Feature: Installer Script

[srtfisher]

Adds the basis of an installer script that will scaffold the project as well as the project's main theme/plugin. It will search and replace wherever necessary and also configure the project for WordPress VIP/Pantheon as well as Buddy/GitHub Actions. It's ready for Buddy whenever #10 is done.

This PR leaves one TODO for scaffolding out the theme itself from create-wordpress-theme. Once that project is ready, we can publish it to Packagist and then uncomment the code here:

create-wordpress-project/configure.php

Lines 378 to 386 in 8578432

	// TODO: scaffold the theme from create-wordpress-theme when the project is ready.
	// if ( ! empty( $theme_slug ) ) {
	// write( "Scaffolding create-wordpress-theme to themes/{$theme_slug}..." );
	// run(
	// "composer create-project alleyinteractive/create-wordpress-theme themes/{$theme_slug}",
	// $current_dir,
	// );
	// }

Resolves #7, #4.

Food for thought: what should the namespace be for the theme/plugin? Should it be Base_Namespace\Theme or Base_Namespace_Theme?

Summary by CodeRabbit

Summary of changes

• New Features
  • Added a rule to enforce naming conventions for global variables in a WordPress plugin.
  • Introduced a "setup" target to the build system.
  • Updated project template with instructions for getting started and project structure details.
  • Configured a WordPress project interactively with user input and file manipulations.
  • Encapsulated logic within a conditional check to define WP_ENVIRONMENT_TYPE only if not already defined.
  • Modified comment blocks and formatting in existing code without impacting functionality.

[coderabbitai]

Note

Reviews Paused

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Walkthrough

The project has undergone several key updates, including the introduction of a new rule for naming conventions of global variables, the addition of a "setup" target in the Makefile for project configuration, restructuring of the README.md to provide clearer instructions and new sections for project structure and maintenance, and the inclusion of an interactive script, configure.php, for project configuration. Changes to the mu-plugins directory ensure compatibility with different hosting environments and maintain a clean global scope.

Changes

File(s)	Change Summary
.phpcs.xml	Introduced a rule for naming conventions of global variables.
Makefile	Added a "setup" target for project configuration.
README.md	Restructured with new sections for project structure and maintenance, and revised instructions.
configure.php	Added an interactive script for project configuration.
mu-plugins/000-wp-environment.php	Added a conditional check to define WP_ENVIRONMENT_TYPE only if not already set.
mu-plugins/001-composer.php	Minor formatting changes and added a comment block for "Composer Configuration".

Assessment against linked issues (Beta)

Objective	Addressed	Explanation
Add Installer Script (#7)	❓	The configure.php script seems to address the interactive setup, but it's unclear if all the specific requirements (e.g., handling errors, CI systems inquiries, and cleanup) are fully implemented without seeing the script's content.
Make the Project Platform/Host Agnostic (#23)	✅	The changes in mu-plugins/000-wp-environment.php and the inclusion of a setup script in configure.php suggest that the project is moving towards being host-agnostic, with conditional logic based on the hosting environment.
Conditionally load plugins based on the host (#23)	❓	The changes suggest an approach to handle different environments, but without explicit evidence of conditional plugin loading based on the host, it's unclear if this objective is fully met.
Provide wrapper functions for host-specific functionalities (#23)	❌	There is no mention of wrapper functions for host-specific functionalities in the provided summary.
Standard setup for various projects (#23)	❓	The addition of a setup target in the Makefile and the interactive configure.php script indicate a move towards a standard setup, but it's unclear if this meets the objective of a default setup for various projects.

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• If you reply to a review comment from CodeRabbit, the bot will automatically respond.
• To engage with CodeRabbit bot directly around the specific lines of code in the PR, mention @coderabbitai in your review comment
• Note: Review comments are made on code diffs or files, not on the PR overview.
• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Note: For conversation with the bot, please use the review comments on code diffs or files.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

[coderabbitai]

Review Status

Actionable comments generated: 1

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between fe1ba73 and 532b8ff.

Files ignored due to filter (1)

• composer.json

Files selected for processing (6)

• .phpcs.xml (1 hunks)
• Makefile (1 hunks)
• README.md (1 hunks)
• configure.php (1 hunks)
• mu-plugins/000-wp-environment.php (1 hunks)
• mu-plugins/001-composer.php (2 hunks)

Files skipped from review due to trivial changes (4)

• .phpcs.xml
• Makefile
• README.md
• mu-plugins/001-composer.php

Additional comments: 1

mu-plugins/000-wp-environment.php (1)

• 2-33: The conditional check around the definition of WP_ENVIRONMENT_TYPE is a good practice to avoid redefining constants, which would cause a PHP error. The use of the match expression (introduced in PHP 8.0) is a modern and clean way to handle the mapping of environment names to WP_ENVIRONMENT_TYPE values. However, ensure that the server environment is running PHP 8.0 or higher, as this code will not work on earlier versions.

The unsetting of $environment_source is a good practice to avoid polluting the global namespace, especially since this script seems to be included in a WordPress mu-plugin, which is executed in the global context.

[coderabbitai]

Review Status

Actionable comments generated: 16

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 532b8ff and 8578432.

Files selected for processing (1)

• configure.php (1 hunks)

Additional comments: 8

configure.php (8)

• 99-102: The run function uses shell_exec, which can be a security risk if not properly handled. Ensure that any dynamic input to this function is properly escaped to prevent command injection.
  [SECURITY]

• 191-258: The script collects various project details from the user or from the system's git configuration. This is a good use of default values and user input. However, ensure that the collected data is properly sanitized before being used in file operations to prevent security issues.

• 315-330: The search and replace array is a good way to handle bulk replacements. However, ensure that the keys are unique and won't accidentally replace unintended parts of the files.

• 358-362: The composer config command is being run with a JSON-encoded string. Ensure that the JSON encoding does not introduce any issues with shell execution and that the namespaces and paths are correctly formatted.

• 366-375: The script scaffolds a plugin using Composer. Ensure that the Composer project being created is from a trusted source and that any post-create-project scripts are safe to run.
  [SECURITY]

• 412-418: The script modifies the .github/CODEOWNERS file. Ensure that the replacements don't accidentally remove necessary content and that the file still follows the expected format after modification.

• 517-524: The self-deletion feature is a good cleanup step. However, ensure that the script can't accidentally delete itself in case of a wrong confirmation or path issue.
  [SECURITY]

• 1-528: Overall, the script is well-structured and covers a lot of functionality. Ensure that all external system calls are secure and consider adding more error handling and input validation throughout the script. Also, consider using more of PHP's built-in functions for file and directory operations for better portability and security.

[kevinfodness]

Left some suggestions, no blockers. Thanks for knocking this one out! 🍣

[kevinfodness]

@srtfisher I don't think this addresses #23 as written - it does contain logic to configure the plugin based on target deployment type, but doesn't make it polymorphic. What @mogmarsh was suggesting in #23 was to make it so that the same codebase could be deployed to both VIP and Pantheon (e.g., by making the mu-plugins directory load stuff in client-mu-plugins, standardizing on client-mu-plugins even for Pantheon, etc). I'd recommend removing #23 from the list of issues that this PR addresses so that we can discuss further.

[coderabbitai]

Review Status

Actionable comments generated: 11

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 8578432 and 4f47628.

Files selected for processing (1)

• configure.php (1 hunks)

[srtfisher]

@coderabbitai resolve

[srtfisher]

@coderabbitai pause

[coderabbitai]

Review Status

Actionable comments generated: 10

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 4f47628 and dc1c8c8.

Files selected for processing (1)

• configure.php (1 hunks)

[srtfisher]

@coderabbitai resolve