ci: add integration test workflow

[superdav42]

Summary

• Adds .github/workflows/ci.yml that calls the core plugin's reusable addon-integration-test.yml workflow
• On every push/PR, runs PHPUnit tests against a real WordPress Multisite environment with the core Ultimate Multisite plugin loaded as a dependency
• Part of the addon management infrastructure rollout

No code changes — CI only.

Summary by CodeRabbit

• Chores
  • Added continuous integration workflow that automatically runs integration tests on code pushes to main and pull requests.

[coderabbitai]

📝 Walkthrough

Walkthrough

A new GitHub Actions CI workflow is added that automatically triggers on pushes to the main branch and pull requests. The workflow delegates integration testing to a reusable external workflow, passing the addon slug and inheriting secrets for authentication.

Changes

Cohort / File(s)	Summary
CI Workflow Configuration .github/workflows/ci.yml	New workflow file that configures continuous integration by reusing an external integration test workflow with addon-specific parameters.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A workflow so neat, now our code will be checked,
With each push and each pull, no test goes undecked,
The CI rabbits hop forth, testing with glee,
Automation's our friend—now we code worry-free! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'ci: add integration test workflow' directly and clearly summarizes the main change: adding a CI workflow for integration tests.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/add-ci-workflow

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ci.yml:
- Line 11: Replace the floating reference to the upstream reusable workflow by
pinning the uses: entry (uses:
Ultimate-Multisite/ultimate-multisite/.github/workflows/addon-integration-test.yml@main)
to a specific commit SHA or a semantic version tag; update that string to use
@<commit-sha> or `@vX.Y.Z` so CI consumes a fixed, auditable version instead of
`@main`.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 59ddb994-5622-4102-8827-9545142ba697

📥 Commits

Reviewing files that changed from the base of the PR and between 9d23d9a and 1e27d99.

📒 Files selected for processing (1)

• .github/workflows/ci.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Pin the reusable workflow to a specific commit SHA or version tag.

Using @main for the external workflow reference means this CI will always use the latest version from the main branch, which creates security and stability risks:

• Upstream changes can break your CI without warning
• Builds become non-reproducible
• If the upstream repository is compromised, malicious workflow changes could affect this addon

Best practice is to pin to a specific commit SHA (e.g., @a1b2c3d) or semantic version tag (e.g., @v1.2.3) for stability and security.

🔒 Proposed fix to pin to a commit SHA

-    uses: Ultimate-Multisite/ultimate-multisite/.github/workflows/addon-integration-test.yml@main
+    uses: Ultimate-Multisite/ultimate-multisite/.github/workflows/addon-integration-test.yml@<commit-sha>

Replace <commit-sha> with the full commit SHA of the version you want to use.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/ci.yml at line 11, Replace the floating reference to the
upstream reusable workflow by pinning the uses: entry (uses:
Ultimate-Multisite/ultimate-multisite/.github/workflows/addon-integration-test.yml@main)
to a specific commit SHA or a semantic version tag; update that string to use
@<commit-sha> or `@vX.Y.Z` so CI consumes a fixed, auditable version instead of
`@main`.