Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build a PHP Safety Net: Automated Checks Before...

Aaron Holbrook
November 02, 2023
Technology
0
25

Build a PHP Safety Net: Automated Checks Before You Commit

Discover how to bulletproof your PHP projects by mastering essential developer tools and automating pre-commit checks.

You'll learn how to:

Seamlessly integrate Make, PHPStan, PHPCS, and PHPMD to streamline your coding tasks.
Write versatile Makefile rules to automate PHP-related workflows.
Set up pre-commit hooks that act as your code quality safety net.
Dive into real-world examples, tweak advanced configurations, and troubleshoot common issues. Walk away with a robust pre-commit workflow that enhances your code quality and catches issues before they reach the repository.

Aaron Holbrook

November 02, 2023
Tweet

More Decks by Aaron Holbrook

See All by Aaron Holbrook
Debugging PHP Applications
aaronholbrook
0
47
Safe and Happy Deploys Using Automation
aaronholbrook
0
190
Refactoring Legacy Applications
aaronholbrook
0
94
Introduction to IDEs and Debugging
aaronholbrook
0
180
Making WordPress Search Kick-ass with Elasticsearch
aaronholbrook
0
1.6k
Static Site to WordPress
aaronholbrook
0
110
WordPress is a CMS, DAMMIT!
aaronholbrook
7
2k
WordPress & Version Control (v2) - WordCamp Chicago 2012
aaronholbrook
9
5.3k

Other Decks in Technology

See All in Technology
インフラとバックエンドとフロントエンドをくまなく調べて遅いアプリを早くした件
tubone24
1
430
【令和最新版】AWS Direct Connectと愉快なGWたちのおさらい
minorun365
PRO
5
750
Terraform CI/CD パイプラインにおける AWS CodeCommit の代替手段
hiyanger
1
240
Adopting Jetpack Compose in Your Existing Project - GDG DevFest Bangkok 2024
akexorcist
0
110
TanStack Routerに移行するのかい しないのかい、どっちなんだい! / Are you going to migrate to TanStack Router or not? Which one is it?
kaminashi
0
580
Evangelismo técnico: ¿qué, cómo y por qué?
trishagee
0
360
Amazon Personalizeの レコメンドシステム構築、実際何するの? 〜大体10分で具体的なイメージをつかむ〜
kniino
1
100
New Relicを活用したSREの最初のステップ / NRUG OKINAWA VOL.3
isaoshimizu
2
590
Amazon CloudWatch Network Monitor のススメ
yuki_ink
1
200
AWS Lambda のトラブルシュートをしていて思うこと
kazzpapa3
2
170
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
3.8k
iOSチームとAndroidチームでブランチ運用が違ったので整理してます
sansantech
PRO
0
130

Featured

See All Featured
[RailsConf 2023] Rails as a piece of cake
palkan
52
4.9k
Statistics for Hackers
jakevdp
796
220k
Building a Scalable Design System with Sketch
lauravandoore
459
33k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
4 Signs Your Business is Dying
shpigford
180
21k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.3k
A Philosophy of Restraint
colly
203
16k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
109
49k
Measuring & Analyzing Core Web Vitals
bluesmoon
4
120
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
27
4.3k
Gamification - CAS2011
davidbonilla
80
5k

Transcript

  1. Build a PHP Safety Net Streamline and Safeguard: Automated Checks

    Before You Commit AARON HOLBROOK, 2023

  2. Why?

  3. Why Have a Safety Net? • Cleaner, more consistent, safer

    code • Uni fi ed coding standard is auto-applied • Automatically perform static analysis of code and help PREVENT an entire range of bugs • Automatically run unit, integration or acceptance tests AARON HOLBROOK, 2023

  4. AARON HOLBROOK Over 20 years of PHP experience Public Speaker

    & Workshop Leader Driven by E ff iciency & Problem-Solving A Lifelong Builder: Digital & Physical AARON HOLBROOK, 2023 ZEEK.COM Your Debugging Expert for the Day Principal Engineer at Zeek: Specializing in Solving Problems

  5. Prerequisites: Developer Workflows • Bash/Shell Terminal: Ensure you have access

    to a Bash or Shell terminal. Windows users may consider using WSL or Git Bash. • PHP Locally Installed: Make sure you have PHP installed on your local machine. We will be running various PHP-based commands. PHP 8.2 is recommended. • Composer: This package manager for PHP is essential for some of the tools we'll be using. You can download it here (https://getcomposer.org). • GitHub Account: If you don't have a GitHub account yet, please create one as we will be working with Git repositories (and automating GitHub Actions). • SSH Keys: Generate an SSH private/public key pair if you haven't already. This is crucial for secure communication with GitHub. Here’s a guide on how to do this (https://docs.github.com/en/authentication/connecting-to-github-with-ssh/ generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent). • GitHub Authentication: Make sure you're locally authenticated with GitHub using your SSH keys. This will allow us to easily clone repositories and push changes. • GNU Make (Command-Line Utility Installed): GNU Make is a build automation tool that we'll be using to manage and streamline various tasks in our PHP project. Here's how to install it based on your operating system: • Windows: You can install GNU Make through Cygwin or WSL (Windows Subsystem for Linux). • Linux: Generally available by default. If not, you can install it using the package manager for your speci fi c distro, usually with a command like sudo apt-get install make for Debian-based distributions or sudo yum install make for Red Hat-based distributions. • Mac: It can be installed using Homebrew with the command brew install make. AARON HOLBROOK, 2023

  6. What Does it Look Like in Action? AARON HOLBROOK, 2023

  7. github.com/ZeekInteractive/longhornphp-tools-workshop

  8. github.com/ZeekInteractive/longhornphp-tools-workshop HANDS ON!

  9. PHP Quality Tools

  10. PHP Quality Tools • PHP CS Fixer (for automatic code

    styling fi xes) • PHP Linter (for syntax checking) • PHP Mess Detector (detect code smells and possible errors) • PHPStan (static analyzer that looks at code typing and logic issues) • Pest / PHPUnit • Rector (automated refactoring) AARON HOLBROOK, 2023

  11. PHP CS Fixer A tool to automatically fi x PHP

    Coding Standards issues The PHP Coding Standards Fixer (PHP CS Fixer) tool fi xes your code to follow standards. You can also de fi ne your (team’s) style through con fi guration. https://github.com/PHP-CS-Fixer/PHP-CS-Fixer

  12. ❯ composer require friendsofphp/php-cs-fixer --dev Install https://github.com/PHP-CS-Fixer/PHP-CS-Fixer

  13. ❯ vendor/bin/php-cs-fixer fix src Simple, default example https://github.com/PHP-CS-Fixer/PHP-CS-Fixer

  14. ❯ vendor/bin/php-cs-fixer fix src/ --diff -- rules=@PSR12,@Symfony,-return_type_declaration -- exclude=vendor,tests --cache-file=/path/

    to/.php_cs.cache Complex, verbose example https://github.com/PHP-CS-Fixer/PHP-CS-Fixer

  15. https://github.com/PHP-CS-Fixer/PHP-CS-Fixer

  16. ❯ vendor/bin/php-cs-fixer fix --config=build/php-cs- fixer/php-cs-fixer.dist.php --quiet Example using a con

    fi guration fi le https://github.com/PHP-CS-Fixer/PHP-CS-Fixer

  17. PHP Parallel Linter This application checks the syntax of PHP

    fi les in parallel Linting's purpose is to identify syntax errors in PHP fi les. Syntax errors are basic mistakes in the code that prevent it from running, like missing semicolons or mismatched brackets.

  18. ❯ composer require php-parallel-lint/php-parallel- lint --dev Install https://github.com/php-parallel-lint/PHP-Parallel-Lint

  19. ❯ vendor/bin/parallel-lint --exclude .git --exclude app --exclude vendor . Simple,

    default example https://github.com/php-parallel-lint/PHP-Parallel-Lint

  20. ❯ vendor/bin/parallel-lint -j 10 app config routes -- no-progress --colors

    --blame Slightly more complex example https://github.com/php-parallel-lint/PHP-Parallel-Lint

  21. PHP Mess Detector This application checks for code smells and

    best practices PHPMD looks for several potential problems: • Possible bugs • Suboptimal code • Overcomplicated expressions • Unused parameters, methods, properties

  22. ❯ composer require phpmd/phpmd --dev Install https://phpmd.org/

  23. ❯ vendor/bin/phpmd src text codesize,unusedcode,naming Simple, default example https://phpmd.org/

  24. ❯ vendor/bin/phpmd src xml unusedcode,design,codesize --exclude vendor/,tests/ --strict --ignore- violations-on-exit

    --exclude NPathComplexity -- minimumpriority 300 Complex example https://phpmd.org/

  25. https://phpmd.org/

  26. ❯ vendor/bin/phpmd app ansi build/phpmd/phpmd.xml Example using a con fi

    guration fi le https://phpmd.org/

  27. PHPStan PHPStan fi nds bugs in your code without writing

    tests PHPStan scans your whole codebase and looks for both obvious & tricky bugs. Even in those rarely executed if statements that certainly aren't covered by tests.

  28. https://phpstan.org/

  29. ❯ composer require phpstan/phpstan --dev Install https://phpstan.org/

  30. ❯ vendor/bin/phpstan analyse src tests Simple, default example https://phpstan.org/

  31. ❯ vendor/bin/phpstan analyse --level=4 -- configuration=phpstan-baseline.neon --no-progress -- paths=../../app --error-format=table

    --report- unmatched-ignored-errors=false Complex example https://phpstan.org/

  32. https://phpstan.org/

  33. ❯ vendor/bin/phpstan analyse --error-format=table -c build/phpstan/phpstan.neon.dist Example using a con

    fi guration fi le https://phpstan.org/

  34. Pest / PHPUnit The elegant PHP testing framework Pest is

    a testing framework with a focus on simplicity, meticulously designed to bring back the joy of testing in PHP. https://pestphp.com/

  35. ❯ composer require pestphp/pest --dev --with-all- dependencies ❯ vendor/bin/pest --init

    Install https://pestphp.com/

  36. ❯ vendor/bin/pest Simple, default example https://pestphp.com/

  37. ❯ vendor/bin/pest --bootstrap=../vendor/autoload.php --colors --filter="Test\.php$" --env=APP_ENV=testing --env=CACHE_DRIVER=array --env=DB_CONNECTION=sqlite --env=MAIL_DRIVER=array --env=QUEUE_CONNECTION=sync

    --env=SESSION_DRIVER=array tests Complex example https://pestphp.com/

  38. https://pestphp.com/

  39. ❯ vendor/bin/pest --colors=always -c build/pest/ phpunit.xml Example using a con

    fi guration fi le https://pestphp.com/

  40. Consistency Across Projects

  41. ndor/bin/pest --colors=always -c build/ /phpunit.xml hpstan analyse --error-format=table -c phpstan.neon.dist

    Example using a con fi guration fi le ❯ vendor/bin/parallel-lint -j 10 app confi no-progress --colors --blame Slightly more complex example ❯ vendor/bin/php-cs-fixer fix fixer/php-cs-fixer.dist.php - Example using a con fi fi Introducing Make

  42. GNU Make What is GNU Make? • Automated Build Tool

    • Reads `Make fi le` for build rules • Ideal for automating repetitive tasks

  43. GNU Make Inside a Make fi le • Rules with

    targets, prerequisites, and commands • Variables and macros for fl exibility • Comments for clarity # This is a comment deploy: @echo "Deploying the application..." Simple Make fi le

  44. GNU Make Why Use Make for PHP? • Simplify multiple

    command execution • Combine PHP tools like phpstan, cs- fi xer, and more • Set up advanced fl ags per subcommand

  45. GNU Make Building a Safety Net with Make • Uni

    fi ed command for linting, testing, and analyzing • Easy addition of new tools and fl ags • Ensure consistent build and testing environment

  46. Introducing Git Hooks

  47. Git Hooks (client side) • pre-commit: Runs before a commit

    is created, useful for performing local checks. • prepare-commit-msg: Runs before the commit message editor is opened but after default message is created. Useful for editing the default commit message. • commit-msg: Runs after the commit message is entered but before the commit is made, generally to validate or modify the commit message. • post-commit: Runs after the commit is made; often used for noti fi cations or other post-commit actions. • pre-rebase: Runs before a rebase is executed, often used to disallow rebasing of published commits. • post-rewrite: Runs after a commit is amended or rebased; typically used for noti fi cation or to refresh status. • pre-push: Runs before a `git push`, useful for doing server-side validation without making a round-trip. • ... the list goes on ...

  48. pre-commit Runs before a commit is created, useful for performing

    local checks. • Common Uses • Code Linting • Unit Testing • Code Formatting AARON HOLBROOK, 2023

  49. pre-commit Runs before a commit is created, useful for performing

    local checks. • Bene fi ts • Ensures code quality • Prevents bad commits • Streamlines work fl ow AARON HOLBROOK, 2023

  50. pre-commit Runs before a commit is created, useful for performing

    local checks. • Setup • Navigate to `.git/hooks` • Create & make `pre-commit` fi le executable • Add your script AARON HOLBROOK, 2023

  51. Introducing GitHub Actions

  52. None
  53. None
  54. None

  55. The Zeek Build Process

  56. https://github.com/ZeekInteractive/zeek-build-process github.com/ZeekInteractive/zeek-build-process

  57. ❯ composer require zeek/zeek-build-process --dev https://github.com/ZeekInteractive/zeek-build-process

  58. ❯ ./vendor/bin/zbp install https://github.com/ZeekInteractive/zeek-build-process

  59. github.com/ZeekInteractive/longhornphp-tools-workshop HANDS ON!

  60. 🌐 Flexible Work Environment 💡 Innovative Projects 🌱 Growth and

    Development Opportunities ⚖ Work-Life Balance 🏡 100% remote 📜 Seasoned company history with top talent 💰 Competitive Compensation 🛌 Flexible Fridays Program 🏖 Flexible PTO 🩺 401k, Health, Dental, Vision Insurance 🎉 Fun as a Core Value: We believe life's too long to be so serious– enjoy the journey with us! Join our Team! Inspired or curious? Reach out and let's discuss further! [email protected] Scan To Explore Opportunities