Code style fixes and actions

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,25 @@
+#### Link to ticket
+
+Please add a link to the ticket being addressed by this change.
+
+#### Description
+
+Please include a short description of the suggested change and the reasoning behind the approach you have chosen.
+
+#### Screenshot of the result
+
+If your change affects the user interface, you should include a screenshot of the result with the pull request.
+
+#### Checklist
+
+- [ ] My code is covered by test cases.
+- [ ] My code passes our test (all our tests).
+- [ ] My code passes our static analysis suite.
+- [ ] My code passes our continuous integration process.
+
+If your code does not pass all the requirements on the checklist, you have to add a comment explaining why this change
+should be exempt from the list.
+
+#### Additional comments or questions
+
+If you have any further comments or questions for the reviewer, please add them here.

.github/workflows/pr.yaml

@@ -0,0 +1,153 @@
+on: pull_request
+name: Review
+jobs:
+  test-composer-install:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        php: [ '8.2', '8.3' ]
+    name: Validate composer (${{ matrix.php}})
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup PHP, with composer and extensions
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php}}
+          extensions: http, ctype, iconv
+          coverage: none
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Cache dependencies
+        uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}-${{ matrix.dependency-version }}-
+          restore-keys: ${{ runner.os }}-composer-${{ matrix.dependency-version }}-
+
+      - name: Validate composer files
+        run: composer validate composer.json --strict
+
+      - name: Composer install with exported .env variables
+        run: |
+          set -a && source .env && set +a
+          APP_ENV=prod composer install --no-dev -o
+
+  test-suite:
+    name: Test suite (${{ matrix.php }})
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        php: [ '8.2', '8.3' ]
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup PHP, with composer and extensions
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php}}
+          extensions: http, ctype, iconv
+          coverage: xdebug
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Cache dependencies
+        uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}-${{ matrix.dependency-version }}-
+          restore-keys: ${{ runner.os }}-composer-${{ matrix.dependency-version }}-
+
+      - name: Install Dependencies
+        run: composer install -q --no-ansi --no-interaction --no-scripts --no-suggest --no-progress --prefer-dist
+
+      - name: Test suite
+        run: ./vendor/bin/phpunit --coverage-clover=coverage/unit.xml
+
+      - name: Upload coverage to Codecov test
+        uses: codecov/codecov-action@v2
+        with:
+          files: ./coverage/unit.xml
+          flags: unittests, ${{ matrix.php }}
+
+  php-cs-fixer:
+    runs-on: ubuntu-20.04
+    strategy:
+      fail-fast: false
+      matrix:
+        php: ['8.2', '8.3']
+    name: PHP Coding Standards Fixer (PHP ${{ matrix.php }})
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup PHP, with composer and extensions
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php}}
+          extensions: http, ctype, iconv
+          coverage: none
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Cache composer dependencies
+        uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ matrix.php }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: ${{ matrix.php }}-composer-
+
+      - name: Install Dependencies
+        run: composer install -q --no-ansi --no-interaction --no-scripts --no-suggest --no-progress --prefer-dist
+
+      - name: php-cs-fixer
+        run: phpdbg -qrr ./vendor/bin/php-cs-fixer fix --dry-run
+
+  markdownlint:
+    name: Markdown Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+      - name: Cache yarn packages
+        uses: actions/cache@v4
+        id: yarn-cache
+        with:
+          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+      - name: Yarn install
+        uses: actions/setup-node@v2
+        with:
+          node-version: '18'
+      - run: yarn install
+      - name: markdownlint
+        run: yarn run coding-standards-check
+
+  changelog:
+    runs-on: ubuntu-latest
+    name: Changelog should be updated
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+
+      - name: Git fetch
+        run: git fetch
+
+      - name: Check that changelog has been updated.
+        run: git diff --exit-code origin/${{ github.base_ref }} -- CHANGELOG.md && exit 1 || exit 0

.gitignore

@@ -1,3 +1,4 @@
 vendor
 composer.lock
 .phpunit.result.cache
+.php-cs-fixer.cache

.markdownlint.json

@@ -0,0 +1,11 @@
+{
+  "default": true,
+  "MD013": {
+    "line_length": 120,
+    "ignore_code_blocks": true,
+    "tables": false
+  },
+  "no-duplicate-heading": {
+    "siblings_only": true
+  }
+}

.php-cs-fixer.dist.php

@@ -0,0 +1,14 @@
+<?php
+
+$finder = (new PhpCsFixer\Finder())
+    ->in(__DIR__)
+    ->exclude('var')
+;
+
+return (new PhpCsFixer\Config())
+    ->setRules([
+        '@Symfony' => true,
+        'phpdoc_align' => false,
+    ])
+    ->setFinder($finder)
+;

CHANGELOG.md

@@ -0,0 +1,16 @@
+# Changelog
+
+![keep a changelog](https://img.shields.io/badge/Keep%20a%20Changelog-v1.1.0-brightgreen.svg?logo=data%3Aimage%2Fsvg%2Bxml%3Bbase64%2CPHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGZpbGw9IiNmMTVkMzAiIHZpZXdCb3g9IjAgMCAxODcgMTg1Ij48cGF0aCBkPSJNNjIgN2MtMTUgMy0yOCAxMC0zNyAyMmExMjIgMTIyIDAgMDAtMTggOTEgNzQgNzQgMCAwMDE2IDM4YzYgOSAxNCAxNSAyNCAxOGE4OSA4OSAwIDAwMjQgNCA0NSA0NSAwIDAwNiAwbDMtMSAxMy0xYTE1OCAxNTggMCAwMDU1LTE3IDYzIDYzIDAgMDAzNS01MiAzNCAzNCAwIDAwLTEtNWMtMy0xOC05LTMzLTE5LTQ3LTEyLTE3LTI0LTI4LTM4LTM3QTg1IDg1IDAgMDA2MiA3em0zMCA4YzIwIDQgMzggMTQgNTMgMzEgMTcgMTggMjYgMzcgMjkgNTh2MTJjLTMgMTctMTMgMzAtMjggMzhhMTU1IDE1NSAwIDAxLTUzIDE2bC0xMyAyaC0xYTUxIDUxIDAgMDEtMTItMWwtMTctMmMtMTMtNC0yMy0xMi0yOS0yNy01LTEyLTgtMjQtOC0zOWExMzMgMTMzIDAgMDE4LTUwYzUtMTMgMTEtMjYgMjYtMzMgMTQtNyAyOS05IDQ1LTV6TTQwIDQ1YTk0IDk0IDAgMDAtMTcgNTQgNzUgNzUgMCAwMDYgMzJjOCAxOSAyMiAzMSA0MiAzMiAyMSAyIDQxLTIgNjAtMTRhNjAgNjAgMCAwMDIxLTE5IDUzIDUzIDAgMDA5LTI5YzAtMTYtOC0zMy0yMy01MWE0NyA0NyAwIDAwLTUtNWMtMjMtMjAtNDUtMjYtNjctMTgtMTIgNC0yMCA5LTI2IDE4em0xMDggNzZhNTAgNTAgMCAwMS0yMSAyMmMtMTcgOS0zMiAxMy00OCAxMy0xMSAwLTIxLTMtMzAtOS01LTMtOS05LTEzLTE2YTgxIDgxIDAgMDEtNi0zMiA5NCA5NCAwIDAxOC0zNSA5MCA5MCAwIDAxNi0xMmwxLTJjNS05IDEzLTEzIDIzLTE2IDE2LTUgMzItMyA1MCA5IDEzIDggMjMgMjAgMzAgMzYgNyAxNSA3IDI5IDAgNDJ6bS00My03M2MtMTctOC0zMy02LTQ2IDUtMTAgOC0xNiAyMC0xOSAzN2E1NCA1NCAwIDAwNSAzNGM3IDE1IDIwIDIzIDM3IDIyIDIyLTEgMzgtOSA0OC0yNGE0MSA0MSAwIDAwOC0yNCA0MyA0MyAwIDAwLTEtMTJjLTYtMTgtMTYtMzEtMzItMzh6bS0yMyA5MWgtMWMtNyAwLTE0LTItMjEtN2EyNyAyNyAwIDAxLTEwLTEzIDU3IDU3IDAgMDEtNC0yMCA2MyA2MyAwIDAxNi0yNWM1LTEyIDEyLTE5IDI0LTIxIDktMyAxOC0yIDI3IDIgMTQgNiAyMyAxOCAyNyAzM3MtMiAzMS0xNiA0MGMtMTEgOC0yMSAxMS0zMiAxMXptMS0zNHYxNGgtOFY2OGg4djI4bDEwLTEwaDExbC0xNCAxNSAxNyAxOEg5NnoiLz48L3N2Zz4K)
+
+All notable changes to this project will be documented in this file.
+
+See [keep a changelog] for information about writing changes to this log.
+
+## [Unreleased]
+
+* Added cache of token and possibility to cache secrets.
+* Added get secrets.
+* Added login.
+
+[keep a changelog]: https://keepachangelog.com/en/1.1.0/
+[unreleased]: https://github.com/itk-dev/itkdev-vault-library/compare/main...develop

README.md

@@ -0,0 +1,19 @@
+# Vault library
+
+A PHP library for authenticating with HashiCorp Vault using the `approle`
+method. This library implements the PSR-18 and PSR-17 interfaces, so you will
+need to provide your own HTTP client.
+
+## Install
+
+You can install this library by utilizing PHP Composer, which is the recommended
+dependency management tool for PHP.
+
+```shell
+composer require itkdev/vault
+```
+
+## Usage
+
+@TODO: Add links to the symfony bundel and drupal Keys provider module as
+examples on how to use this library.

composer.json

@@ -13,18 +13,27 @@
       "role": "Developer"
     }
   ],
+  "autoload": {
+    "psr-4": {
+      "ItkDev\\Vault\\": "src/Vault"
+    }
+  },
   "require": {
     "php": ">=8.2",
     "psr/http-client": "^1.0",
     "psr/http-factory": "^1.1",
     "psr/simple-cache": "^3.0"
   },
   "require-dev": {
-    "phpunit/phpunit": "^11.3"
+    "phpunit/phpunit": "^11.3",
+    "friendsofphp/php-cs-fixer": "^3.64"
   },
-  "autoload": {
-    "psr-4": {
-      "ItkDev\\Vault\\": "src/Vault"
-    }
+  "scripts": {
+    "coding-standards-apply": [
+      "PHP_CS_FIXER_IGNORE_ENV=1 vendor/bin/php-cs-fixer fix"
+    ],
+    "coding-standards-check": [
+      "PHP_CS_FIXER_IGNORE_ENV=1 vendor/bin/php-cs-fixer fix --dry-run"
+    ]
   }
 }

package.json

@@ -0,0 +1,14 @@
+{
+  "license": "UNLICENSED",
+  "private": true,
+  "description": "Tooling setup for linting",
+  "devDependencies": {
+    "markdownlint-cli": "^0.35.0"
+  },
+  "scripts": {
+    "coding-standards-check/markdownlint": "markdownlint --ignore 'node_modules' --ignore 'vendor' README.md CHANGELOG.md 'docs/**/*.md'",
+    "coding-standards-check": "yarn coding-standards-check/markdownlint",
+    "coding-standards-apply/markdownlint": "markdownlint --fix README.md CHANGELOG.md docs/*.md docs/**/*.md",
+    "coding-standards-apply": "yarn coding-standards-apply/markdownlint"
+  }
+}

phpunit.xml

@@ -1,14 +1,26 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<phpunit bootstrap="vendor/autoload.php"
-         colors="true">
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/11.3/phpunit.xsd"
+         bootstrap="vendor/autoload.php"
+         cacheDirectory=".phpunit.cache"
+         executionOrder="depends,defects"
+         shortenArraysForExportThreshold="10"
+         requireCoverageMetadata="true"
+         beStrictAboutCoverageMetadata="true"
+         beStrictAboutOutputDuringTests="true"
+         displayDetailsOnPhpunitDeprecations="true"
+         failOnPhpunitDeprecation="true"
+         failOnRisky="true"
+         failOnWarning="true">
     <testsuites>
-        <testsuite name="Library Test Suite">
-            <directory>./tests</directory>
+        <testsuite name="default">
+            <directory>tests</directory>
         </testsuite>
     </testsuites>
-    <coverage processUncoveredFiles="true">
+
+    <source ignoreIndirectDeprecations="true" restrictNotices="true" restrictWarnings="true">
         <include>
-            <directory suffix=".php">src</directory>
+            <directory>src</directory>
         </include>
-    </coverage>
+    </source>
 </phpunit>

src/Vault/Model/Secret.php

@@ -9,9 +9,6 @@ public function __construct(
         public string $value,
         public string $version,
         public \DateTimeImmutable $createdAt,
-    )
-    {
-
+    ) {
     }
-
 }

src/Vault/Model/Token.php

@@ -10,11 +10,12 @@ public function __construct(
         public readonly bool $renewable,
         public readonly string $roleName,
         private int $numUsesLeft,
-    ) {}
+    ) {
+    }
 
     public function used(): void
     {
-        $this->numUsesLeft--;
+        --$this->numUsesLeft;
     }
 
     public function usesLeft(): int
@@ -24,7 +25,6 @@ public function usesLeft(): int
 
     public function isExpired(int $tokenGracePeriod = 60): bool
     {
-        return $this->expiresAt->sub(new \DateInterval('PT' . $tokenGracePeriod .'S')) < new \DateTimeImmutable(timezone: new \DateTimeZone('UTC'));
+        return $this->expiresAt->sub(new \DateInterval('PT'.$tokenGracePeriod.'S')) < new \DateTimeImmutable(timezone: new \DateTimeZone('UTC'));
     }
-
 }