GitHub Integration
GitHub workflow, automation, and integration features for the SecureHealth project.
Repository Structureβ
Main Branchesβ
main: Production-ready codedevelop: Integration branch for featuresgh-pages: Documentation site deployment
Branch Protection Rulesβ
# .github/branch-protection.yml
main:
required_status_checks:
strict: true
contexts:
- "ci/tests"
- "ci/code-quality"
- "ci/security-scan"
enforce_admins: true
required_pull_request_reviews:
required_approving_review_count: 1
dismiss_stale_reviews: true
require_code_owner_reviews: true
restrictions:
users: []
teams: ["maintainers"]
GitHub Actionsβ
Continuous Integrationβ
# .github/workflows/ci.yml
name: CI
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
jobs:
tests:
runs-on: ubuntu-latest
services:
mongodb:
image: mongo:6.0
ports:
- 27017:27017
steps:
- uses: actions/checkout@v3
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.1'
extensions: mongodb, intl, zip
coverage: xdebug
- name: Install dependencies
run: composer install --prefer-dist --no-progress
- name: Run tests
run: phpunit --coverage-clover coverage.xml
- name: Upload coverage
uses: codecov/codecov-action@v3
with:
file: coverage.xml
Code Qualityβ
# .github/workflows/code-quality.yml
name: Code Quality
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
jobs:
php-cs-fixer:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.1'
- name: Install dependencies
run: composer install --prefer-dist --no-progress
- name: Run PHP CS Fixer
run: composer cs-check
- name: Run PHPStan
run: composer stan
Security Scanningβ
# .github/workflows/security.yml
name: Security Scan
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
schedule:
- cron: '0 2 * * 1' # Weekly
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
Documentation Deploymentβ
# .github/workflows/docs.yml
name: Deploy Documentation
on:
push:
branches: [ main ]
paths:
- 'docs/**'
- 'docusaurus.config.js'
- 'sidebars.js'
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Build documentation
run: npm run build
- name: Deploy to GitHub Pages
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./build
Issue Templatesβ
Bug Report Templateβ
---
name: Bug report
about: Create a report to help us improve
title: '[BUG] '
labels: bug
assignees: ''
---
## Bug Description
A clear and concise description of what the bug is.
## Steps to Reproduce
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error
## Expected Behavior
A clear and concise description of what you expected to happen.
## Actual Behavior
A clear and concise description of what actually happened.
## Screenshots
If applicable, add screenshots to help explain your problem.
## Environment
- OS: [e.g., macOS, Windows, Linux]
- PHP Version: [e.g., 8.1.0]
- MongoDB Version: [e.g., 6.0]
- Application Version: [e.g., 1.0.0]
## Additional Context
Add any other context about the problem here.
Feature Request Templateβ
---
name: Feature request
about: Suggest an idea for this project
title: '[FEATURE] '
labels: enhancement
assignees: ''
---
## Feature Description
A clear and concise description of what you want to happen.
## Use Case
Why is this feature needed? What problem does it solve?
## Proposed Solution
A clear and concise description of what you want to happen.
## Alternatives Considered
A clear and concise description of any alternative solutions or features you've considered.
## Additional Context
Add any other context or screenshots about the feature request here.
Documentation Templateβ
---
name: Documentation
about: Documentation improvement or addition
title: '[DOCS] '
labels: documentation
assignees: ''
---
## Documentation Type
- [ ] API Documentation
- [ ] User Guide
- [ ] Developer Guide
- [ ] Configuration Guide
- [ ] Troubleshooting Guide
## Description
A clear and concise description of what documentation needs to be added or improved.
## Current State
What documentation currently exists for this topic?
## Proposed Changes
What changes or additions do you propose?
## Additional Context
Add any other context about the documentation request here.
Pull Request Templatesβ
Feature Pull Requestβ
## Description
Brief description of the changes
## Type of Change
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
- [ ] Documentation update
## How Has This Been Tested?
- [ ] Unit tests
- [ ] Integration tests
- [ ] Manual testing
- [ ] End-to-end tests
## Checklist
- [ ] My code follows the project's coding standards
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [ ] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] Any dependent changes have been merged and published
## Screenshots (if applicable)
Add screenshots to help explain your changes.
## Additional Notes
Any additional information about the pull request.
Bug Fix Pull Requestβ
## Description
Brief description of the bug fix
## Bug Details
- **Issue**: Link to the issue
- **Root Cause**: What caused the bug
- **Solution**: How the bug was fixed
## Testing
- [ ] Unit tests added/updated
- [ ] Integration tests added/updated
- [ ] Manual testing completed
- [ ] Regression testing completed
## Checklist
- [ ] Bug fix is minimal and focused
- [ ] Code follows project standards
- [ ] Tests cover the fix
- [ ] Documentation updated if needed
- [ ] No breaking changes introduced
## Additional Notes
Any additional information about the bug fix.
GitHub Apps and Integrationsβ
Dependabotβ
# .github/dependabot.yml
version: 2
updates:
- package-ecosystem: "composer"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
CodeQLβ
# .github/workflows/codeql.yml
name: "CodeQL"
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
schedule:
- cron: '0 2 * * 1'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: php, javascript
- name: Autobuild
uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
Stale Issuesβ
# .github/workflows/stale.yml
name: Mark stale issues and pull requests
on:
schedule:
- cron: '0 0 * * 0'
jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v8
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-issue-message: 'This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.'
stale-pr-message: 'This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.'
stale-issue-label: 'stale'
stale-pr-label: 'stale'
close-issue-message: 'This issue has been closed due to inactivity.'
close-pr-message: 'This pull request has been closed due to inactivity.'
days-before-stale: 30
days-before-close: 7
exempt-issue-labels: 'pinned,security'
exempt-pr-labels: 'pinned,security'
Project Managementβ
GitHub Projectsβ
# .github/project.yml
name: SecureHealth Development
description: Project management for SecureHealth development
columns:
- name: "Backlog"
purpose: "Items to be worked on"
- name: "In Progress"
purpose: "Currently being worked on"
- name: "In Review"
purpose: "Under review"
- name: "Done"
purpose: "Completed items"
workflows:
- name: "Default"
rules:
- when: "pull_request.opened"
then: "move to In Progress"
- when: "pull_request.merged"
then: "move to Done"
Milestonesβ
# .github/milestones.yml
milestones:
- title: "v1.1.0 - Enhanced Security"
description: "Enhanced security features and improvements"
due_on: "2024-03-01"
state: "open"
- title: "v1.2.0 - Performance Optimization"
description: "Performance improvements and optimizations"
due_on: "2024-06-01"
state: "open"
- title: "v2.0.0 - Major Features"
description: "Major new features and improvements"
due_on: "2024-12-01"
state: "open"
Release Managementβ
Release Workflowβ
# .github/workflows/release.yml
name: Release
on:
push:
tags:
- 'v*'
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.1'
- name: Install dependencies
run: composer install --prefer-dist --no-progress --no-dev
- name: Run tests
run: phpunit
- name: Create Release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Release ${{ github.ref }}
draft: false
prerelease: false
Changelog Generationβ
# .github/workflows/changelog.yml
name: Generate Changelog
on:
push:
tags:
- 'v*'
jobs:
changelog:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Generate Changelog
uses: release-drafter/release-drafter@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Next Stepsβ
- Contributing - How to contribute to the project
- Support - Getting help and support
- Roadmap - Project roadmap and future plans