Integrate phpstan into Bitbucket pipeline

by Meike Müller
Tipps & Tricks
With this short article we would like to give you some helpful tips in the area of web development. If you have any questions or need more information about custom & responsive web development, feel free to contact us. We are here to help you with all your challenges and now our tip regarding PHP Code Analyzer:

A static code analyzer helps to detect many issues before they kill your application.

We use phpstan for our PHP projects and manage to integrate it into the pipeline so that a push is only deployed if the analysis is successful.

For this to work you first have to configure phpstan for your PHP application. We assume that you use composer, so you can easily add it as a dev-dependency:

composer require --dev phpstan/phpstan

Then you have to create a config to exclude at least the vendor files. For this you create a phpstan.neon in your root directory and fill it e.g. with this:

- *vendor/*

You can now test if your code is clean by calling the following command from your root directory (assuming your vendor folder is there).

vendor/bin/phpstan analysis -l 0 -c .\phpstan.neon . --memory-limit=1G

Let's have a quick look at the parameters:

-l 0
This sets the strictness level, i.e. how strict the ruleset is that phpstan checks for. 0 is "least strict".
-c .\phpstan.neon
With this flag you tell phpstan where the config is located.
In which folder should phpstan start?

As your codebase gets bigger you may need to allocate more memory to phpstan, you can do that via this flag.

If all this works we can start with the bitbucket pipeline:

Just create a bitbucket-pipelines.yml file in your root folder and fill it with the following content:

image: php:7.2-cli

dev: // On which branch should the pipeline run?
- step: // The first step is to call phpstan
name: Run PHP analyzer        
caches: // This is a standard cache from Bitbucket that will cache your composer modules.
- composer // Then you don't need to reload them on every pipeline run.
- apt-get update -yqq
- apt-get install -y wget git zip unzip // we need git and unzip for the composer installs
- docker-php-ext-install pdo_mysql // If you use MySQL you probably need this php extension too,
// otherwise phpstan won't find the MySQL constants etc.
- curl -sS | php -- --install-dir=/usr/local/bin --filename=composer
                                            // Composer itself has to be installed, too, of course.
- cd ./application/ // Depending on the framework ... in our case ZF3
- composer install // Install dependencies once 
- vendor/bin/phpstan analyze -l 0 -c phpstan.neon . --memory-limit=1G
// Last but not least the crucial call
- step:
... // This is where your deployment would come to the DEV / TEST / whatever environment

So if phpstan has something to complain about it will return a non-zero exit code and Bitbucket will abort the pipeline.

The person who did the bad push even gets a mail and is allowed to fix his errors quickly before anyone notices.

You can test the whole thing by pushing syntactically wrong code on the branch for which you have configured the pipeline and go to the pipelines overview in Bitbucket.

From there you can access the individual pipeline jobs and see the log by clicking on a single job.

Beispiel Pipeline

Need more web development help for your business? Our web developers are happy to assist you and answer your questions - just contact us at!

from 09.12.2019

Hello, my name is Meike. I take care of the EXWE back office and am responsible for our social media channels. All of our articles are meant to make your life easier and help you make decisions. Nevertheless, it can happen that something remains unclear, so: If you have questions about this article you can easily reach me at +49 231 93149827.

Show all news (87)

We also have the following interesting posts from our tech blog for you on this topic
What does Google PageSpeed really say?

Why Google PageSpeed is often misinterpreted, what really helps you optimize your load time and guarantee the optimal user experience.

Here's how to connect your retail with online commerce!

E-commerce solutions for your store - how to professionalize your merchandise management with the help of Pickware and JTL

Facebook Sweepstakes: Attention for your business

Use our tips and tricks to generate "Likes" in sweepstakes on your Facebook business page and optimize your business!
+49 231 93149827