Add GitHub Actions workflow for Laravel tests

[shash-hq]

Summary by cubic

Adds a GitHub Actions workflow that runs Laravel tests on pushes and pull requests to main, providing CI coverage to catch regressions early. It sets up PHP 8.0, installs Composer dependencies, prepares a SQLite database, and runs php artisan test.

^{Written for commit 06022d9. Summary will update on new commits.}

Summary by CodeRabbit

• Chores
  • Established automated testing infrastructure to ensure code quality and reliability through continuous integration on code submissions.

[coderabbitai]

📝 Walkthrough

Walkthrough

A new GitHub Actions workflow is added at .github/workflows/laravel.yml to automate Laravel testing on push and pull requests to the main branch. The workflow sets up PHP 8.0, installs dependencies, configures the environment, and executes the test suite.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow .github/workflows/laravel.yml	New CI workflow for Laravel that runs on main branch push/PR events. Includes PHP 8.0 setup, Composer dependency installation, environment configuration, SQLite database creation, and automated test execution via php artisan test.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 A workflow springs to life, so new,
Where tests run swift and bright,
PHP dances, SQLite too,
CI shines in the night!
*✨ *

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding a GitHub Actions workflow file for running Laravel tests.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch shash-hq-patch-1

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

You can disable poems in the walkthrough.

Disable the reviews.poem setting to disable the poems in the walkthrough.

[Copilot]

Pull request overview

Adds a GitHub Actions CI workflow to run the Laravel test suite on pushes and pull requests to main, using an SQLite database on an Ubuntu runner.

Changes:

• Introduces .github/workflows/laravel.yml to run php artisan test in CI.
• Sets up PHP, installs Composer dependencies, generates an app key, and prepares an SQLite database file.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[cubic-dev-ai]

1 issue found across 1 file

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name=".github/workflows/laravel.yml">

<violation number="1" location=".github/workflows/laravel.yml:17">
P1: This workflow installs PHP 8.0, but the project requires PHP ^8.2, so `composer install` will fail and the test job won't run.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P1: This workflow installs PHP 8.0, but the project requires PHP ^8.2, so composer install will fail and the test job won't run.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/laravel.yml, line 17:

<comment>This workflow installs PHP 8.0, but the project requires PHP ^8.2, so `composer install` will fail and the test job won't run.</comment>

<file context>
@@ -0,0 +1,35 @@
+    steps:
+    - uses: shivammathur/setup-php@15c43e89cdef867065b0213be354c2841860869e
+      with:
+        php-version: '8.0'
+    - uses: actions/checkout@v4
+    - name: Copy .env
</file context>

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/laravel.yml (1)

26-26: Avoid world-writable permissions in CI.

Line 26 uses 777; this is broader than necessary. Prefer least-privilege writable permissions for the runner user/group.

Proposed hardening

-      run: chmod -R 777 storage bootstrap/cache
+      run: chmod -R ug+rwx storage bootstrap/cache

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/laravel.yml at line 26, The CI step currently sets
world-writable permissions with "chmod -R 777 storage bootstrap/cache"; change
this to least-privilege writable permissions and ensure the runner user owns the
directories. Replace the 777 chmod with a more restrictive mode (e.g., 775 or
755 as appropriate) and add a chown to the CI user/group (or use the provided
runner user like $GITHUB_RUNNER_USER) so only owner/group are writable, e.g.,
use chown to set ownership on "storage" and "bootstrap/cache" then chmod -R 775
those paths instead of 777.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/laravel.yml:
- Around line 17-22: The CI workflow sets php-version: '8.0' which doesn't meet
composer.json's ^8.2 requirement; update the workflow's PHP version to a
compatible version (e.g., change php-version to '8.2' or a matrix including
'8.2'/'8.3') so the Install Dependencies step (the run executing composer
install) runs under a PHP that satisfies the constraint; keep the existing
actions/checkout, Copy .env, and Install Dependencies steps unchanged except for
this php-version update.

---

Nitpick comments:
In @.github/workflows/laravel.yml:
- Line 26: The CI step currently sets world-writable permissions with "chmod -R
777 storage bootstrap/cache"; change this to least-privilege writable
permissions and ensure the runner user owns the directories. Replace the 777
chmod with a more restrictive mode (e.g., 775 or 755 as appropriate) and add a
chown to the CI user/group (or use the provided runner user like
$GITHUB_RUNNER_USER) so only owner/group are writable, e.g., use chown to set
ownership on "storage" and "bootstrap/cache" then chmod -R 775 those paths
instead of 777.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: dceb343f-b605-4117-afb3-cf6dd845a49e

📥 Commits

Reviewing files that changed from the base of the PR and between e939732 and 06022d9.

📒 Files selected for processing (1)

• .github/workflows/laravel.yml

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Workflow PHP version:"
rg -nP "php-version:\s*['\"][0-9.]+" .github/workflows/laravel.yml

echo "Composer PHP constraint:"
rg -nP '"php"\s*:\s*"[^"]+"' composer.json

Repository: shash-hq/lore

Length of output: 158

---

PHP version incompatible with project requirements (CI blocker)

Line 17 sets PHP 8.0, but composer.json requires ^8.2. The composer install step will fail because PHP 8.0 does not satisfy the constraint.

Proposed fix

-        php-version: '8.0'
+        php-version: '8.2'

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	php-version: '8.0'
	- uses: actions/checkout@v4
	- name: Copy .env
	run: php -r "file_exists('.env') || copy('.env.example', '.env');"
	- name: Install Dependencies
	run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
	php-version: '8.2'
	- uses: actions/checkout@v4
	- name: Copy .env
	run: php -r "file_exists('.env') || copy('.env.example', '.env');"
	- name: Install Dependencies
	run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/laravel.yml around lines 17 - 22, The CI workflow sets
php-version: '8.0' which doesn't meet composer.json's ^8.2 requirement; update
the workflow's PHP version to a compatible version (e.g., change php-version to
'8.2' or a matrix including '8.2'/'8.3') so the Install Dependencies step (the
run executing composer install) runs under a PHP that satisfies the constraint;
keep the existing actions/checkout, Copy .env, and Install Dependencies steps
unchanged except for this php-version update.