.34.2", + "version": "v11.36.1", "source": { "type": "git", "url": "https://github.com/illuminate/macroable.git", @@ -8176,16 +8178,16 @@ }, { "name": "illuminate/support", - "version": "v11.34.2", + "version": "v11.36.1", "source": { "type": "git", "url": "https://github.com/illuminate/support.git", - "reference": "2b718a86571baed50fdc5d5748a846c2e58e07eb" + "reference": "fba1ff58e30fa280248ce3db9b18d6341c6ac339" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/illuminate/support/zipball/2b718a86571baed50fdc5d5748a846c2e58e07eb", - "reference": "2b718a86571baed50fdc5d5748a846c2e58e07eb", + "url": "https://api.github.com/repos/illuminate/support/zipball/fba1ff58e30fa280248ce3db9b18d6341c6ac339", + "reference": "fba1ff58e30fa280248ce3db9b18d6341c6ac339", "shasum": "" }, "require": { @@ -8208,11 +8210,12 @@ "spatie/once": "*" }, "suggest": { - "illuminate/filesystem": "Required to use the composer class (^11.0).", + "illuminate/filesystem": "Required to use the Composer class (^11.0).", "laravel/serializable-closure": "Required to use the once function (^1.3).", - "league/commonmark": "Required to use Str::markdown() and Stringable::markdown() (^2.0.2).", + "league/commonmark": "Required to use Str::markdown() and Stringable::markdown() (^2.6).", + "league/uri": "Required to use the Uri class (^7.5.1).", "ramsey/uuid": "Required to use Str::uuid() (^4.7).", - "symfony/process": "Required to use the composer class (^7.0).", + "symfony/process": "Required to use the Composer class (^7.0).", "symfony/uid": "Required to use Str::ulid() (^7.0).", "symfony/var-dumper": "Required to use the dd function (^7.0).", "vlucas/phpdotenv": "Required to use the Env class and env helper (^5.6.1)." @@ -8248,7 +8251,7 @@ "issues": "https://github.com/laravel/framework/issues", "source": "https://github.com/laravel/framework" }, - "time": "2024-11-27T14:58:17+00:00" + "time": "2024-12-17T20:20:09+00:00" }, { "name": "lucatume/wp-browser", @@ -8581,16 +8584,16 @@ }, { "name": "nesbot/carbon", - "version": "3.8.2", + "version": "3.8.4", "source": { "type": "git", "url": "https://github.com/briannesbitt/Carbon.git", - "reference": "e1268cdbc486d97ce23fef2c666dc3c6b6de9947" + "reference": "129700ed449b1f02d70272d2ac802357c8c30c58" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/e1268cdbc486d97ce23fef2c666dc3c6b6de9947", - "reference": "e1268cdbc486d97ce23fef2c666dc3c6b6de9947", + "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/129700ed449b1f02d70272d2ac802357c8c30c58", + "reference": "129700ed449b1f02d70272d2ac802357c8c30c58", "shasum": "" }, "require": { @@ -8622,10 +8625,6 @@ ], "type": "library", "extra": { - "branch-alias": { - "dev-master": "3.x-dev", - "dev-2.x": "2.x-dev" - }, "laravel": { "providers": [ "Carbon\\Laravel\\ServiceProvider" @@ -8635,6 +8634,10 @@ "includes": [ "extension.neon" ] + }, + "branch-alias": { + "dev-2.x": "2.x-dev", + "dev-master": "3.x-dev" } }, "autoload": { @@ -8683,20 +8686,20 @@ "type": "tidelift" } ], - "time": "2024-11-07T17:46:48+00:00" + "time": "2024-12-27T09:25:35+00:00" }, { "name": "nikic/php-parser", - "version": "v5.3.1", + "version": "v5.4.0", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "8eea230464783aa9671db8eea6f8c6ac5285794b" + "reference": "447a020a1f875a434d62f2a401f53b82a396e494" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/8eea230464783aa9671db8eea6f8c6ac5285794b", - "reference": "8eea230464783aa9671db8eea6f8c6ac5285794b", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/447a020a1f875a434d62f2a401f53b82a396e494", + "reference": "447a020a1f875a434d62f2a401f53b82a396e494", "shasum": "" }, "require": { @@ -8739,9 +8742,9 @@ ], "support": { "issues": "https://github.com/nikic/PHP-Parser/issues", - "source": "https://github.com/nikic/PHP-Parser/tree/v5.3.1" + "source": "https://github.com/nikic/PHP-Parser/tree/v5.4.0" }, - "time": "2024-10-08T18:51:32+00:00" + "time": "2024-12-30T11:07:19+00:00" }, { "name": "phar-io/manifest", @@ -9534,16 +9537,16 @@ }, { "name": "phpstan/phpstan", - "version": "1.12.12", + "version": "1.12.14", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "b5ae1b88f471d3fd4ba1aa0046234b5ca3776dd0" + "reference": "e73868f809e68fff33be961ad4946e2e43ec9e38" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/b5ae1b88f471d3fd4ba1aa0046234b5ca3776dd0", - "reference": "b5ae1b88f471d3fd4ba1aa0046234b5ca3776dd0", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/e73868f809e68fff33be961ad4946e2e43ec9e38", + "reference": "e73868f809e68fff33be961ad4946e2e43ec9e38", "shasum": "" }, "require": { @@ -9588,7 +9591,7 @@ "type": "github" } ], - "time": "2024-11-28T22:13:23+00:00" + "time": "2024-12-31T07:26:13+00:00" }, { "name": "phpunit/php-code-coverage", @@ -11249,16 +11252,16 @@ }, { "name": "squizlabs/php_codesniffer", - "version": "3.11.1", + "version": "3.11.2", "source": { "type": "git", "url": "https://github.com/PHPCSStandards/PHP_CodeSniffer.git", - "reference": "19473c30efe4f7b3cd42522d0b2e6e7f243c6f87" + "reference": "1368f4a58c3c52114b86b1abe8f4098869cb0079" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/19473c30efe4f7b3cd42522d0b2e6e7f243c6f87", - "reference": "19473c30efe4f7b3cd42522d0b2e6e7f243c6f87", + "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/1368f4a58c3c52114b86b1abe8f4098869cb0079", + "reference": "1368f4a58c3c52114b86b1abe8f4098869cb0079", "shasum": "" }, "require": { @@ -11325,7 +11328,7 @@ "type": "open_collective" } ], - "time": "2024-11-16T12:02:36+00:00" + "time": "2024-12-11T16:04:26+00:00" }, { "name": "symfony/browser-kit", @@ -11719,12 +11722,12 @@ }, "type": "library", "extra": { + "thanks": { + "url": "https://github.com/symfony/contracts", + "name": "symfony/contracts" + }, "branch-alias": { "dev-main": "3.5-dev" - }, - "thanks": { - "name": "symfony/contracts", - "url": "https://github.com/symfony/contracts" } }, "autoload": { @@ -11795,8 +11798,8 @@ "type": "library", "extra": { "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" } }, "autoload": { @@ -11965,12 +11968,12 @@ }, "type": "library", "extra": { + "thanks": { + "url": "https://github.com/symfony/contracts", + "name": "symfony/contracts" + }, "branch-alias": { "dev-main": "3.5-dev" - }, - "thanks": { - "name": "symfony/contracts", - "url": "https://github.com/symfony/contracts" } }, "autoload": { diff --git a/docs/composer.md b/docs/composer.md new file mode 100644 index 00000000..d23132c2 --- /dev/null +++ b/docs/composer.md @@ -0,0 +1,40 @@ +# Composer + +Composer is configured to manage PHP dependencies. There are also a number of composer scripts set up to assist with +day-today PHP development. + +> [!WARNING] +> Running composer commands directly on your local machine will cause conflicts if your locally installed version of +> PHP is different from the version required in `composer.json`. Always be sure you have the correct version of php +> installed locally or run composer commands from within the Lando environment by prefixing them with `lando ...`. +> For example: `lando composer install`. + +## Updating WordPress + +To update the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. + +## Adding a Paid or Premium WordPress Plugin + +A number of premium or paid WordPress plugins may be used for a project. Often, these plugins are not available in the +WordPress plugin directory and thus can't be installed from `https://wpackagist.org`. There are a few options for +installing such premium plugins: + +1. Check to see if the plugin maker provides its own composer-based installation method. This is the best option. +Many providers including Advanced Custom Fields, Gravity Forms, and Yoast SEO provide composer-based installation +options. +1. Check the plugin files into the repository directly. This is the simplest option but is not ideal for a number of +reasons, including licensing, security, and ease of management. + +## Composer Scripts + +* `composer create-auth`: Create or update the auth.json file for Composer via 1Password CLI. +* `composer copy-local-configs`: Creates the `local-config.php` and `local-config.json` files from the respective +sample file. +* `composer install-wordpress`: Runs the WP CLI command to download and install WordPress core. To change the WordPress +version, update the `--version` value for this script. +* `composer phpcs`: Run PHPCS on the project. +* `composer phpcbf`: Run PHPCBF on the project. +* `composer phpstan`: Run PHPStan on the project. +* `composer update-db`: Runs the WP CLI command to update the WordPress database. This is often required after a version update. + + From 80214574f94d479000e2cb3da60513efec1507ee Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 11:07:52 -0600 Subject: [PATCH 080/130] update Composer docs. --- docs/composer.md | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/docs/composer.md b/docs/composer.md index d23132c2..6a7e4daa 100644 --- a/docs/composer.md +++ b/docs/composer.md @@ -9,6 +9,18 @@ day-today PHP development. > installed locally or run composer commands from within the Lando environment by prefixing them with `lando ...`. > For example: `lando composer install`. +## Composer Scripts + +* `composer create-auth`: Create or update the auth.json file for Composer via 1Password CLI. +* `composer copy-local-configs`: Creates the `local-config.php` and `local-config.json` files from the respective + sample file. +* `composer install-wordpress`: Runs the WP CLI command to download and install WordPress core. To change the WordPress + version, update the `--version` value for this script. +* `composer phpcs`: Run PHPCS on the project. +* `composer phpcbf`: Run PHPCBF on the project. +* `composer phpstan`: Run PHPStan on the project. +* `composer update-db`: Runs the WP CLI command to update the WordPress database. This is often required after a version update. + ## Updating WordPress To update the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. @@ -25,16 +37,9 @@ options. 1. Check the plugin files into the repository directly. This is the simplest option but is not ideal for a number of reasons, including licensing, security, and ease of management. -## Composer Scripts - -* `composer create-auth`: Create or update the auth.json file for Composer via 1Password CLI. -* `composer copy-local-configs`: Creates the `local-config.php` and `local-config.json` files from the respective -sample file. -* `composer install-wordpress`: Runs the WP CLI command to download and install WordPress core. To change the WordPress -version, update the `--version` value for this script. -* `composer phpcs`: Run PHPCS on the project. -* `composer phpcbf`: Run PHPCBF on the project. -* `composer phpstan`: Run PHPStan on the project. -* `composer update-db`: Runs the WP CLI command to update the WordPress database. This is often required after a version update. - +## Platform Dependencies +There are several PHP platform dependencies added as composer requirements. These dependencies include the required +version of PHP as well as several PHP extensions required by WordPress (`ext-exif`, `ext-gd`, `ext-intl`, & `ext-json`). +These PHP extensions are installed within a [project's Dokku env](actions.md#dokku-deployment-workflows) and should not +be removed unless Dokku is not utilized by the project. From 17aa662c8620cae8ff302616c30005e30f20705c Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 11:21:12 -0600 Subject: [PATCH 081/130] Update command syntax formatting. --- docs/composer.md | 14 +++++++------- docs/npm.md | 12 ++++++------ 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/docs/composer.md b/docs/composer.md index 6a7e4daa..a441ad9c 100644 --- a/docs/composer.md +++ b/docs/composer.md @@ -11,15 +11,15 @@ day-today PHP development. ## Composer Scripts -* `composer create-auth`: Create or update the auth.json file for Composer via 1Password CLI. -* `composer copy-local-configs`: Creates the `local-config.php` and `local-config.json` files from the respective +* `composer create-auth` - Create or update the auth.json file for Composer via 1Password CLI. +* `composer copy-local-configs` - Creates the `local-config.php` and `local-config.json` files from the respective sample file. -* `composer install-wordpress`: Runs the WP CLI command to download and install WordPress core. To change the WordPress +* `composer install-wordpress` - Runs the WP CLI command to download and install WordPress core. To change the WordPress version, update the `--version` value for this script. -* `composer phpcs`: Run PHPCS on the project. -* `composer phpcbf`: Run PHPCBF on the project. -* `composer phpstan`: Run PHPStan on the project. -* `composer update-db`: Runs the WP CLI command to update the WordPress database. This is often required after a version update. +* `composer phpcs` - Run PHPCS on the project. +* `composer phpcbf` - Run PHPCBF on the project. +* `composer phpstan` - Run PHPStan on the project. +* `composer update-db` - Runs the WP CLI command to update the WordPress database. This is often required after a version update. ## Updating WordPress diff --git a/docs/npm.md b/docs/npm.md index c609a09a..39a474b1 100644 --- a/docs/npm.md +++ b/docs/npm.md @@ -27,12 +27,12 @@ for local development follow the steps below: ## NPM Scripts -* `npm run dist`: Builds production versions of all assets. -* `npm run build`: Builds non-production versions of all assets. -* `npm run dev`: Builds dev assets and starts an instance of browsersync to handle live-reload for changes. -* `npm run format`: Runs Prettier on all theme assets (css, scss, js, & json files). -* `npm run lint`: Prettifies, lints (and fixes) theme & root assets (css, scss, js, & json files). -* `npm run create-block`: Starts an interactive shell script to generate a new block per WordPress's +* `npm run dist` - Builds production versions of all assets. +* `npm run build` - Builds non-production versions of all assets. +* `npm run dev` - Builds dev assets and starts an instance of browsersync to handle live-reload for changes. +* `npm run format` - Runs Prettier on all theme assets (css, scss, js, & json files). +* `npm run lint` - Prettifies, lints (and fixes) theme & root assets (css, scss, js, & json files). +* `npm run create-block` - Starts an interactive shell script to generate a new block per WordPress's [Create Block script](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-create-block/) and the theme config. Several scripts have sub-tasks that can be run individually. Reference `package.json` for details. From 37519b1a09c021ced691524ef1e42db05ab885c8 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 11:21:53 -0600 Subject: [PATCH 082/130] Add Lando docs and reorganize readme --- README.md | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 9cd60d04..4e6e9cec 100644 --- a/README.md +++ b/README.md @@ -28,10 +28,26 @@ necessary local config files for the project. ## Documentation -### NPM Packages, Scripts & Building Frontend Assets - -NPM is used for managing frontend dependencies and npm scripts for managing the frontend assets. Learn more about the -available scripts and how to use them in the [NPM Docs](./docs/npm.md). +### Lando + +Lando is the preferred local development environment for this project. It provides a consistent environment for all team +members to use and provides a number of helpful features. Below are a number of helpful Lando commands to know: + +* `lando start` - Starts the local development environment. +* `lando stop` - Stops the local development environment. +* `lando poweroff` - Completely shuts down all running Lando services. +* `lando db-export` - Exports the project database to a file in the project root. +* `lando db-import ` - Imports a database file into the project database. This file must be located within +* the project directory. it can be either an archived (`.zip`) or unarchived SQL (`.sql`) file. +* `lando composer ` - Runs a composer command within the project container. +* `lando wp ` - Runs a WP-CLI command within the project container. +* `lando rebuild` - Rebuilds the project containers. This is useful if you need to update the PHP version or there have +been other changes to the project's Lando configuration. This is a non-destructive action and will not delete any data. +* `lando destroy` - Destroys the local development environment. *WARNING:* This is a destructive action and will delete +the existing data within the project database and completely remove all the project containers. It will not delete the +project files on your local machine. + +For further documentation on Lando, please visit the [Lando Docs](https://docs.lando.dev/). ### Composer @@ -43,8 +59,10 @@ day-today PHP development. You can learn more about the available scripts and ho To update the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. -### Lando Updates -TBD: outline lando commands, db management, etc. +### NPM Packages, Scripts & Building Frontend Assets + +NPM is used for managing frontend dependencies and npm scripts for managing the frontend assets. Learn more about the +available scripts and how to use them in the [NPM Docs](./docs/npm.md). ### 1Password CLI TBD: outline 1Password CLI integration @@ -56,8 +74,8 @@ We use GitHub Action as a CI for deployments, testing and many other features. T ### Additional Documentation Specific features and functionality may have additional documentation in the [./docs](./docs) folder. -* [NPM Packages, Scripts & Building Assets](./docs/npm.md) * [Composer](./docs/composer.md) +* [NPM Packages, Scripts & Building Assets](./docs/npm.md) * [GitHub Actions](./docs/actions.md) * [PHP Tests](./docs/php-tests.md) * [Create Block Script Templates](./docs/block-templates.md) From 37863bc4dff0e96ed9eecd8bf0674281ccbf0f8c Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 11:22:55 -0600 Subject: [PATCH 083/130] Lando docs updates. --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 4e6e9cec..a8a5e047 100644 --- a/README.md +++ b/README.md @@ -36,11 +36,11 @@ members to use and provides a number of helpful features. Below are a number of * `lando start` - Starts the local development environment. * `lando stop` - Stops the local development environment. * `lando poweroff` - Completely shuts down all running Lando services. -* `lando db-export` - Exports the project database to a file in the project root. -* `lando db-import ` - Imports a database file into the project database. This file must be located within -* the project directory. it can be either an archived (`.zip`) or unarchived SQL (`.sql`) file. * `lando composer ` - Runs a composer command within the project container. * `lando wp ` - Runs a WP-CLI command within the project container. +* `lando db-export` - Exports the project database to a file in the project root. +* `lando db-import ` - Imports a database file into the project database. This file must be located within +the project directory. it can be either an archived (`.zip`) or unarchived SQL (`.sql`) file. * `lando rebuild` - Rebuilds the project containers. This is useful if you need to update the PHP version or there have been other changes to the project's Lando configuration. This is a non-destructive action and will not delete any data. * `lando destroy` - Destroys the local development environment. *WARNING:* This is a destructive action and will delete From 086a8ca4a449d04e95b878a60114a08862021b8c Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 12:36:11 -0600 Subject: [PATCH 084/130] Add 1Password docs. --- README.md | 9 ++++-- docs/1password-cli.md | 65 +++++++++++++++++++++++++++++++++++++++++++ docs/composer.md | 13 ++++++++- 3 files changed, 84 insertions(+), 3 deletions(-) create mode 100644 docs/1password-cli.md diff --git a/README.md b/README.md index a8a5e047..63eeff5c 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,9 @@ file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity ## Getting Started 1. Clone the repository -2. Run `composer create-auth` to create the `auth.json` file. (Assumes you are using the 1Password CLI.) +2. Run `composer create-auth` to create the `auth.json` file. (Assumes you are using the +[1Password CLI](#1password-cli). See the [Composer Docs](./docs/composer.md#Creating-an-auth-json-file) for manual +instructions.) 3. Run `lando start` to create the local environment. 4. Run `nvm use` to ensure the correct version of node is in use. 5. Run `npm install` to install the required npm dependencies. @@ -65,7 +67,10 @@ NPM is used for managing frontend dependencies and npm scripts for managing the available scripts and how to use them in the [NPM Docs](./docs/npm.md). ### 1Password CLI -TBD: outline 1Password CLI integration + +The 1Password CLI can be used to automate the creation of the `auth.json` file for composer. This file is used to store +credentials used by composer to install paid plugins like Advanced Custom Fields Pro and Gravity Forms. See the +[1Password CLI Docs](./docs/1password-cli.md) for further details. ### GitHub Actions diff --git a/docs/1password-cli.md b/docs/1password-cli.md new file mode 100644 index 00000000..7e64260f --- /dev/null +++ b/docs/1password-cli.md @@ -0,0 +1,65 @@ +# 1Password CLI + +The 1Password CLI can be used to automate the creation of the `auth.json` file for composer. This file is used to store +credentials used by composer to install paid plugins like Advanced Custom Fields Pro and Gravity Forms. + +The 1Password CLI is used both for local development and in GitHub Actions workflows. + +## Installation for Local Development + +See the [1Password CLI](https://developer.1password.com/docs/cli/get-started/) installation instructions for how to +install & authenticate with the 1Password CLI on your local machine. + +## Creating an `auth.json` File via the 1Password CLI + +Running `composer create-auth` on your local machine (not within a Lando container) will use the 1Password CLI to +create or update the `auth.json`. Note that contrary to most other composer scripts, this one cannot be run inside a +lando container because the container is not authorized to access the 1Password CLI. + +### The `auth.template.json` Template File + +Under the hood, the `composer create-auth` script uses the [1Password `op inject` command](https://developer.1password.com/docs/cli/reference/commands/inject) +to retrieve secrets from a 1Password vault and creates a new file by replacing references in the template file with +those secrets. + +## Adding or Updating Secrets + +Here are steps for adding a new authentication or secret value to the project: +1. Add a new section to the project's 1Password item. +2. Add the new secret(s) within the new section you created in the item. +3. Update the `auth.template.json` file with the new secret key(s) and placeholder value(s). +4. Run `composer create-auth` to update the `auth.json` file with the new secret(s). + +## GitHub Secrets + +1Password provides [their own GitHub Action](https://github.com/1Password/install-cli-action) that is used in the +project workflows. The following GitHub secrets are required to use the 1Password CLI in GitHub Actions: +* `OP_SERVICE_ACCOUNT_TOKEN` - (Required) A 1Password service account token. +* `OP_VAULT` - The 1Password vault where the secrets are stored. Defaults to `Engineering`. +* `OP_ITEM` - The 1Password item containing the secrets. Defaults to `MT-Composer-Auth`. + +We have configured a default service account with access to Modern Tribe's Engineering vault. This service account is +sufficient for projects that are just getting started and haven't yet purchased any client-specific licenses. + +> [!IMPORTANT] +> Modern Tribe's default 1Password service account and the plugin licenses in the MT Engineering vault are shared +> across all Modern Tribe projects and are intended for local development and Dokku environments only. If a project is +> deploying to other hosting environments, the project should be using a project-specific 1Password vault and +> client-supplied license keys for GitHub Actions. + +### 1Password Service Account Token + +To use 1Password CLI with GitHub Actions, you must create a [1Password service account](https://developer.1password.com/docs/service-accounts/get-started) +and populate the `OP_SERVICE_ACCOUNT_TOKEN` secret in the project's GitHub repository with the respective service +account token. You may need to ask Modern Tribe leadership or the project manager to create this account for you. + +When creating the service account, be sure that the account can only access the project's vault(s). Service accounts +cannot be modified once they are created and should not be shared between projects. + +### 1Password Vault and Item + +The `OP_VAULT` and `OP_ITEM` secrets tell the 1Password CLI which vault and item to retrieve values from. If they are +not defined, the 1Password CLI will default to the `Engineering` vault and the `MT-Composer-Auth` item. + +When creating a project-specific 1Password vault be sure to follow the structure of the `MT-Composer-Auth` item in the +Engineering vault. The structure of the auth.template.json file expects a specific 1Password item structure. diff --git a/docs/composer.md b/docs/composer.md index a441ad9c..0bfb622a 100644 --- a/docs/composer.md +++ b/docs/composer.md @@ -19,7 +19,8 @@ day-today PHP development. * `composer phpcs` - Run PHPCS on the project. * `composer phpcbf` - Run PHPCBF on the project. * `composer phpstan` - Run PHPStan on the project. -* `composer update-db` - Runs the WP CLI command to update the WordPress database. This is often required after a version update. +* `composer update-db` - Runs the WP CLI command to update the WordPress database. This is often required after a +version update. ## Updating WordPress @@ -37,6 +38,16 @@ options. 1. Check the plugin files into the repository directly. This is the simplest option but is not ideal for a number of reasons, including licensing, security, and ease of management. +### Creating an auth.json File + +If the plugin maker provides a composer-based installation method, you will likely create an `auth.json` file to +store the required credentials. This file is used by composer to install the plugin. This project provides an +auth.json template file that the 1Password CLI can use to automatically generate the required `auth.json` file. See the +[1Password CLI Docs](./1password-cli.md) for more information on this integration. + +To manually create the `auth.json` file, copy the `auth.template.json` file to `auth.json` and update the placeholder +values within the file with the required credentials. + ## Platform Dependencies There are several PHP platform dependencies added as composer requirements. These dependencies include the required From c3d11e178b4f7a0d5619cfa2e008b33c94fca212 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 12:38:31 -0600 Subject: [PATCH 085/130] fix link. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 63eeff5c..4911d1ff 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity 1. Clone the repository 2. Run `composer create-auth` to create the `auth.json` file. (Assumes you are using the -[1Password CLI](#1password-cli). See the [Composer Docs](./docs/composer.md#Creating-an-auth-json-file) for manual +[1Password CLI](#1password-cli). See the [Composer Docs](./docs/composer.md#creating-an-authjson-file) for manual instructions.) 3. Run `lando start` to create the local environment. 4. Run `nvm use` to ensure the correct version of node is in use. From 9b584474d9efe08589a89d71e638ca32cdbaaceb Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 12:41:40 -0600 Subject: [PATCH 086/130] fix link, add 1pass docs link. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 4911d1ff..56b3f832 100644 --- a/README.md +++ b/README.md @@ -81,6 +81,7 @@ We use GitHub Action as a CI for deployments, testing and many other features. T Specific features and functionality may have additional documentation in the [./docs](./docs) folder. * [Composer](./docs/composer.md) * [NPM Packages, Scripts & Building Assets](./docs/npm.md) +* [1Password CLI](./docs/1password-cli.md) * [GitHub Actions](./docs/actions.md) * [PHP Tests](./docs/php-tests.md) * [Create Block Script Templates](./docs/block-templates.md) From b37ec1e0a41a0c4b53bf54a76d0bce69564410a7 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Tue, 31 Dec 2024 12:45:42 -0600 Subject: [PATCH 087/130] Typo! --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 5107cf28..2385ca64 100644 --- a/package.json +++ b/package.json @@ -55,10 +55,10 @@ "lint:configs": "wp-scripts lint-js \"./*.js\"", "lint:configs:fix": "wp-scripts lint-js \"./*.js\" --fix", "lint:pkg-json": "wp-scripts lint-pkg-json \"./package.json\"", - "lint:server": "npm run lint:js && npm run lint:css && npm run lint:configs && npm run lint:pkg-json" + "lint:server": "npm run lint:js && npm run lint:css && npm run lint:configs && npm run lint:pkg-json", "create-block": "cd \"$npm_package_config_coreThemeBlocksDir/tribe\" && npx @wordpress/create-block --no-plugin --namespace tribe --template $npm_package_config_coreBlockTemplatesDir", "packages-update": "wp-scripts packages-update", "check-engines": "wp-scripts check-engines", - "check-licenses": "wp-scripts check-licenses", + "check-licenses": "wp-scripts check-licenses" } } From 8096ea4a732e7f8ad26ace63575e75bfd487e31f Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 09:44:58 -0600 Subject: [PATCH 088/130] docs clean up and improvements. --- README.md | 8 ++++---- docs/1password-cli.md | 2 +- docs/composer.md | 22 +++++++++++++--------- docs/npm.md | 4 ++-- 4 files changed, 20 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 56b3f832..a393770b 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ necessary local config files for the project. ### Lando Lando is the preferred local development environment for this project. It provides a consistent environment for all team -members to use and provides a number of helpful features. Below are a number of helpful Lando commands to know: +members to use and provides a number of helpful features. Below are a number of Lando commands to know: * `lando start` - Starts the local development environment. * `lando stop` - Stops the local development environment. @@ -42,7 +42,7 @@ members to use and provides a number of helpful features. Below are a number of * `lando wp ` - Runs a WP-CLI command within the project container. * `lando db-export` - Exports the project database to a file in the project root. * `lando db-import ` - Imports a database file into the project database. This file must be located within -the project directory. it can be either an archived (`.zip`) or unarchived SQL (`.sql`) file. +the project directory. It can be either an archived (`.zip`) or unarchived SQL (`.sql`) file. * `lando rebuild` - Rebuilds the project containers. This is useful if you need to update the PHP version or there have been other changes to the project's Lando configuration. This is a non-destructive action and will not delete any data. * `lando destroy` - Destroys the local development environment. *WARNING:* This is a destructive action and will delete @@ -54,12 +54,12 @@ For further documentation on Lando, please visit the [Lando Docs](https://docs.l ### Composer Composer is configured to manage PHP dependencies. There are also a number of composer scripts set up to assist with -day-today PHP development. You can learn more about the available scripts and how to use them in the +day-t-day PHP development. You can learn more about the available scripts and how to use them in the [Composer Docs](./docs/composer.md). #### Updating WordPress -To update the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. +To adjust the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. ### NPM Packages, Scripts & Building Frontend Assets diff --git a/docs/1password-cli.md b/docs/1password-cli.md index 7e64260f..bb95b58a 100644 --- a/docs/1password-cli.md +++ b/docs/1password-cli.md @@ -62,4 +62,4 @@ The `OP_VAULT` and `OP_ITEM` secrets tell the 1Password CLI which vault and item not defined, the 1Password CLI will default to the `Engineering` vault and the `MT-Composer-Auth` item. When creating a project-specific 1Password vault be sure to follow the structure of the `MT-Composer-Auth` item in the -Engineering vault. The structure of the auth.template.json file expects a specific 1Password item structure. +Engineering vault. The structure of the `auth.template.json` file expects a specific 1Password item structure. diff --git a/docs/composer.md b/docs/composer.md index 0bfb622a..d43c5155 100644 --- a/docs/composer.md +++ b/docs/composer.md @@ -1,17 +1,18 @@ # Composer Composer is configured to manage PHP dependencies. There are also a number of composer scripts set up to assist with -day-today PHP development. +day-to-day PHP development. > [!WARNING] > Running composer commands directly on your local machine will cause conflicts if your locally installed version of > PHP is different from the version required in `composer.json`. Always be sure you have the correct version of php -> installed locally or run composer commands from within the Lando environment by prefixing them with `lando ...`. -> For example: `lando composer install`. +> installed locally or run composer commands from within the Lando environment by prefixing them with `lando ...` such +> as: `lando composer install`. ## Composer Scripts -* `composer create-auth` - Create or update the auth.json file for Composer via 1Password CLI. +* `composer create-auth` - Create or update the auth.json file for Composer via 1Password CLI. (Cannot be run within a + Lando container.) * `composer copy-local-configs` - Creates the `local-config.php` and `local-config.json` files from the respective sample file. * `composer install-wordpress` - Runs the WP CLI command to download and install WordPress core. To change the WordPress @@ -20,11 +21,11 @@ day-today PHP development. * `composer phpcbf` - Run PHPCBF on the project. * `composer phpstan` - Run PHPStan on the project. * `composer update-db` - Runs the WP CLI command to update the WordPress database. This is often required after a -version update. + WordPress version update. ## Updating WordPress -To update the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. +To adjust the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. ## Adding a Paid or Premium WordPress Plugin @@ -33,8 +34,8 @@ WordPress plugin directory and thus can't be installed from `https://wpackagist. installing such premium plugins: 1. Check to see if the plugin maker provides its own composer-based installation method. This is the best option. -Many providers including Advanced Custom Fields, Gravity Forms, and Yoast SEO provide composer-based installation -options. +Many providers including Advanced Custom Fields (ACF), Gravity Forms, and Yoast SEO provide composer-based installation +options. This project is already configured to use composer for both ACF and Gravity Forms. 1. Check the plugin files into the repository directly. This is the simplest option but is not ideal for a number of reasons, including licensing, security, and ease of management. @@ -48,9 +49,12 @@ auth.json template file that the 1Password CLI can use to automatically generate To manually create the `auth.json` file, copy the `auth.template.json` file to `auth.json` and update the placeholder values within the file with the required credentials. +> [!IMPORTANT] The populated `auth.json` file should never be checked into the git repository as it contains +> project-specific secrets (software license keys) which should never be available in source control. + ## Platform Dependencies There are several PHP platform dependencies added as composer requirements. These dependencies include the required version of PHP as well as several PHP extensions required by WordPress (`ext-exif`, `ext-gd`, `ext-intl`, & `ext-json`). These PHP extensions are installed within a [project's Dokku env](actions.md#dokku-deployment-workflows) and should not -be removed unless Dokku is not utilized by the project. +be removed unless or until Dokku is not utilized by the project. diff --git a/docs/npm.md b/docs/npm.md index 39a474b1..fd847b9c 100644 --- a/docs/npm.md +++ b/docs/npm.md @@ -14,8 +14,8 @@ To build the theme assets for your local development environment, the following ## Using Browsersync for Local Dev -To handle live-reload for changes, Moose utilizes Browsersync to watch for asset file changes and reload the browser. -In addition, Browsersync can be configured via a `local-config.json` file to proxy your local environment's +To handle live-reload for changes, this project utilizes Browsersync to watch for asset file changes and reload the +browser. In addition, Browsersync can be configured via a `local-config.json` file to proxy your local environment's SSL configuration to allow live-reloading from a specific local project URL rather than localhost. To use Browsersync for local development follow the steps below: From 5fcbf24845f885e697382b81ad5b9a7d599c4042 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 09:50:50 -0600 Subject: [PATCH 089/130] Changelog baby! --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index df331e8d..65c3672e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). Each changelog entry gets prefixed with the category of the item (Added, Changed, Depreciated, Removed, Fixed, Security). +## [2025.01] +- Added: 1Password CLI integration for automating the creation of auth.json files. +- Added: A composite GitHub action for composer installs. This composite action can be used in any workflow files that need to composer install. +- Updated: `lando start` now automatically creates local config files and composer installs on first run. This eliminates those as manual steps when starting a project for the first time. +- Updated: Misc small tweaks to composer & package files & scripts for consistency and ease of use. +- Updated: GitHub action workflows to use new composite action for composer installs as well other small improvements and updates to workflows +- Updated: Readme.md and docs for clarity and simplification. + ## [2024.08] - Updated: Moose 2.0; See specific updates in the [Github PR here](https://github.com/moderntribe/moose/pull/152). Design requirements in the [Jira ticket here](https://moderntribe.atlassian.net/browse/MOOSE-99). - Chore: Github Action workflow updates to use the latest versions of actions/cache. From 15932d7b474d2226253755b10fa70eeb8770fae1 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 10:01:48 -0600 Subject: [PATCH 090/130] Reformat changelog. --- CHANGELOG.md | 130 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 89 insertions(+), 41 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6fb26b41..0185b0cc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,83 +1,122 @@ # Changelog -All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). Each changelog entry gets prefixed with the category of the item (Added, Changed, Depreciated, Removed, Fixed, Security). +All notable changes to this project will be documented in this file. The format is based +on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +Each changelog entry should be prefixed with the category of the item (Added, Changed, Depreciated, Removed, Fixed, +Security). ## [2025.01] -- Added: ability for table blocks to utilize the `overflow-x` set on them by setting a `min-width` property for the + +- Added: ability for table blocks to utilize the `overflow-x` set on them by setting a `min-width` property for the `table` element within the table block. -- Updated: Enabled background images on the Group block; We should try to use this instead of the Cover block where +- Updated: Enabled background images on the Group block; We should try to use this instead of the Cover block where possible. - Added: 1Password CLI integration for automating the creation of auth.json files. -- Added: A composite GitHub action for composer installs. This composite action can be used in any workflow files that need to composer install. -- Updated: `lando start` now automatically creates local config files and composer installs on first run. This eliminates those as manual steps when starting a project for the first time. +- Added: A composite GitHub action for composer installs. This composite action can be used in any workflow files that + need to composer install. +- Updated: `lando start` now automatically creates local config files and composer installs on first run. This + eliminates those as manual steps when starting a project for the first time. - Updated: Misc small tweaks to composer & package files & scripts for consistency and ease of use. -- Updated: GitHub action workflows to use new composite action for composer installs as well other small improvements and updates to workflows +- Updated: GitHub action workflows to use new composite action for composer installs as well other small improvements + and updates to workflows - Updated: Readme.md and docs for clarity and simplification. ## [2024.08] -- Updated: Moose 2.0; See specific updates in the [Github PR here](https://github.com/moderntribe/moose/pull/152). Design requirements in the [Jira ticket here](https://moderntribe.atlassian.net/browse/MOOSE-99). + +- Updated: Moose 2.0; See specific updates in the [Github PR here](https://github.com/moderntribe/moose/pull/152). + Design requirements in the [Jira ticket here](https://moderntribe.atlassian.net/browse/MOOSE-99). - Chore: Github Action workflow updates to use the latest versions of actions/cache. - Chore: Github Action tests job removed to conserve resources. Tests should be run locally. - Updated: Composer PHP minimum requirement set to 8.2 to match expected platform version. - Updated: GHA Code quality workflow dispatch to Pull Requests opened. ## [2024.07] + - Chore: WP version to 6.6.1 -- Chore: Package updates for composer & NPM, including plugins: limit-login-attempts-reloaded (2.26.11 => 2.26.12), seo-by-rank-math (1.0.221 => 1.0.224), advanced-custom-fields-pro (6.3.2.1 => 6.3.4), user-switching (1.7.3 => 1.8.0). -- Removed: We were previously using some overrides to handle nested Group block layouts. With some updates in WP 6.6 these classes are no longer necessary as WP handles this use case in core now. +- Chore: Package updates for composer & NPM, including plugins: limit-login-attempts-reloaded (2.26.11 => 2.26.12), + seo-by-rank-math (1.0.221 => 1.0.224), advanced-custom-fields-pro (6.3.2.1 => 6.3.4), user-switching (1.7.3 => 1.8.0). +- Removed: We were previously using some overrides to handle nested Group block layouts. With some updates in WP 6.6 + these classes are no longer necessary as WP handles this use case in core now. - Updated: Composer PHP platform to PHP 8.2. - Updated: Lando composer config to use 2-latest. ## [2024.06] -- Changed: Renamed and added a finish job to the Dokku Deploy App workflow so that it doesn't fail when all 3 app jobs are skipped. + +- Changed: Renamed and added a finish job to the Dokku Deploy App workflow so that it doesn't fail when all 3 app jobs + are skipped. - Changed: Renamed the code quality workflow from "Workflow" to "Code Quality Checks" and renamed the file accordingly. -- Updated: Updated GitHub default & 3rd-party action versions to eliminate [node version warnings](https://github.com/moderntribe/moose/actions/runs/9617664104). +- Updated: Updated GitHub default & 3rd-party action versions to + eliminate [node version warnings](https://github.com/moderntribe/moose/actions/runs/9617664104). - Chore: WP version to 6.5.5 -- Chore: Composer updates including plugins: limit-login-attempts-reloaded (2.26.8 => 2.26.11), seo-by-rank-math (1.0.218 => 1.0.221), social-sharing-block (1.1.0 => 1.2.0), advanced-custom-fields-pro (6.2.9 => 6.3.2.1) +- Chore: Composer updates including plugins: limit-login-attempts-reloaded (2.26.8 => 2.26.11), seo-by-rank-math ( + 1.0.218 => 1.0.221), social-sharing-block (1.1.0 => 1.2.0), advanced-custom-fields-pro (6.2.9 => 6.3.2.1) - Added: Create WP Controls script & documentation. -- Changed: Column block now uses the Create WP Controls script to create the "stacking order" controls. -- Updated: theme.json version and related adjustments for WP v6.6. [Reference](https://make.wordpress.org/core/2024/06/19/theme-json-version-3/) +- Changed: Column block now uses the Create WP Controls script to create the "stacking order" controls. +- Updated: theme.json version and related adjustments for WP + v6.6. [Reference](https://make.wordpress.org/core/2024/06/19/theme-json-version-3/) - Updated: Remove some old, commented out css from our reset that is no longer causing issues. -- Updated: root style selector updates per [Core's specificity updates](https://make.wordpress.org/core/2024/06/21/wordpress-6-6-css-specificity/). +- Updated: root style selector updates + per [Core's specificity updates](https://make.wordpress.org/core/2024/06/21/wordpress-6-6-css-specificity/). - Changed: Remove the injectChanges parameter from BrowserSync config as css injection doesn't work. - Changed: Update the `dist` npm script to use the `production` ENV value so that assets are minified. - Added: A `build` npm task to build non-minified assets on demand. - Updated: `theme.json` objects should now be ordered alphabetically in order to more easily find properties. -- Updated: `theme.json` now allows you to style block style variations using the `variations` property - so some styling has been moved out of `.scss` files and into `theme.json` to reflect this. -- Changed: Query Pagination styles were somewhat confusing, it should now be properly nested so the hierarchy makes sense. -- Added: [Documentation](./docs/supported-block-features.md) surrounding what features of Gutenberg Moose disables by default. -- Removed: Block content filters that add the block class name to the Core List and Paragraph blocks. [List blocks now have their class name added via Core](https://make.wordpress.org/core/2024/06/24/miscellaneous-editor-changes-in-wordpress-6-6/#Added-wp-block-list-class-to-the-list-block) and Paragraphs are targeted via their element. - +- Updated: `theme.json` now allows you to style block style variations using the `variations` property - so some styling + has been moved out of `.scss` files and into `theme.json` to reflect this. +- Changed: Query Pagination styles were somewhat confusing, it should now be properly nested so the hierarchy makes + sense. +- Added: [Documentation](./docs/supported-block-features.md) surrounding what features of Gutenberg Moose disables by + default. +- Removed: Block content filters that add the block class name to the Core List and Paragraph + blocks. [List blocks now have their class name added via Core](https://make.wordpress.org/core/2024/06/24/miscellaneous-editor-changes-in-wordpress-6-6/#Added-wp-block-list-class-to-the-list-block) + and Paragraphs are targeted via their element. ## [2024.05] + - Updated: Pattern definition consistency for usage of `Inserter:` - Updated: Post pattern now shows up in the pattern selector when adding a new post. - Updated: Post pattern should now have a layout more consistent with designs we've been seeing -- Updated: Search Result Post Card should now use the Read More block instead of the Post Title block for it's link wrapper +- Updated: Search Result Post Card should now use the Read More block instead of the Post Title block for it's link + wrapper - Updated: Search template has been updated to reflect this card change -- Removed: Utility that helped the Post Title block act as a link wrapper for cards. It's not being used anywhere within core Moose anymore, so it's not needed. +- Removed: Utility that helped the Post Title block act as a link wrapper for cards. It's not being used anywhere within + core Moose anymore, so it's not needed. - Chore: Composer updates including plugins: seo-by-rank-math:1.0.218, block-editor-custom-alignment:1.0.7 - Chore: WP version to 6.5.2 ## [2024.04] + - Removed: `example` custom block in favor of custom block generation through `npm run create-block`. -- Added: Custom block external template (+ documentation) that allows us to quickly create blocks through the command line using `npm run create-block`. [[MOOSE-77]](https://moderntribe.atlassian.net/browse/MOOSE-77) -- Changed: Remove Gravity Forms as a composer dependency and the respective mtribe.site composer utility. Gravity Forms should be added directly to a project repo when required. -- Chore: Composer updates including plugins: advanced-custom-fields-pro:6.2.9, duracelltomi-google-tag-manager:1.20.2, limit-login-attempts-reloaded:2.26.8, safe-svg:2.2.4, seo-by-rank-math:1.0.216, user-switching:1.7.3 -- Chore: Update NPM packages, including swapping browser-sync-webpack-plugin to browser-sync-v3-webpack-plugin for correct version support. +- Added: Custom block external template (+ documentation) that allows us to quickly create blocks through the command + line using `npm run create-block`. [[MOOSE-77]](https://moderntribe.atlassian.net/browse/MOOSE-77) +- Changed: Remove Gravity Forms as a composer dependency and the respective mtribe.site composer utility. Gravity Forms + should be added directly to a project repo when required. +- Chore: Composer updates including plugins: advanced-custom-fields-pro:6.2.9, duracelltomi-google-tag-manager:1.20.2, + limit-login-attempts-reloaded:2.26.8, safe-svg:2.2.4, seo-by-rank-math:1.0.216, user-switching:1.7.3 +- Chore: Update NPM packages, including swapping browser-sync-webpack-plugin to browser-sync-v3-webpack-plugin for + correct version support. ## [2024.03] -- Fixed: Fixed an issue with the Terms block where if a post ID wasn't provided it would error out. [Panopto Slack thread.](https://tribe.slack.com/archives/C061UC7B2F9/p1710250320818599) -- Added: Styling for editor title bar (http://p.tri.be/i/Dszjax). [[MOOSE-111]](https://moderntribe.atlassian.net/browse/MOOSE-111) + +- Fixed: Fixed an issue with the Terms block where if a post ID wasn't provided it would error + out. [Panopto Slack thread.](https://tribe.slack.com/archives/C061UC7B2F9/p1710250320818599) +- Added: Styling for editor title + bar (http://p.tri.be/i/Dszjax). [[MOOSE-111]](https://moderntribe.atlassian.net/browse/MOOSE-111) - Added: Allow `view.js` files for blocks. [[MOOSE-86]](https://moderntribe.atlassian.net/browse/MOOSE-86) -- Changed: `render_template` function for ACF blocks should now properly pass in all block variables. [[MOOSE-81]](https://moderntribe.atlassian.net/browse/MOOSE-81) -- Changed: Layout styles are now properly separated between FE & editor. [[MOOSE-84]](https://moderntribe.atlassian.net/browse/MOOSE-84) -- Changed: `theme.json` now contains static widths for content and wide widths. [[MOOSE-84]](https://moderntribe.atlassian.net/browse/MOOSE-84) -- Added: `theme.json` now contains a new static "grid" width. [[MOOSE-84]](https://moderntribe.atlassian.net/browse/MOOSE-84) +- Changed: `render_template` function for ACF blocks should now properly pass in all block + variables. [[MOOSE-81]](https://moderntribe.atlassian.net/browse/MOOSE-81) +- Changed: Layout styles are now properly separated between FE & + editor. [[MOOSE-84]](https://moderntribe.atlassian.net/browse/MOOSE-84) +- Changed: `theme.json` now contains static widths for content and wide + widths. [[MOOSE-84]](https://moderntribe.atlassian.net/browse/MOOSE-84) +- Added: `theme.json` now contains a new static "grid" + width. [[MOOSE-84]](https://moderntribe.atlassian.net/browse/MOOSE-84) ## [2024.02] + - Chore: WordPress 6.4.3 Update -- Chore: Plugin updates: advanced-custom-fields-pro:6.2.6, gravityforms:2.8.3, duracelltomi-google-tag-manager:1.20,, limit-login-attempts-reloaded:2.26.2,seo-by-rank-math:1.0.212 +- Chore: Plugin updates: advanced-custom-fields-pro:6.2.6, gravityforms:2.8.3, duracelltomi-google-tag-manager:1.20,, + limit-login-attempts-reloaded:2.26.2,seo-by-rank-math:1.0.212 ## [2023.12] @@ -88,13 +127,15 @@ All notable changes to this project will be documented in this file. The format ## [2023.11] - Chore: WordPress 6.4.1 Update -- Chore: Plugin updates - advanced-custom-fields-pro:6.2.2, limit-login-attempts-reloaded:2.25.26, seo-by-rank-math:1.0.205, safe-svg:2.2.1 +- Chore: Plugin updates - advanced-custom-fields-pro:6.2.2, limit-login-attempts-reloaded:2.25.26, seo-by-rank-math: + 1.0.205, safe-svg:2.2.1 - Updated: Only exclude the node_modules folder if it is in the root of the project. ## [2023.10] - Chore: Update package.json dependencies and related scripts. Update supported browsers (browserlist). -- Added: Terms block v1.0.0. Displays a set of terms for a given taxonomy. Is able to display those terms in a few different ways (links, pills). +- Added: Terms block v1.0.0. Displays a set of terms for a given taxonomy. Is able to display those terms in a few + different ways (links, pills). - Updated: WordPress Core update to 6.3.2 - Updated: Disable Emojis to 1.7.6, Limit Login Attempts Reloaded to 2.25.25, RankMath to 1.0.203, ACF Pro to 6.2.1.1 - Adds: Lighthouse GitHub Action for automatic track of SEO, Accessability, Performance, and Best Practices. @@ -104,14 +145,19 @@ All notable changes to this project will be documented in this file. The format - Added: GTM4WP Plugin for handling Google Tag Manager. - Updated: Deployments to use the secrets.COMPOSER_AUTH_JSON for auth.json file. - Updated: Composer method for pulling in ACF requiring the use of a auth.json file. -- Updated: WordPress core to 6.3, ACF to 6.2, Gravity Forms to 2.7.12, Local Lando PHP version to 8.1, Yoast SEO to ^20.1. +- Updated: WordPress core to 6.3, ACF to 6.2, Gravity Forms to 2.7.12, Local Lando PHP version to 8.1, Yoast SEO to + ^20.1. - Updated: Misc composer packages updated to match local PHP version -- Added: Stacking order controls on the Column block. This allows editors to control what order columns appear in at mobile widths. -- Updated: Swapped Yoast SEO plugin out in favor of [Rank Math SEO](https://wordpress.org/plugins/seo-by-rank-math/) plugin. Remove Redirection plugin as Rank Math supports the same feature. Updated primary term helper method to support both plugins' primary term meta value. +- Added: Stacking order controls on the Column block. This allows editors to control what order columns appear in at + mobile widths. +- Updated: Swapped Yoast SEO plugin out in favor of [Rank Math SEO](https://wordpress.org/plugins/seo-by-rank-math/) + plugin. Remove Redirection plugin as Rank Math supports the same feature. Updated primary term helper method to + support both plugins' primary term meta value. ## [2023.06] -- Added: Ability to hide ACF menu item using the `HIDE_ACF_MENU` constant (boolean true hides the menu item) or if we are in a production environment. +- Added: Ability to hide ACF menu item using the `HIDE_ACF_MENU` constant (boolean true hides the menu item) or if we + are in a production environment. ## [2023.05] @@ -123,9 +169,11 @@ All notable changes to this project will be documented in this file. The format - Added: Default testing suite utilizing Slic. - Updated: local-config.json & browsersync.config.js keys to work for both Lando and LocalWP. - Updated: package.json config so npm scripts run using the config keys rather than repeated strings. -- Updated: webpack.config.js to make use of package.json config keys and fix an issue with the block.json file not being copied correctly on build. +- Updated: webpack.config.js to make use of package.json config keys and fix an issue with the block.json file not being + copied correctly on build. - Added: PostCSS custom selectors, custom media queries, and globalCSS configs and examples. -- Chore: Updated WordPress Core to v6.2, Advanced Custom Fields Pro to v6.0.7, and `composer update` for all misc dependencies and plugins. +- Chore: Updated WordPress Core to v6.2, Advanced Custom Fields Pro to v6.0.7, and `composer update` for all misc + dependencies and plugins. - Chore: Updated package.json dependencies and related scripts. - Changed: Moved CHANGELOG.md from `/.github` to project root. From 13995f5f8dc5a0f53ed3e7e219cac6c003b752b1 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 10:13:33 -0600 Subject: [PATCH 091/130] Add introduction to readme and reformat file. --- README.md | 40 +++++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index a393770b..24aa2bf3 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,20 @@ # Moose +Moose is a WordPress project starter framework. It is a collection of modular tools, configurations, and best practices +for enterprise WordPress design and development. It is designed to be a modern, flexible, and developer-friendly +starting point for WordPress projects. Features include a core plugin, core theme, technical framework, and the +requisite developer tooling to maintain a secure, consistent codebase across teams and projects. Moose is lovingly +maintained by the folks at [Modern Tribe](https://tri.be). + ## Requirements + * [Git](https://git-scm.com/) * [Composer](https://getcomposer.org/) * [Node & NPM](https://nodejs.org/) - * [NVM](https://github.com/nvm-sh/nvm) is recommended for managing multiple versions of node on the same workstation. + * [NVM](https://github.com/nvm-sh/nvm) is recommended for managing multiple versions of node on the same workstation. * [Lando](https://lando.dev/) (Optional) Provides a consistent local development environment for all team members. * [1Password CLI](https://developer.1password.com/docs/cli/) (Optional) Automates the creation of composer's `auth.json` -file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity Forms can be installed via composer. + file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity Forms can be installed via composer. > [!TIP] > This starter is designed to allow developers the freedom to use any local development tooling that works best for @@ -17,15 +24,15 @@ file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity ## Getting Started 1. Clone the repository -2. Run `composer create-auth` to create the `auth.json` file. (Assumes you are using the -[1Password CLI](#1password-cli). See the [Composer Docs](./docs/composer.md#creating-an-authjson-file) for manual -instructions.) +2. Run `composer create-auth` to create the `auth.json` file. (Assumes you are using the + [1Password CLI](#1password-cli). See the [Composer Docs](./docs/composer.md#creating-an-authjson-file) for manual + instructions.) 3. Run `lando start` to create the local environment. 4. Run `nvm use` to ensure the correct version of node is in use. 5. Run `npm install` to install the required npm dependencies. 6. Run `npm run dist` to build the theme assets. -That should be it! After Lando starts the first time, it should automatically trigger a composer install and create the +That should be it! After Lando starts the first time, it should automatically trigger a composer install and create the necessary local config files for the project. ## Documentation @@ -41,13 +48,14 @@ members to use and provides a number of helpful features. Below are a number of * `lando composer ` - Runs a composer command within the project container. * `lando wp ` - Runs a WP-CLI command within the project container. * `lando db-export` - Exports the project database to a file in the project root. -* `lando db-import ` - Imports a database file into the project database. This file must be located within -the project directory. It can be either an archived (`.zip`) or unarchived SQL (`.sql`) file. +* `lando db-import ` - Imports a database file into the project database. This file must be located within + the project directory. It can be either an archived (`.zip`) or unarchived SQL (`.sql`) file. * `lando rebuild` - Rebuilds the project containers. This is useful if you need to update the PHP version or there have -been other changes to the project's Lando configuration. This is a non-destructive action and will not delete any data. + been other changes to the project's Lando configuration. This is a non-destructive action and will not delete any + data. * `lando destroy` - Destroys the local development environment. *WARNING:* This is a destructive action and will delete -the existing data within the project database and completely remove all the project containers. It will not delete the -project files on your local machine. + the existing data within the project database and completely remove all the project containers. It will not delete the + project files on your local machine. For further documentation on Lando, please visit the [Lando Docs](https://docs.lando.dev/). @@ -63,22 +71,24 @@ To adjust the installed version of WordPress, change the `--version=` value in t ### NPM Packages, Scripts & Building Frontend Assets -NPM is used for managing frontend dependencies and npm scripts for managing the frontend assets. Learn more about the +NPM is used for managing frontend dependencies and npm scripts for managing the frontend assets. Learn more about the available scripts and how to use them in the [NPM Docs](./docs/npm.md). ### 1Password CLI -The 1Password CLI can be used to automate the creation of the `auth.json` file for composer. This file is used to store -credentials used by composer to install paid plugins like Advanced Custom Fields Pro and Gravity Forms. See the +The 1Password CLI can be used to automate the creation of the `auth.json` file for composer. This file is used to store +credentials used by composer to install paid plugins like Advanced Custom Fields Pro and Gravity Forms. See the [1Password CLI Docs](./docs/1password-cli.md) for further details. ### GitHub Actions -We use GitHub Action as a CI for deployments, testing and many other features. Take a look at the +We use GitHub Action as a CI for deployments, testing and many other features. Take a look at the [GitHub Action Docs](./docs/actions.md) to learn more about each action. ### Additional Documentation + Specific features and functionality may have additional documentation in the [./docs](./docs) folder. + * [Composer](./docs/composer.md) * [NPM Packages, Scripts & Building Assets](./docs/npm.md) * [1Password CLI](./docs/1password-cli.md) From e4a693630a0207ba52ffc36e5aeeb8435f60072d Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 10:16:00 -0600 Subject: [PATCH 092/130] moar typo! --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 24aa2bf3..ce74daa3 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,7 @@ For further documentation on Lando, please visit the [Lando Docs](https://docs.l ### Composer Composer is configured to manage PHP dependencies. There are also a number of composer scripts set up to assist with -day-t-day PHP development. You can learn more about the available scripts and how to use them in the +day-to-day PHP development. You can learn more about the available scripts and how to use them in the [Composer Docs](./docs/composer.md). #### Updating WordPress From cd8d6967e7e5957bd6abaff170fdeb12ecf3abc2 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 10:16:59 -0600 Subject: [PATCH 093/130] moar typo! --- docs/composer.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/composer.md b/docs/composer.md index d43c5155..fee0997b 100644 --- a/docs/composer.md +++ b/docs/composer.md @@ -49,7 +49,8 @@ auth.json template file that the 1Password CLI can use to automatically generate To manually create the `auth.json` file, copy the `auth.template.json` file to `auth.json` and update the placeholder values within the file with the required credentials. -> [!IMPORTANT] The populated `auth.json` file should never be checked into the git repository as it contains +> [!IMPORTANT] +> The populated `auth.json` file should never be checked into the git repository as it contains > project-specific secrets (software license keys) which should never be available in source control. ## Platform Dependencies From b5d9edfcd2455f5bf4fb4e2d2aa9d0aa09007466 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:15:06 -0600 Subject: [PATCH 094/130] Use a bash script for the WordPress installer so we can confirm that the version has changed and only run the wp-cli command if necessary. Also allows managing the Wordpress version as a composer extra value. --- composer.json | 5 +++-- dev/scripts/install-wordpress.sh | 14 ++++++++++++++ docs/composer.md | 2 +- 3 files changed, 18 insertions(+), 3 deletions(-) create mode 100755 dev/scripts/install-wordpress.sh diff --git a/composer.json b/composer.json index 60baa76f..9341fbec 100644 --- a/composer.json +++ b/composer.json @@ -26,7 +26,7 @@ "@php -r \"file_exists('local-config.php') || copy('local-config-sample.php', 'local-config.php');\"", "@php -r \"file_exists('local-config.json') || copy('local-config-sample.json', 'local-config.json');\"" ], - "install-wordpress": "./vendor/bin/wp core download --version=6.7.1 --skip-content --force", + "install-wordpress": "./dev/scripts/install-wordpress.sh", "phpcbf": "./vendor/bin/phpcbf -s", "phpcs": "./vendor/bin/phpcs", "phpstan": "./vendor/bin/phpstan analyse --memory-limit=-1", @@ -41,7 +41,7 @@ "scripts-descriptions": { "create-auth": "Create or update the auth.json file for Composer via 1Password CLI.", "copy-local-configs": "Copies the local-config.php and local-config.json files.", - "install-wordpress": "Runs the wpcli command to download and install core WordPress. To change the WordPress version, update the --version value.", + "install-wordpress": "Runs the WP CLI command to download and install WordPress. To change the WordPress version, run `composer config extra.wordpress-version `.", "phpcs": "Run PHPCS on the project.", "phpcbf": "Run PHPCBF on the project.", "phpstan": "Run PHPStan on the project.", @@ -123,6 +123,7 @@ "wpengine/advanced-custom-fields-pro": "6.3.11" }, "extra": { + "wordpress-version": "6.7.1", "installer-paths": { "wp-content/plugins/{$name}": [ "type:wordpress-plugin" diff --git a/dev/scripts/install-wordpress.sh b/dev/scripts/install-wordpress.sh new file mode 100755 index 00000000..b5e20154 --- /dev/null +++ b/dev/scripts/install-wordpress.sh @@ -0,0 +1,14 @@ +#!/bin/bash +# Simple bash script to check the current version of WordPress and update it if necessary. + +CURRENT_VERSION=$(wp core version) +REQUESTED_VERSION=$(composer config extra.wordpress-version) + +if [ "$CURRENT_VERSION" == "$REQUESTED_VERSION" ]; then + echo "WordPress is already at version $REQUESTED_VERSION. Skipping install." + exit 0 +fi + +echo "Updating WordPress to version $REQUESTED_VERSION..." +wp core download --version=$REQUESTED_VERSION --skip-content --force +exit 0; diff --git a/docs/composer.md b/docs/composer.md index fee0997b..a6789a60 100644 --- a/docs/composer.md +++ b/docs/composer.md @@ -25,7 +25,7 @@ day-to-day PHP development. ## Updating WordPress -To adjust the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. +To adjust the installed version of WordPress, run `composer config extra.wordpress-version ` and then `composer install-wordpress`. ## Adding a Paid or Premium WordPress Plugin From af529dc534be8d499a546734afb8b250ed28f98e Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:18:50 -0600 Subject: [PATCH 095/130] Use a script to generate local config files so we can automatically generate the JSON file using the project's Lando config. --- composer.json | 7 ++-- dev/scripts/create-local-configs.php | 54 ++++++++++++++++++++++++++++ docs/composer.md | 4 +-- 3 files changed, 58 insertions(+), 7 deletions(-) create mode 100644 dev/scripts/create-local-configs.php diff --git a/composer.json b/composer.json index 9341fbec..9bd8fac5 100644 --- a/composer.json +++ b/composer.json @@ -22,10 +22,7 @@ "prefer-stable": true, "scripts": { "create-auth": "op inject -i auth.template.json -o auth.json", - "copy-local-configs": [ - "@php -r \"file_exists('local-config.php') || copy('local-config-sample.php', 'local-config.php');\"", - "@php -r \"file_exists('local-config.json') || copy('local-config-sample.json', 'local-config.json');\"" - ], + "create-local-configs": "php ./dev/scripts/create-local-configs.php", "install-wordpress": "./dev/scripts/install-wordpress.sh", "phpcbf": "./vendor/bin/phpcbf -s", "phpcs": "./vendor/bin/phpcs", @@ -40,7 +37,7 @@ }, "scripts-descriptions": { "create-auth": "Create or update the auth.json file for Composer via 1Password CLI.", - "copy-local-configs": "Copies the local-config.php and local-config.json files.", + "create-local-configs": "Creates local config files for the project.", "install-wordpress": "Runs the WP CLI command to download and install WordPress. To change the WordPress version, run `composer config extra.wordpress-version `.", "phpcs": "Run PHPCS on the project.", "phpcbf": "Run PHPCBF on the project.", diff --git a/dev/scripts/create-local-configs.php b/dev/scripts/create-local-configs.php new file mode 100644 index 00000000..977bbfd1 --- /dev/null +++ b/dev/scripts/create-local-configs.php @@ -0,0 +1,54 @@ +appserver->via === 'apache' ? $lando_info->appserver : $lando_info->appserver_nginx; + +// Get the cert directory by removing the root `/lando` directory from Lando's internal cert path +$cert_directory = str_replace( '/lando', '', dirname( getenv( 'LANDO_SERVICE_CERT' ) ) ); + +// Create the config array +$config = [ + // Append Lando's cert directory to Lando's local config directory path + 'certPath' => getenv( 'LANDO_CONFIG_DIR' ) . $cert_directory, + // Set the cert name to the base name of Lando's nginx cert path without the `.internal` extension + 'certName' => basename( $http_service_info->hostnames[0], '.internal' ), + // Set the host from Lando's appserver_nginx service URL + 'host' => parse_url( $http_service_info->urls[0] )['host'], + 'protocol' => 'https' +]; + +// Write the config values to local-config.json +file_put_contents( 'local-config.json', json_encode( $config, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES ) ); + +exit; diff --git a/docs/composer.md b/docs/composer.md index a6789a60..22f576b5 100644 --- a/docs/composer.md +++ b/docs/composer.md @@ -13,8 +13,8 @@ day-to-day PHP development. * `composer create-auth` - Create or update the auth.json file for Composer via 1Password CLI. (Cannot be run within a Lando container.) -* `composer copy-local-configs` - Creates the `local-config.php` and `local-config.json` files from the respective - sample file. +* `composer create-local-configs` - Creates the `local-config.php` and `local-config.json` files as needed for the + project. * `composer install-wordpress` - Runs the WP CLI command to download and install WordPress core. To change the WordPress version, update the `--version` value for this script. * `composer phpcs` - Run PHPCS on the project. From f6eb7237a5c58e12c3dc815f4d0a21d9a1015c07 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:22:41 -0600 Subject: [PATCH 096/130] Whitespace and update build events to only create the local configs. --- .lando.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.lando.yml b/.lando.yml index 8d321b54..4bf18d09 100644 --- a/.lando.yml +++ b/.lando.yml @@ -1,5 +1,6 @@ name: moose recipe: wordpress + config: php: '8.3' database: mariadb:11.5 @@ -7,11 +8,11 @@ config: via: nginx xdebug: false memcached: true + services: appserver: - run: - - composer install - - composer run copy-local-configs + build: + - composer create-local-configs overrides: environment: - XDEBUG_TRIGGER=1 From 0ef40457bf7e31b86acaf5d53c379279bd94ff5b Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:23:34 -0600 Subject: [PATCH 097/130] Add a node server so we can automatically install & build the fe assets when the project starts. --- .lando.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.lando.yml b/.lando.yml index 4bf18d09..32813c41 100644 --- a/.lando.yml +++ b/.lando.yml @@ -16,6 +16,8 @@ services: overrides: environment: - XDEBUG_TRIGGER=1 + node: + type: node:22 # Enabling MailHog will cause an error on start: `/bin/sh: 1: curl: not found`. # Related GH Issue: https://github.com/lando/mailhog/issues/35 From 451dc17d8e6294a4f5823b8bac4fc3c0bfc836a8 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:24:08 -0600 Subject: [PATCH 098/130] Automatically run composer install, npm install and build the non-production assets on project start up. --- .lando.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.lando.yml b/.lando.yml index 32813c41..940ede54 100644 --- a/.lando.yml +++ b/.lando.yml @@ -33,6 +33,11 @@ services: # - appserver_nginx # - appserver +events: + post-start: + - appserver: composer install + - node: npm install && npm run build + tooling: xdebug-on: service: appserver From b74bde13f11d95c6ca9a0f5416d764fe834dbd3e Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:29:18 -0600 Subject: [PATCH 099/130] Update docs for new NPM tooling. --- README.md | 9 ++++----- docs/npm.md | 26 ++++++++++++++++---------- 2 files changed, 20 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index ce74daa3..e540aa73 100644 --- a/README.md +++ b/README.md @@ -28,12 +28,11 @@ maintained by the folks at [Modern Tribe](https://tri.be). [1Password CLI](#1password-cli). See the [Composer Docs](./docs/composer.md#creating-an-authjson-file) for manual instructions.) 3. Run `lando start` to create the local environment. -4. Run `nvm use` to ensure the correct version of node is in use. -5. Run `npm install` to install the required npm dependencies. -6. Run `npm run dist` to build the theme assets. -That should be it! After Lando starts the first time, it should automatically trigger a composer install and create the -necessary local config files for the project. +That should be it! After Lando starts the first time, it will automatically create the necessary local config files for +the project. Additionally, Each time Lando starts, it will automatically run: +* `composer install` to install the latest composer dependencies. +* `npm install && npm run build` to install the latest npm dependencies and build the frontend assets. ## Documentation diff --git a/docs/npm.md b/docs/npm.md index fd847b9c..9887d9af 100644 --- a/docs/npm.md +++ b/docs/npm.md @@ -1,26 +1,31 @@ # NPM Packages, Scripts & Building Assets NPM is used to manage frontend dependencies. There are also a number of npm scripts defined to assist in day-to-day -development. These npm scripts are based on WordPress's [WP-Scripts](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-scripts/) package. See the documentation there for -further details. +development. These npm scripts are based on +WordPress's [WP-Scripts](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-scripts/) +package. See the documentation there for further details. ## Building Assets -To build the theme assets for your local development environment, the following steps are sufficient: +If you are not working with the theme assets locally, and you are using Lando, you can skip this section. Lando will +automatically build the assets for you each time the project is started. To manually build the theme assets for your +local development environment, use the following steps: 1. In the root of the project, run `nvm use` to confirm the correct version of node is in-use. 1. Run `npm install` to install the required dependencies. -1. Run `npm run dist` to build the production assets +1. Run `npm run build` to build the non-production assets. ## Using Browsersync for Local Dev -To handle live-reload for changes, this project utilizes Browsersync to watch for asset file changes and reload the -browser. In addition, Browsersync can be configured via a `local-config.json` file to proxy your local environment's -SSL configuration to allow live-reloading from a specific local project URL rather than localhost. To use Browsersync -for local development follow the steps below: +To handle live-reload for changes, this project utilizes Browsersync to watch for asset file changes and reload the +browser. In addition, Browsersync can be configured via a `local-config.json` file to proxy your local environment's +SSL configuration to allow live-reloading from a specific local project URL rather than localhost. + +Lando will automatically generate an proper local-config.json file the first time a project is started. If you are not +using Lando, you'll need to manually create this file using the steps below: 1. Duplicate the `local-config-sample.json` file into a git-ignored `local-config.json` and update the `certsPath`, -`certName` and `host` values to match your local dev set up. Examples are provided for Lando and LocalWP. + `certName` and `host` values to match your local dev set up. Examples are provided for Lando and LocalWP. 1. In the root of the project, run `nvm use` to confirm the correct version of node is in-use. 1. Run `npm install` to install the required dependencies. 1. Run `npm run dev` to start the webpack watch & browsersync tasks. @@ -33,7 +38,8 @@ for local development follow the steps below: * `npm run format` - Runs Prettier on all theme assets (css, scss, js, & json files). * `npm run lint` - Prettifies, lints (and fixes) theme & root assets (css, scss, js, & json files). * `npm run create-block` - Starts an interactive shell script to generate a new block per WordPress's - [Create Block script](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-create-block/) and the theme config. + [Create Block script](https://developer.wordpress.org/block-editor/reference-guides/packages/packages-create-block/) + and the theme config. Several scripts have sub-tasks that can be run individually. Reference `package.json` for details. Additionally, there are several scripts aliased directly from wp-scripts that may be useful: From e393cdcc9f3063c57831e3750190638bdbb1555f Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:29:42 -0600 Subject: [PATCH 100/130] Add Lando xDebug commands to docs. --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index e540aa73..72d6447e 100644 --- a/README.md +++ b/README.md @@ -55,6 +55,8 @@ members to use and provides a number of helpful features. Below are a number of * `lando destroy` - Destroys the local development environment. *WARNING:* This is a destructive action and will delete the existing data within the project database and completely remove all the project containers. It will not delete the project files on your local machine. +* `lando xdebug-on` - Enables Xdebug in the project container (xDebug is disabled by default). +* `lando xdebug-off` - Disables Xdebug in the project container (xDebug is disabled by default). For further documentation on Lando, please visit the [Lando Docs](https://docs.lando.dev/). From 5b8f024ee6387f783d7d0d123684aa3930a93e0c Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:33:06 -0600 Subject: [PATCH 101/130] Changelog entry. --- CHANGELOG.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0185b0cc..dbd0f616 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,10 @@ Each changelog entry should be prefixed with the category of the item (Added, Ch Security). ## [2025.01] - +- Added: Node service to Lando so FE assets can be build automatically on start up. +- Updated: project start up scripts to automatically generate the correct contents of the lcoal config files. +- Updated: script to install WordPress so we can use a version constant and not install WP every time composer is + installed or updated. - Added: ability for table blocks to utilize the `overflow-x` set on them by setting a `min-width` property for the `table` element within the table block. - Updated: Enabled background images on the Group block; We should try to use this instead of the Cover block where From 1a3a141f5e01925b63f165e2bac547c16fb101f3 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:39:49 -0600 Subject: [PATCH 102/130] Editing for clarity. --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 72d6447e..1071dbd5 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,8 @@ maintained by the folks at [Modern Tribe](https://tri.be). * [Git](https://git-scm.com/) * [Composer](https://getcomposer.org/) * [Node & NPM](https://nodejs.org/) - * [NVM](https://github.com/nvm-sh/nvm) is recommended for managing multiple versions of node on the same workstation. + * [NVM](https://github.com/nvm-sh/nvm) is recommended for managing multiple versions of node on the same + workstation. * [Lando](https://lando.dev/) (Optional) Provides a consistent local development environment for all team members. * [1Password CLI](https://developer.1password.com/docs/cli/) (Optional) Automates the creation of composer's `auth.json` file so that paid 3rd-party plugins like Advanced Custom Fields Pro and Gravity Forms can be installed via composer. @@ -30,9 +31,9 @@ maintained by the folks at [Modern Tribe](https://tri.be). 3. Run `lando start` to create the local environment. That should be it! After Lando starts the first time, it will automatically create the necessary local config files for -the project. Additionally, Each time Lando starts, it will automatically run: -* `composer install` to install the latest composer dependencies. -* `npm install && npm run build` to install the latest npm dependencies and build the frontend assets. +the project. Additionally, each time Lando starts it will automatically run `composer install` and +`npm install && npm run build` make sure all the project dependencies are installed and the theme assets have been +built. ## Documentation From 909b844236c59f906d459191fc235660afc8ebeb Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:42:21 -0600 Subject: [PATCH 103/130] Updating comments in script. --- dev/scripts/create-local-configs.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dev/scripts/create-local-configs.php b/dev/scripts/create-local-configs.php index 977bbfd1..ca6c6ae0 100644 --- a/dev/scripts/create-local-configs.php +++ b/dev/scripts/create-local-configs.php @@ -41,9 +41,9 @@ $config = [ // Append Lando's cert directory to Lando's local config directory path 'certPath' => getenv( 'LANDO_CONFIG_DIR' ) . $cert_directory, - // Set the cert name to the base name of Lando's nginx cert path without the `.internal` extension + // Set the cert name to the base name of Lando's hostname without the `.internal` extension 'certName' => basename( $http_service_info->hostnames[0], '.internal' ), - // Set the host from Lando's appserver_nginx service URL + // Set the host from Lando's service URL 'host' => parse_url( $http_service_info->urls[0] )['host'], 'protocol' => 'https' ]; From 611a9452996536c0569e8d900053c1e68da87a9b Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:46:52 -0600 Subject: [PATCH 104/130] More editing on the docs. --- README.md | 3 ++- docs/composer.md | 27 ++++++++++++++------------- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 1071dbd5..112a5e38 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,8 @@ day-to-day PHP development. You can learn more about the available scripts and h #### Updating WordPress -To adjust the installed version of WordPress, change the `--version=` value in the `install-wordpress` composer script. +To adjust the installed version of WordPress, run `composer config extra.wordpress-version ` and then +`composer install-wordpress`. ### NPM Packages, Scripts & Building Frontend Assets diff --git a/docs/composer.md b/docs/composer.md index 22f576b5..46f45321 100644 --- a/docs/composer.md +++ b/docs/composer.md @@ -13,19 +13,19 @@ day-to-day PHP development. * `composer create-auth` - Create or update the auth.json file for Composer via 1Password CLI. (Cannot be run within a Lando container.) -* `composer create-local-configs` - Creates the `local-config.php` and `local-config.json` files as needed for the +* `composer create-local-configs` - Creates the `local-config.php` and `local-config.json` files as needed for the project. -* `composer install-wordpress` - Runs the WP CLI command to download and install WordPress core. To change the WordPress - version, update the `--version` value for this script. +* `composer install-wordpress` - Runs the WP CLI command to download and install WordPress core. * `composer phpcs` - Run PHPCS on the project. * `composer phpcbf` - Run PHPCBF on the project. * `composer phpstan` - Run PHPStan on the project. -* `composer update-db` - Runs the WP CLI command to update the WordPress database. This is often required after a +* `composer update-db` - Runs the WP CLI command to update the WordPress database. This is often required after a WordPress version update. ## Updating WordPress -To adjust the installed version of WordPress, run `composer config extra.wordpress-version ` and then `composer install-wordpress`. +To adjust the installed version of WordPress, run `composer config extra.wordpress-version ` and then +`composer install-wordpress`. ## Adding a Paid or Premium WordPress Plugin @@ -34,28 +34,29 @@ WordPress plugin directory and thus can't be installed from `https://wpackagist. installing such premium plugins: 1. Check to see if the plugin maker provides its own composer-based installation method. This is the best option. -Many providers including Advanced Custom Fields (ACF), Gravity Forms, and Yoast SEO provide composer-based installation -options. This project is already configured to use composer for both ACF and Gravity Forms. + Many providers including Advanced Custom Fields (ACF), Gravity Forms, and Yoast SEO provide composer-based + installation + options. This project is already configured to use composer for both ACF and Gravity Forms. 1. Check the plugin files into the repository directly. This is the simplest option but is not ideal for a number of -reasons, including licensing, security, and ease of management. + reasons, including licensing, security, and ease of management. ### Creating an auth.json File -If the plugin maker provides a composer-based installation method, you will likely create an `auth.json` file to -store the required credentials. This file is used by composer to install the plugin. This project provides an +If the plugin maker provides a composer-based installation method, you will likely create an `auth.json` file to +store the required credentials. This file is used by composer to install the plugin. This project provides an auth.json template file that the 1Password CLI can use to automatically generate the required `auth.json` file. See the [1Password CLI Docs](./1password-cli.md) for more information on this integration. -To manually create the `auth.json` file, copy the `auth.template.json` file to `auth.json` and update the placeholder +To manually create the `auth.json` file, copy the `auth.template.json` file to `auth.json` and update the placeholder values within the file with the required credentials. > [!IMPORTANT] -> The populated `auth.json` file should never be checked into the git repository as it contains +> The populated `auth.json` file should never be checked into the git repository as it contains > project-specific secrets (software license keys) which should never be available in source control. ## Platform Dependencies There are several PHP platform dependencies added as composer requirements. These dependencies include the required version of PHP as well as several PHP extensions required by WordPress (`ext-exif`, `ext-gd`, `ext-intl`, & `ext-json`). -These PHP extensions are installed within a [project's Dokku env](actions.md#dokku-deployment-workflows) and should not +These PHP extensions are installed within a [project's Dokku env](actions.md#dokku-deployment-workflows) and should not be removed unless or until Dokku is not utilized by the project. From 4ba83100d8757b477639c4b35ba617cada83ffab Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 15:52:23 -0600 Subject: [PATCH 105/130] Add tooling to allow running npm commands inside the node service. --- .lando.yml | 2 ++ README.md | 1 + 2 files changed, 3 insertions(+) diff --git a/.lando.yml b/.lando.yml index 940ede54..5e60cb10 100644 --- a/.lando.yml +++ b/.lando.yml @@ -39,6 +39,8 @@ events: - node: npm install && npm run build tooling: + npm: + service: node xdebug-on: service: appserver description: Enable xdebug for nginx. diff --git a/README.md b/README.md index 112a5e38..302ee02a 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,7 @@ members to use and provides a number of helpful features. Below are a number of * `lando poweroff` - Completely shuts down all running Lando services. * `lando composer ` - Runs a composer command within the project container. * `lando wp ` - Runs a WP-CLI command within the project container. +* `lando npm ` - Runs an npm command within the node container. Useful for rebuilding the theme assets. * `lando db-export` - Exports the project database to a file in the project root. * `lando db-import ` - Imports a database file into the project database. This file must be located within the project directory. It can be either an archived (`.zip`) or unarchived SQL (`.sql`) file. From dcd90ede182a11fc7070c3361356ad986a6b55de Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 3 Jan 2025 16:42:35 -0600 Subject: [PATCH 106/130] Add a check to prevent calling the script in the browser. --- dev/scripts/create-local-configs.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/dev/scripts/create-local-configs.php b/dev/scripts/create-local-configs.php index ca6c6ae0..232f194d 100644 --- a/dev/scripts/create-local-configs.php +++ b/dev/scripts/create-local-configs.php @@ -4,6 +4,11 @@ * Generates a local-config.json file using Lando's own environment variables if it doesn't exist. */ +if ( ! file_exists( '.lando.yml' ) ) { + // This script should only be run from the root of the project, not called directly in a browser. + die(); +} + /** * PHP Local Config */ From 071710cda8beaa74b13c28afa9c51ff901c983db Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Wed, 8 Jan 2025 09:14:52 -0600 Subject: [PATCH 107/130] Apply suggestions from code review Co-authored-by: Jason Zinn --- CHANGELOG.md | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2b298324..5e37a015 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). Each changelog entr item (Added, Changed, Depreciated, Removed, Fixed, Security). ## [2025.01] -- Added: Node service to Lando so FE assets can be build automatically on start up. +- Added: Node service to Lando so FE assets can be built automatically on start up. - Updated: project start up scripts to automatically generate the correct contents of the lcoal config files. - Updated: script to install WordPress so we can use a version constant and not install WP every time composer is installed or updated. diff --git a/README.md b/README.md index 302ee02a..40868034 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ maintained by the folks at [Modern Tribe](https://tri.be). That should be it! After Lando starts the first time, it will automatically create the necessary local config files for the project. Additionally, each time Lando starts it will automatically run `composer install` and -`npm install && npm run build` make sure all the project dependencies are installed and the theme assets have been +`npm install && npm run build` to make sure all the project dependencies are installed and the theme assets have been built. ## Documentation From 0394b5639aac7b80310571b691fe813a3b8dee4f Mon Sep 17 00:00:00 2001 From: Geoff Dusome Date: Wed, 8 Jan 2025 13:34:17 -0500 Subject: [PATCH 108/130] [MOOSE-177]: update eslint config file to include browser env variables --- .eslintrc.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.eslintrc.json b/.eslintrc.json index 749ac643..f6146e67 100644 --- a/.eslintrc.json +++ b/.eslintrc.json @@ -1,4 +1,7 @@ { + "env": { + "browser": true + }, "extends": [ "plugin:@wordpress/eslint-plugin/recommended" ], "rules": { "no-console": 0, From e3bc923f0c721ed0f5777a7b40615b97f72b4d25 Mon Sep 17 00:00:00 2001 From: Geoff Dusome Date: Fri, 10 Jan 2025 11:33:29 -0500 Subject: [PATCH 109/130] [MOOSE-177]: changelog update --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8643334f..7038b590 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ item (Added, Changed, Depreciated, Removed, Fixed, Security). ## [2025.01] +- Updated: ESLint config now supports browser environment variable such as `IntersectionObserver` - Added: ability for table blocks to utilize the `overflow-x` set on them by setting a `min-width` property for the `table` element within the table block. - Updated: Enabled background images on the Group block; We should try to use this instead of the Cover block where From 7d3c3935836dc7ee1dc65e113116b6f4f9d121e3 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:25:23 -0600 Subject: [PATCH 110/130] Rename `OP_` prefixed constants to `ONEPASS_` to clarify purpose. --- .github/actions/composer-install/action.yml | 12 ++++++------ .github/workflows/code-quality.yml | 18 +++++++++--------- .github/workflows/deploy-dev.yml | 6 +++--- .github/workflows/deploy-prod.yml | 6 +++--- .github/workflows/deploy-stage.yml | 6 +++--- .github/workflows/dokku-dev.yml | 6 +++--- .github/workflows/dokku-review-app.yml | 6 +++--- .github/workflows/php-tests.yml | 14 +++++++------- .github/workflows/phpcs.yml | 12 ++++++------ .github/workflows/pipeline-dokku.yml | 12 ++++++------ .github/workflows/static-analysis.yml | 12 ++++++------ docs/1password-cli.md | 10 +++++----- docs/actions.md | 2 +- 13 files changed, 61 insertions(+), 61 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 4548d91c..b2bd6dfa 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -9,13 +9,13 @@ inputs: description: 'Flags to pass to the `composer install` command.' required: false default: '--optimize-autoloader --no-dev' - OP_SERVICE_ACCOUNT_TOKEN: + ONEPASS_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password service account token to use for populating composer auth.json' - OP_VAULT: + ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' required: true - OP_ITEM: + ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' required: true @@ -49,9 +49,9 @@ runs: working-directory: ${{ inputs.BUILD_FOLDER }} shell: bash env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ inputs.OP_VAULT }} - OP_ITEM: ${{ inputs.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ inputs.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ inputs.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ inputs.ONEPASS_ITEM }} run: op inject -i auth.template.json -o auth.json - name: 'Install Composer' diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 15365099..c275592b 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -16,9 +16,9 @@ jobs: name: 'Coding Standards' uses: ./.github/workflows/phpcs.yml secrets: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} linting: name: 'Linting' @@ -29,9 +29,9 @@ jobs: needs: [coding-standards, linting] uses: ./.github/workflows/static-analysis.yml secrets: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} # Enable this job if you have PHPUnit tests # slic: @@ -39,6 +39,6 @@ jobs: # needs: [coding-standards, phpstan, linting] # uses: ./.github/workflows/php-tests.yml # secrets: -# OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} -# OP_VAULT: ${{ secrets.OP_VAULT }} -# OP_ITEM: ${{ secrets.OP_ITEM }} +# ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} +# ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} +# ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index 82564944..60f51576 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -26,9 +26,9 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} # Set up node version - name: Set up node diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index 0c09b2c8..9e85847a 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -29,9 +29,9 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} # Set up node version - name: Set up node diff --git a/.github/workflows/deploy-stage.yml b/.github/workflows/deploy-stage.yml index 436e7661..d5f77058 100644 --- a/.github/workflows/deploy-stage.yml +++ b/.github/workflows/deploy-stage.yml @@ -30,9 +30,9 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} # Set up node version - name: Set up node diff --git a/.github/workflows/dokku-dev.yml b/.github/workflows/dokku-dev.yml index e476d1a4..6721e22f 100644 --- a/.github/workflows/dokku-dev.yml +++ b/.github/workflows/dokku-dev.yml @@ -19,6 +19,6 @@ jobs: github_pat_token: ${{ secrets.GH_BOT_TOKEN }} ssh_private_key: ${{ secrets.DOKKU_DEPLOY_KEY }} slack_webhook: ${{ secrets.SLACK_WEBHOOK }} - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} diff --git a/.github/workflows/dokku-review-app.yml b/.github/workflows/dokku-review-app.yml index 1bc0889b..a78c05d7 100644 --- a/.github/workflows/dokku-review-app.yml +++ b/.github/workflows/dokku-review-app.yml @@ -34,9 +34,9 @@ jobs: github_pat_token: ${{ secrets.GH_BOT_TOKEN }} ssh_private_key: ${{ secrets.DOKKU_DEPLOY_KEY }} slack_webhook: ${{ secrets.SLACK_WEBHOOK }} - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} destroy_review_app: if: (github.event_name == 'pull_request' && github.event.action == 'closed') && contains(github.event.pull_request.labels.*.name, 'Launch Environment') diff --git a/.github/workflows/php-tests.yml b/.github/workflows/php-tests.yml index 79695e1f..92919bdb 100644 --- a/.github/workflows/php-tests.yml +++ b/.github/workflows/php-tests.yml @@ -3,12 +3,12 @@ name: 'PHP Tests' on: workflow_call: secrets: - OP_SERVICE_ACCOUNT_TOKEN: + ONEPASS_SERVICE_ACCOUNT_TOKEN: required: true description: 1Password Service Account Token to use for populating composer auth.json - OP_VAULT: + ONEPASS_VAULT: description: 1Password vault to use for populating composer auth.json - OP_ITEM: + ONEPASS_ITEM: description: 1Password item to use for populating composer auth.json jobs: @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest env: build_folder: build - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} steps: - name: Checkout the repository @@ -111,9 +111,9 @@ jobs: - name: Create auth.json via 1Password CLI if: steps.changed-files.outputs.tests == 'true' env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} run: op inject -i auth.template.json -o auth.json - name: Set up site for CI diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index c2114ef0..e0460eab 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -3,12 +3,12 @@ name: Coding Standards on: workflow_call: secrets: - OP_SERVICE_ACCOUNT_TOKEN: + ONEPASS_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password Service Account Token to use for populating composer auth.json' - OP_VAULT: + ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' - OP_ITEM: + ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' jobs: @@ -36,9 +36,9 @@ jobs: uses: ./.github/actions/composer-install with: COMPOSER_INSTALL_FLAGS: '--optimize-autoloader' - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} - name: 'Run PHPCS' if: steps.changed-files.outputs.phpcs == 'true' diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index 819b24f7..fa93b7d0 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -30,13 +30,13 @@ on: required: true slack_webhook: required: true - OP_SERVICE_ACCOUNT_TOKEN: + ONEPASS_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password service account token to use for populating composer auth.json' - OP_VAULT: + ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' required: true - OP_ITEM: + ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' required: true @@ -85,9 +85,9 @@ jobs: - name: 'Create auth.json via 1Password CLI' env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} run: op inject -i auth.template.json -o auth.json - name: Commit Files diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index 1dfc09d7..561b4d08 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -3,12 +3,12 @@ name: Static Analysis on: workflow_call: secrets: - OP_SERVICE_ACCOUNT_TOKEN: + ONEPASS_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password Service Account Token to use for populating composer auth.json' - OP_VAULT: + ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' - OP_ITEM: + ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' jobs: @@ -36,9 +36,9 @@ jobs: uses: ./.github/actions/composer-install with: COMPOSER_INSTALL_FLAGS: '--optimize-autoloader' - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} + ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} + ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} - name: 'Run PHPStan static analysis' if: steps.changed-files.outputs.phpstan == 'true' diff --git a/docs/1password-cli.md b/docs/1password-cli.md index bb95b58a..7b1c7793 100644 --- a/docs/1password-cli.md +++ b/docs/1password-cli.md @@ -34,9 +34,9 @@ Here are steps for adding a new authentication or secret value to the project: 1Password provides [their own GitHub Action](https://github.com/1Password/install-cli-action) that is used in the project workflows. The following GitHub secrets are required to use the 1Password CLI in GitHub Actions: -* `OP_SERVICE_ACCOUNT_TOKEN` - (Required) A 1Password service account token. -* `OP_VAULT` - The 1Password vault where the secrets are stored. Defaults to `Engineering`. -* `OP_ITEM` - The 1Password item containing the secrets. Defaults to `MT-Composer-Auth`. +* `ONEPASS_SERVICE_ACCOUNT_TOKEN` - (Required) A 1Password service account token. +* `ONEPASS_VAULT` - The 1Password vault where the secrets are stored. Defaults to `Engineering`. +* `ONEPASS_ITEM` - The 1Password item containing the secrets. Defaults to `MT-Composer-Auth`. We have configured a default service account with access to Modern Tribe's Engineering vault. This service account is sufficient for projects that are just getting started and haven't yet purchased any client-specific licenses. @@ -50,7 +50,7 @@ sufficient for projects that are just getting started and haven't yet purchased ### 1Password Service Account Token To use 1Password CLI with GitHub Actions, you must create a [1Password service account](https://developer.1password.com/docs/service-accounts/get-started) -and populate the `OP_SERVICE_ACCOUNT_TOKEN` secret in the project's GitHub repository with the respective service +and populate the `ONEPASS_SERVICE_ACCOUNT_TOKEN` secret in the project's GitHub repository with the respective service account token. You may need to ask Modern Tribe leadership or the project manager to create this account for you. When creating the service account, be sure that the account can only access the project's vault(s). Service accounts @@ -58,7 +58,7 @@ cannot be modified once they are created and should not be shared between projec ### 1Password Vault and Item -The `OP_VAULT` and `OP_ITEM` secrets tell the 1Password CLI which vault and item to retrieve values from. If they are +The `ONEPASS_VAULT` and `ONEPASS_ITEM` secrets tell the 1Password CLI which vault and item to retrieve values from. If they are not defined, the 1Password CLI will default to the `Engineering` vault and the `MT-Composer-Auth` item. When creating a project-specific 1Password vault be sure to follow the structure of the `MT-Composer-Auth` item in the diff --git a/docs/actions.md b/docs/actions.md index 763a6ddc..7979ba6f 100644 --- a/docs/actions.md +++ b/docs/actions.md @@ -18,7 +18,7 @@ dokku-ansible repo to accept the connection. We have 3 deployment workflows to interface with whatever hosting environment is needed (deploy-dev.yml, deploy-stage.yml, deploy-prod.yml). You will need to update the `[DEV|STAGE|PROD]_DEPLOY_REPO`, -`DEPLOY_PRIVATE_SSH_KEY`, and 1Password secrets (`OP_SERVICE_ACCOUNT_TOKEN`, `OP_VAULT`, `OP_ITEM`) to use these +`DEPLOY_PRIVATE_SSH_KEY`, and 1Password secrets (`ONEPASS_SERVICE_ACCOUNT_TOKEN`, `ONEPASS_VAULT`, `ONEPASS_ITEM`) to use these deployments in your project. These are intended to be deploying to the hosting service where the site will live. Most hosting companies work with `git` making it the default push we currently use. From d9cbc3ded6afaf10491957409cb6c8d4d14e9278 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:38:51 -0600 Subject: [PATCH 111/130] temporarily output 1Pass user deets --- .github/actions/composer-install/action.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index b2bd6dfa..b2f8a7bd 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -52,7 +52,9 @@ runs: ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ inputs.ONEPASS_SERVICE_ACCOUNT_TOKEN }} ONEPASS_VAULT: ${{ inputs.ONEPASS_VAULT }} ONEPASS_ITEM: ${{ inputs.ONEPASS_ITEM }} - run: op inject -i auth.template.json -o auth.json + run: | + op user get --me + op inject -i auth.template.json -o auth.json - name: 'Install Composer' working-directory: ${{ inputs.BUILD_FOLDER }} From 3d5e2cf41709478454ba1e5d56e677b9bc5d9883 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:42:05 -0600 Subject: [PATCH 112/130] Don't forget to update the template. --- auth.template.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/auth.template.json b/auth.template.json index 5d77f579..cc5df818 100644 --- a/auth.template.json +++ b/auth.template.json @@ -1,12 +1,12 @@ { "http-basic": { "connect.advancedcustomfields.com": { - "username": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/ACF/license}}", - "password": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/url}}" + "username": "{{op://${ONEPASS_VAULT:-Engineering}/${ONEPASS_ITEM:-MT-Composer-Auth}/ACF/license}}", + "password": "{{op://${ONEPASS_VAULT:-Engineering}/${ONEPASS_ITEM:-MT-Composer-Auth}/url}}" }, "composer.gravity.io": { - "username": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/GF/license}}", - "password": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/url}}" + "username": "{{op://${ONEPASS_VAULT:-Engineering}/${ONEPASS_ITEM:-MT-Composer-Auth}/GF/license}}", + "password": "{{op://${ONEPASS_VAULT:-Engineering}/${ONEPASS_ITEM:-MT-Composer-Auth}/url}}" } } } From 60ad0f07de8a5ab58c92e1c5ae0ecc7ecd0944d9 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:45:45 -0600 Subject: [PATCH 113/130] Don't make vault or item required. --- .github/actions/composer-install/action.yml | 2 -- .github/workflows/pipeline-dokku.yml | 4 +--- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index b2f8a7bd..9f8fbff4 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -14,10 +14,8 @@ inputs: description: '1Password service account token to use for populating composer auth.json' ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' - required: true ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' - required: true runs: using: "composite" diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index fa93b7d0..a2966752 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -31,14 +31,12 @@ on: slack_webhook: required: true ONEPASS_SERVICE_ACCOUNT_TOKEN: - required: true description: '1Password service account token to use for populating composer auth.json' + required: true ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' - required: true ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' - required: true jobs: deploy_dokku: From 4e96e58677e3dabe228342f3d5b0f440e149b0cf Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:49:51 -0600 Subject: [PATCH 114/130] Revert that. We should make them required. --- .github/actions/composer-install/action.yml | 4 +++- .github/workflows/pipeline-dokku.yml | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 9f8fbff4..f632d495 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -10,12 +10,14 @@ inputs: required: false default: '--optimize-autoloader --no-dev' ONEPASS_SERVICE_ACCOUNT_TOKEN: - required: true description: '1Password service account token to use for populating composer auth.json' + required: true ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' + required: true ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' + required: true runs: using: "composite" diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index a2966752..b248e4dc 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -35,8 +35,10 @@ on: required: true ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' + required: true ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' + required: true jobs: deploy_dokku: From 64c36e23c069f0a6a863dcbe07e3e775b2654507 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:55:11 -0600 Subject: [PATCH 115/130] Revert "Revert that. We should make them required." This reverts commit 4e96e58677e3dabe228342f3d5b0f440e149b0cf. --- .github/actions/composer-install/action.yml | 4 +--- .github/workflows/pipeline-dokku.yml | 2 -- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index f632d495..9f8fbff4 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -10,14 +10,12 @@ inputs: required: false default: '--optimize-autoloader --no-dev' ONEPASS_SERVICE_ACCOUNT_TOKEN: - description: '1Password service account token to use for populating composer auth.json' required: true + description: '1Password service account token to use for populating composer auth.json' ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' - required: true ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' - required: true runs: using: "composite" diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index b248e4dc..a2966752 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -35,10 +35,8 @@ on: required: true ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' - required: true ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' - required: true jobs: deploy_dokku: From efd0b8ef7ac957d850bb47af30946a4d0992e115 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:55:12 -0600 Subject: [PATCH 116/130] Revert "Don't make vault or item required." This reverts commit 60ad0f07de8a5ab58c92e1c5ae0ecc7ecd0944d9. --- .github/actions/composer-install/action.yml | 2 ++ .github/workflows/pipeline-dokku.yml | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 9f8fbff4..b2f8a7bd 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -14,8 +14,10 @@ inputs: description: '1Password service account token to use for populating composer auth.json' ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' + required: true ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' + required: true runs: using: "composite" diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index a2966752..fa93b7d0 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -31,12 +31,14 @@ on: slack_webhook: required: true ONEPASS_SERVICE_ACCOUNT_TOKEN: - description: '1Password service account token to use for populating composer auth.json' required: true + description: '1Password service account token to use for populating composer auth.json' ONEPASS_VAULT: description: '1Password vault to use for populating composer auth.json' + required: true ONEPASS_ITEM: description: '1Password item to use for populating composer auth.json' + required: true jobs: deploy_dokku: From 0c6dad92434380b8005dec843d2c8c429c804ea9 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:55:12 -0600 Subject: [PATCH 117/130] Revert "Don't forget to update the template." This reverts commit 3d5e2cf41709478454ba1e5d56e677b9bc5d9883. --- auth.template.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/auth.template.json b/auth.template.json index cc5df818..5d77f579 100644 --- a/auth.template.json +++ b/auth.template.json @@ -1,12 +1,12 @@ { "http-basic": { "connect.advancedcustomfields.com": { - "username": "{{op://${ONEPASS_VAULT:-Engineering}/${ONEPASS_ITEM:-MT-Composer-Auth}/ACF/license}}", - "password": "{{op://${ONEPASS_VAULT:-Engineering}/${ONEPASS_ITEM:-MT-Composer-Auth}/url}}" + "username": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/ACF/license}}", + "password": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/url}}" }, "composer.gravity.io": { - "username": "{{op://${ONEPASS_VAULT:-Engineering}/${ONEPASS_ITEM:-MT-Composer-Auth}/GF/license}}", - "password": "{{op://${ONEPASS_VAULT:-Engineering}/${ONEPASS_ITEM:-MT-Composer-Auth}/url}}" + "username": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/GF/license}}", + "password": "{{op://${OP_VAULT:-Engineering}/${OP_ITEM:-MT-Composer-Auth}/url}}" } } } From 9a3c13db276c40110fefe6b69822ef701f1d2003 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:55:13 -0600 Subject: [PATCH 118/130] Revert "temporarily output 1Pass user deets" This reverts commit d9cbc3ded6afaf10491957409cb6c8d4d14e9278. --- .github/actions/composer-install/action.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index b2f8a7bd..b2bd6dfa 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -52,9 +52,7 @@ runs: ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ inputs.ONEPASS_SERVICE_ACCOUNT_TOKEN }} ONEPASS_VAULT: ${{ inputs.ONEPASS_VAULT }} ONEPASS_ITEM: ${{ inputs.ONEPASS_ITEM }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json + run: op inject -i auth.template.json -o auth.json - name: 'Install Composer' working-directory: ${{ inputs.BUILD_FOLDER }} From 1fe0e3484ccc8326f93b100e8a045ed1b32ebd7b Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:55:13 -0600 Subject: [PATCH 119/130] Revert "Rename `OP_` prefixed constants to `ONEPASS_` to clarify purpose." This reverts commit 7d3c3935836dc7ee1dc65e113116b6f4f9d121e3. --- .github/actions/composer-install/action.yml | 12 ++++++------ .github/workflows/code-quality.yml | 18 +++++++++--------- .github/workflows/deploy-dev.yml | 6 +++--- .github/workflows/deploy-prod.yml | 6 +++--- .github/workflows/deploy-stage.yml | 6 +++--- .github/workflows/dokku-dev.yml | 6 +++--- .github/workflows/dokku-review-app.yml | 6 +++--- .github/workflows/php-tests.yml | 14 +++++++------- .github/workflows/phpcs.yml | 12 ++++++------ .github/workflows/pipeline-dokku.yml | 12 ++++++------ .github/workflows/static-analysis.yml | 12 ++++++------ docs/1password-cli.md | 10 +++++----- docs/actions.md | 2 +- 13 files changed, 61 insertions(+), 61 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index b2bd6dfa..4548d91c 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -9,13 +9,13 @@ inputs: description: 'Flags to pass to the `composer install` command.' required: false default: '--optimize-autoloader --no-dev' - ONEPASS_SERVICE_ACCOUNT_TOKEN: + OP_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password service account token to use for populating composer auth.json' - ONEPASS_VAULT: + OP_VAULT: description: '1Password vault to use for populating composer auth.json' required: true - ONEPASS_ITEM: + OP_ITEM: description: '1Password item to use for populating composer auth.json' required: true @@ -49,9 +49,9 @@ runs: working-directory: ${{ inputs.BUILD_FOLDER }} shell: bash env: - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ inputs.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ inputs.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ inputs.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ inputs.OP_VAULT }} + OP_ITEM: ${{ inputs.OP_ITEM }} run: op inject -i auth.template.json -o auth.json - name: 'Install Composer' diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index c275592b..15365099 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -16,9 +16,9 @@ jobs: name: 'Coding Standards' uses: ./.github/workflows/phpcs.yml secrets: - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} linting: name: 'Linting' @@ -29,9 +29,9 @@ jobs: needs: [coding-standards, linting] uses: ./.github/workflows/static-analysis.yml secrets: - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} # Enable this job if you have PHPUnit tests # slic: @@ -39,6 +39,6 @@ jobs: # needs: [coding-standards, phpstan, linting] # uses: ./.github/workflows/php-tests.yml # secrets: -# ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} -# ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} -# ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} +# OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} +# OP_VAULT: ${{ secrets.OP_VAULT }} +# OP_ITEM: ${{ secrets.OP_ITEM }} diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index 60f51576..82564944 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -26,9 +26,9 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} # Set up node version - name: Set up node diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index 9e85847a..0c09b2c8 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -29,9 +29,9 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} # Set up node version - name: Set up node diff --git a/.github/workflows/deploy-stage.yml b/.github/workflows/deploy-stage.yml index d5f77058..436e7661 100644 --- a/.github/workflows/deploy-stage.yml +++ b/.github/workflows/deploy-stage.yml @@ -30,9 +30,9 @@ jobs: uses: ./.github/actions/composer-install with: BUILD_FOLDER: ${{ env.BUILD_FOLDER }} - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} # Set up node version - name: Set up node diff --git a/.github/workflows/dokku-dev.yml b/.github/workflows/dokku-dev.yml index 6721e22f..e476d1a4 100644 --- a/.github/workflows/dokku-dev.yml +++ b/.github/workflows/dokku-dev.yml @@ -19,6 +19,6 @@ jobs: github_pat_token: ${{ secrets.GH_BOT_TOKEN }} ssh_private_key: ${{ secrets.DOKKU_DEPLOY_KEY }} slack_webhook: ${{ secrets.SLACK_WEBHOOK }} - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} diff --git a/.github/workflows/dokku-review-app.yml b/.github/workflows/dokku-review-app.yml index a78c05d7..1bc0889b 100644 --- a/.github/workflows/dokku-review-app.yml +++ b/.github/workflows/dokku-review-app.yml @@ -34,9 +34,9 @@ jobs: github_pat_token: ${{ secrets.GH_BOT_TOKEN }} ssh_private_key: ${{ secrets.DOKKU_DEPLOY_KEY }} slack_webhook: ${{ secrets.SLACK_WEBHOOK }} - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} destroy_review_app: if: (github.event_name == 'pull_request' && github.event.action == 'closed') && contains(github.event.pull_request.labels.*.name, 'Launch Environment') diff --git a/.github/workflows/php-tests.yml b/.github/workflows/php-tests.yml index 92919bdb..79695e1f 100644 --- a/.github/workflows/php-tests.yml +++ b/.github/workflows/php-tests.yml @@ -3,12 +3,12 @@ name: 'PHP Tests' on: workflow_call: secrets: - ONEPASS_SERVICE_ACCOUNT_TOKEN: + OP_SERVICE_ACCOUNT_TOKEN: required: true description: 1Password Service Account Token to use for populating composer auth.json - ONEPASS_VAULT: + OP_VAULT: description: 1Password vault to use for populating composer auth.json - ONEPASS_ITEM: + OP_ITEM: description: 1Password item to use for populating composer auth.json jobs: @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest env: build_folder: build - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} steps: - name: Checkout the repository @@ -111,9 +111,9 @@ jobs: - name: Create auth.json via 1Password CLI if: steps.changed-files.outputs.tests == 'true' env: - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} run: op inject -i auth.template.json -o auth.json - name: Set up site for CI diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index e0460eab..c2114ef0 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -3,12 +3,12 @@ name: Coding Standards on: workflow_call: secrets: - ONEPASS_SERVICE_ACCOUNT_TOKEN: + OP_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password Service Account Token to use for populating composer auth.json' - ONEPASS_VAULT: + OP_VAULT: description: '1Password vault to use for populating composer auth.json' - ONEPASS_ITEM: + OP_ITEM: description: '1Password item to use for populating composer auth.json' jobs: @@ -36,9 +36,9 @@ jobs: uses: ./.github/actions/composer-install with: COMPOSER_INSTALL_FLAGS: '--optimize-autoloader' - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} - name: 'Run PHPCS' if: steps.changed-files.outputs.phpcs == 'true' diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index fa93b7d0..819b24f7 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -30,13 +30,13 @@ on: required: true slack_webhook: required: true - ONEPASS_SERVICE_ACCOUNT_TOKEN: + OP_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password service account token to use for populating composer auth.json' - ONEPASS_VAULT: + OP_VAULT: description: '1Password vault to use for populating composer auth.json' required: true - ONEPASS_ITEM: + OP_ITEM: description: '1Password item to use for populating composer auth.json' required: true @@ -85,9 +85,9 @@ jobs: - name: 'Create auth.json via 1Password CLI' env: - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} run: op inject -i auth.template.json -o auth.json - name: Commit Files diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index 561b4d08..1dfc09d7 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -3,12 +3,12 @@ name: Static Analysis on: workflow_call: secrets: - ONEPASS_SERVICE_ACCOUNT_TOKEN: + OP_SERVICE_ACCOUNT_TOKEN: required: true description: '1Password Service Account Token to use for populating composer auth.json' - ONEPASS_VAULT: + OP_VAULT: description: '1Password vault to use for populating composer auth.json' - ONEPASS_ITEM: + OP_ITEM: description: '1Password item to use for populating composer auth.json' jobs: @@ -36,9 +36,9 @@ jobs: uses: ./.github/actions/composer-install with: COMPOSER_INSTALL_FLAGS: '--optimize-autoloader' - ONEPASS_SERVICE_ACCOUNT_TOKEN: ${{ secrets.ONEPASS_SERVICE_ACCOUNT_TOKEN }} - ONEPASS_VAULT: ${{ secrets.ONEPASS_VAULT }} - ONEPASS_ITEM: ${{ secrets.ONEPASS_ITEM }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} - name: 'Run PHPStan static analysis' if: steps.changed-files.outputs.phpstan == 'true' diff --git a/docs/1password-cli.md b/docs/1password-cli.md index 7b1c7793..bb95b58a 100644 --- a/docs/1password-cli.md +++ b/docs/1password-cli.md @@ -34,9 +34,9 @@ Here are steps for adding a new authentication or secret value to the project: 1Password provides [their own GitHub Action](https://github.com/1Password/install-cli-action) that is used in the project workflows. The following GitHub secrets are required to use the 1Password CLI in GitHub Actions: -* `ONEPASS_SERVICE_ACCOUNT_TOKEN` - (Required) A 1Password service account token. -* `ONEPASS_VAULT` - The 1Password vault where the secrets are stored. Defaults to `Engineering`. -* `ONEPASS_ITEM` - The 1Password item containing the secrets. Defaults to `MT-Composer-Auth`. +* `OP_SERVICE_ACCOUNT_TOKEN` - (Required) A 1Password service account token. +* `OP_VAULT` - The 1Password vault where the secrets are stored. Defaults to `Engineering`. +* `OP_ITEM` - The 1Password item containing the secrets. Defaults to `MT-Composer-Auth`. We have configured a default service account with access to Modern Tribe's Engineering vault. This service account is sufficient for projects that are just getting started and haven't yet purchased any client-specific licenses. @@ -50,7 +50,7 @@ sufficient for projects that are just getting started and haven't yet purchased ### 1Password Service Account Token To use 1Password CLI with GitHub Actions, you must create a [1Password service account](https://developer.1password.com/docs/service-accounts/get-started) -and populate the `ONEPASS_SERVICE_ACCOUNT_TOKEN` secret in the project's GitHub repository with the respective service +and populate the `OP_SERVICE_ACCOUNT_TOKEN` secret in the project's GitHub repository with the respective service account token. You may need to ask Modern Tribe leadership or the project manager to create this account for you. When creating the service account, be sure that the account can only access the project's vault(s). Service accounts @@ -58,7 +58,7 @@ cannot be modified once they are created and should not be shared between projec ### 1Password Vault and Item -The `ONEPASS_VAULT` and `ONEPASS_ITEM` secrets tell the 1Password CLI which vault and item to retrieve values from. If they are +The `OP_VAULT` and `OP_ITEM` secrets tell the 1Password CLI which vault and item to retrieve values from. If they are not defined, the 1Password CLI will default to the `Engineering` vault and the `MT-Composer-Auth` item. When creating a project-specific 1Password vault be sure to follow the structure of the `MT-Composer-Auth` item in the diff --git a/docs/actions.md b/docs/actions.md index 7979ba6f..763a6ddc 100644 --- a/docs/actions.md +++ b/docs/actions.md @@ -18,7 +18,7 @@ dokku-ansible repo to accept the connection. We have 3 deployment workflows to interface with whatever hosting environment is needed (deploy-dev.yml, deploy-stage.yml, deploy-prod.yml). You will need to update the `[DEV|STAGE|PROD]_DEPLOY_REPO`, -`DEPLOY_PRIVATE_SSH_KEY`, and 1Password secrets (`ONEPASS_SERVICE_ACCOUNT_TOKEN`, `ONEPASS_VAULT`, `ONEPASS_ITEM`) to use these +`DEPLOY_PRIVATE_SSH_KEY`, and 1Password secrets (`OP_SERVICE_ACCOUNT_TOKEN`, `OP_VAULT`, `OP_ITEM`) to use these deployments in your project. These are intended to be deploying to the hosting service where the site will live. Most hosting companies work with `git` making it the default push we currently use. From 39462cf9142095357fdf1df38d60ca5dfc5ee77e Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:56:22 -0600 Subject: [PATCH 120/130] Temporarily add op user deets for testing. --- .github/workflows/pipeline-dokku.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index 819b24f7..6e0f1f55 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -88,7 +88,9 @@ jobs: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} - run: op inject -i auth.template.json -o auth.json + run: | + op user get --me + op inject -i auth.template.json -o auth.json - name: Commit Files uses: moderntribe/actions/utils/commit-files@v1 From 5462c90c892429cb5958459ac83bb10df3d1c745 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 14:59:41 -0600 Subject: [PATCH 121/130] Temporarily add op user deets for testing. --- .github/actions/composer-install/action.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 4548d91c..397dfb7f 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -52,7 +52,9 @@ runs: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ inputs.OP_VAULT }} OP_ITEM: ${{ inputs.OP_ITEM }} - run: op inject -i auth.template.json -o auth.json + run: | + op user get --me + op inject -i auth.template.json -o auth.json - name: 'Install Composer' working-directory: ${{ inputs.BUILD_FOLDER }} From 6eacc1b9f3d14f1a9fb016ad464b7fa19de4f17e Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:12:00 -0600 Subject: [PATCH 122/130] Try env specific secrets. --- .github/workflows/dokku-review-app.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dokku-review-app.yml b/.github/workflows/dokku-review-app.yml index 1bc0889b..b094e930 100644 --- a/.github/workflows/dokku-review-app.yml +++ b/.github/workflows/dokku-review-app.yml @@ -30,13 +30,14 @@ jobs: pr_number: ${{ github.event.number }} is_review_app: true server: d1.moderntribe.qa + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} secrets: github_pat_token: ${{ secrets.GH_BOT_TOKEN }} ssh_private_key: ${{ secrets.DOKKU_DEPLOY_KEY }} slack_webhook: ${{ secrets.SLACK_WEBHOOK }} - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} destroy_review_app: if: (github.event_name == 'pull_request' && github.event.action == 'closed') && contains(github.event.pull_request.labels.*.name, 'Launch Environment') From ec61a1c6ec4df2e7a5759c359872a423c5ce4c07 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:13:21 -0600 Subject: [PATCH 123/130] Revert. --- .github/workflows/dokku-review-app.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/dokku-review-app.yml b/.github/workflows/dokku-review-app.yml index b094e930..1bc0889b 100644 --- a/.github/workflows/dokku-review-app.yml +++ b/.github/workflows/dokku-review-app.yml @@ -30,14 +30,13 @@ jobs: pr_number: ${{ github.event.number }} is_review_app: true server: d1.moderntribe.qa - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_VAULT: ${{ secrets.OP_VAULT }} - OP_ITEM: ${{ secrets.OP_ITEM }} secrets: github_pat_token: ${{ secrets.GH_BOT_TOKEN }} ssh_private_key: ${{ secrets.DOKKU_DEPLOY_KEY }} slack_webhook: ${{ secrets.SLACK_WEBHOOK }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_VAULT: ${{ secrets.OP_VAULT }} + OP_ITEM: ${{ secrets.OP_ITEM }} destroy_review_app: if: (github.event_name == 'pull_request' && github.event.action == 'closed') && contains(github.event.pull_request.labels.*.name, 'Launch Environment') From e6724eab530fb0b4c028a155d509e54960aa779c Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:16:08 -0600 Subject: [PATCH 124/130] Set env to use. --- .github/workflows/pipeline-dokku.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index 6e0f1f55..b829bcd6 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -42,6 +42,7 @@ on: jobs: deploy_dokku: + environment: Dokku runs-on: ubuntu-latest steps: - name: Cloning repo From 83447ddc17954a4f01664b37e26f564cb47bfeb1 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:26:17 -0600 Subject: [PATCH 125/130] Testing: move env definition to top-level workflow. --- .github/workflows/dokku-review-app.yml | 1 + .github/workflows/pipeline-dokku.yml | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dokku-review-app.yml b/.github/workflows/dokku-review-app.yml index 1bc0889b..212e7827 100644 --- a/.github/workflows/dokku-review-app.yml +++ b/.github/workflows/dokku-review-app.yml @@ -24,6 +24,7 @@ jobs: deploy_review_app: if: (github.event_name == 'pull_request' && github.event.action == 'opened' || github.event.action == 'synchronize') && contains(github.event.pull_request.labels.*.name, 'Launch Environment') uses: ./.github/workflows/pipeline-dokku.yml + environment: Dokku with: app_name: moose-dev branch: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index b829bcd6..6e0f1f55 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -42,7 +42,6 @@ on: jobs: deploy_dokku: - environment: Dokku runs-on: ubuntu-latest steps: - name: Cloning repo From 111e1bc1d913c351312cea8b3a588ca130e01cba Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:36:45 -0600 Subject: [PATCH 126/130] whitespace alignment. --- .github/actions/composer-install/action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index 397dfb7f..e8920a54 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -52,9 +52,9 @@ runs: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ inputs.OP_VAULT }} OP_ITEM: ${{ inputs.OP_ITEM }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json + run: | + op user get --me + op inject -i auth.template.json -o auth.json - name: 'Install Composer' working-directory: ${{ inputs.BUILD_FOLDER }} From 876f9011f31e9da612904e9bb38ce03bb00acc7d Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:37:10 -0600 Subject: [PATCH 127/130] Remove env from here as it isn't allowed. --- .github/workflows/dokku-review-app.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/dokku-review-app.yml b/.github/workflows/dokku-review-app.yml index 212e7827..1bc0889b 100644 --- a/.github/workflows/dokku-review-app.yml +++ b/.github/workflows/dokku-review-app.yml @@ -24,7 +24,6 @@ jobs: deploy_review_app: if: (github.event_name == 'pull_request' && github.event.action == 'opened' || github.event.action == 'synchronize') && contains(github.event.pull_request.labels.*.name, 'Launch Environment') uses: ./.github/workflows/pipeline-dokku.yml - environment: Dokku with: app_name: moose-dev branch: ${{ github.event.pull_request.head.ref }} From ec62df3c7c9070eaf98df2a26d5660999784f327 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:37:37 -0600 Subject: [PATCH 128/130] Add missing `required` property. --- .github/workflows/phpcs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index c2114ef0..1fccc795 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -8,8 +8,10 @@ on: description: '1Password Service Account Token to use for populating composer auth.json' OP_VAULT: description: '1Password vault to use for populating composer auth.json' + required: false OP_ITEM: description: '1Password item to use for populating composer auth.json' + required: false jobs: phpcs: From 9213788213d53d7ca017fdc555bec78882ff7338 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:44:22 -0600 Subject: [PATCH 129/130] Remove testing output. --- .github/actions/composer-install/action.yml | 4 +--- .github/workflows/pipeline-dokku.yml | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/actions/composer-install/action.yml b/.github/actions/composer-install/action.yml index e8920a54..4548d91c 100644 --- a/.github/actions/composer-install/action.yml +++ b/.github/actions/composer-install/action.yml @@ -52,9 +52,7 @@ runs: OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ inputs.OP_VAULT }} OP_ITEM: ${{ inputs.OP_ITEM }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json + run: op inject -i auth.template.json -o auth.json - name: 'Install Composer' working-directory: ${{ inputs.BUILD_FOLDER }} diff --git a/.github/workflows/pipeline-dokku.yml b/.github/workflows/pipeline-dokku.yml index 6e0f1f55..819b24f7 100644 --- a/.github/workflows/pipeline-dokku.yml +++ b/.github/workflows/pipeline-dokku.yml @@ -88,9 +88,7 @@ jobs: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_VAULT: ${{ secrets.OP_VAULT }} OP_ITEM: ${{ secrets.OP_ITEM }} - run: | - op user get --me - op inject -i auth.template.json -o auth.json + run: op inject -i auth.template.json -o auth.json - name: Commit Files uses: moderntribe/actions/utils/commit-files@v1 From 97be4b8f4cfa7755d66450e0a3dcd2c87beb5443 Mon Sep 17 00:00:00 2001 From: David Paul Ellenwood Date: Fri, 10 Jan 2025 15:55:46 -0600 Subject: [PATCH 130/130] Remove the default values. We've set org-wide values for these, but they shouldn't be shared. --- docs/1password-cli.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/1password-cli.md b/docs/1password-cli.md index bb95b58a..1c4cafac 100644 --- a/docs/1password-cli.md +++ b/docs/1password-cli.md @@ -35,8 +35,8 @@ Here are steps for adding a new authentication or secret value to the project: 1Password provides [their own GitHub Action](https://github.com/1Password/install-cli-action) that is used in the project workflows. The following GitHub secrets are required to use the 1Password CLI in GitHub Actions: * `OP_SERVICE_ACCOUNT_TOKEN` - (Required) A 1Password service account token. -* `OP_VAULT` - The 1Password vault where the secrets are stored. Defaults to `Engineering`. -* `OP_ITEM` - The 1Password item containing the secrets. Defaults to `MT-Composer-Auth`. +* `OP_VAULT` - (Required) The 1Password vault where the secrets are stored. +* `OP_ITEM` - (Required) The 1Password item containing the secrets. We have configured a default service account with access to Modern Tribe's Engineering vault. This service account is sufficient for projects that are just getting started and haven't yet purchased any client-specific licenses.