Integrate phpstan into Bitbucket pipeline

A static code analyzer helps to detect many issues before they kill your application.
We use phpstan for our PHP projects and manage to integrate it into the pipeline so that a push is only deployed if the analysis is successful.
For this to work you first have to configure phpstan for your PHP application. We assume that you use composer, so you can easily add it as a dev-dependency:
composer require --dev phpstan/phpstan
Then you have to create a config to exclude at least the vendor files. For this you create a phpstan.neon in your root directory and fill it e.g. with this:
parameters: excludes_analysis: - *vendor/*
You can now test if your code is clean by calling the following command from your root directory (assuming your vendor folder is there).
vendor/bin/phpstan analysis -l 0 -c .\phpstan.neon . --memory-limit=1G
Let's have a quick look at the parameters:
-l 0
-c .\phpstan.neon
.
--memory-limit=1G
As your codebase gets bigger you may need to allocate more memory to phpstan, you can do that via this flag.
If all this works we can start with the bitbucket pipeline:
Just create a bitbucket-pipelines.yml file in your root folder and fill it with the following content:
image: php:7.2-cli pipelines: branches: dev: // On which branch should the pipeline run? - step: // The first step is to call phpstan name: Run PHP analyzer caches: // This is a standard cache from Bitbucket that will cache your composer modules. - composer // Then you don't need to reload them on every pipeline run. script: - apt-get update -yqq - apt-get install -y wget git zip unzip // we need git and unzip for the composer installs - docker-php-ext-install pdo_mysql // If you use MySQL you probably need this php extension too, // otherwise phpstan won't find the MySQL constants etc. - curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer // Composer itself has to be installed, too, of course. - cd ./application/ // Depending on the framework ... in our case ZF3 - composer install // Install dependencies once - vendor/bin/phpstan analyze -l 0 -c phpstan.neon . --memory-limit=1G // Last but not least the crucial call - step: ... // This is where your deployment would come to the DEV / TEST / whatever environment
So if phpstan has something to complain about it will return a non-zero exit code and Bitbucket will abort the pipeline.
The person who did the bad push even gets a mail and is allowed to fix his errors quickly before anyone notices.
You can test the whole thing by pushing syntactically wrong code on the branch for which you have configured the pipeline and go to the pipelines overview in Bitbucket.
From there you can access the individual pipeline jobs and see the log by clicking on a single job.
Need more web development help for your business? Our web developers are happy to assist you and answer your questions - just contact us at info@exwe.de!
Was ist dein Projekt? Wenn du uns darüber erzählen möchtest, rufen wir dich zurück!

Hello, my name is Meike. I take care of the EXWE back office and am responsible for our social media channels. All of our articles are meant to make your life easier and help you make decisions. Nevertheless, it can happen that something remains unclear, so: If you have questions about this article you can easily reach me at +49 231 93149827.
Why Google PageSpeed is often misinterpreted, what really helps you optimize your load time and guarantee the optimal user experience.
You need support in the area of software development and are looking for the right software service provider? Find the most important criteria here.
Everything you need to know for your landing page and how you can use it to target customers and direct them to your website