iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added composer.json and package.json validation and auditing

This commit is contained in:
Igor Scheller 2020-04-25 14:47:09 +02:00 committed by msquare
parent 75ab9b1acf
commit 62f3e808bf
1 changed files with 44 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
.gitlab-ci.yml
View File

@ -13,11 +13,36 @@ variables:
DOCROOT: /var/www/ DOCROOT: /var/www/
stages: stages:
- validate
- build - build
- test - test
- release - release
- deploy - deploy
check-style:
image: composer:latest
stage: validate
before_script:
- composer --no-ansi global require squizlabs/php_codesniffer
- export PATH=$PATH:$COMPOSER_HOME/vendor/bin
script:
- phpcs -p --no-colors --basepath="$PWD"
validate-composer:
image: composer:latest
stage: validate
script:
- composer --no-ansi validate --strict
validate-yarn:
image: node:alpine
stage: validate
before_script:
- yarn global add package-json-validator
- export PATH=$PATH:~/.yarn/bin
script:
- pjv
.docker_template: &docker_definition .docker_template: &docker_definition
image: docker:18 image: docker:18
services: services:
@ -46,11 +71,27 @@ build-image:
<<: *docker_definition <<: *docker_definition
stage: build stage: build
script: script:
- apk -q add git - apk add -q git
- VERSION="$(git describe --abbrev=0 --tags)-${CI_COMMIT_REF_NAME}+${CI_PIPELINE_ID}.${CI_COMMIT_SHORT_SHA}" - VERSION="$(git describe --abbrev=0 --tags)-${CI_COMMIT_REF_NAME}+${CI_PIPELINE_ID}.${CI_COMMIT_SHORT_SHA}"
- docker build --pull --build-arg VERSION="${VERSION}" -t "${TEST_IMAGE}" -f docker/Dockerfile . - docker build --pull --build-arg VERSION="${VERSION}" -t "${TEST_IMAGE}" -f docker/Dockerfile .
- docker push "${TEST_IMAGE}" - docker push "${TEST_IMAGE}"
audit-composer:
image: ${TEST_IMAGE}
stage: test
before_script:
- curl -sSo /usr/local/bin/security-checker https://get.sensiolabs.org/security-checker.phar
- chmod +x /usr/local/bin/security-checker
- cd "${DOCROOT}"
script:
- security-checker --no-ansi security:check
audit-yarn:
image: node:10-alpine
stage: test
script:
- yarn audit
test: test:
image: ${TEST_IMAGE} image: ${TEST_IMAGE}
stage: test stage: test
@ -78,17 +119,6 @@ test:
- php -d pcov.enabled=1 vendor/bin/phpunit -vvv --colors=never --coverage-text --coverage-html "${HOMEDIR}/coverage/" --log-junit "${HOMEDIR}/unittests.xml" - php -d pcov.enabled=1 vendor/bin/phpunit -vvv --colors=never --coverage-text --coverage-html "${HOMEDIR}/coverage/" --log-junit "${HOMEDIR}/unittests.xml"
- ./bin/migrate down - ./bin/migrate down
check-style:
image: ${TEST_IMAGE}
stage: test
before_script:
- curl -sS https://getcomposer.org/installer | php -- --no-ansi --install-dir /usr/local/bin/ --filename composer
- cp -R tests/ .phpcs.xml "${DOCROOT}"
- cd "${DOCROOT}"
- composer --no-ansi install
script:
- composer phpcs -- --no-colors --basepath="$PWD"
release-image: release-image:
<<: *docker_definition <<: *docker_definition
stage: release stage: release
@ -113,14 +143,12 @@ release-image.nginx:
stage: deploy stage: deploy
image: ${TEST_IMAGE} image: ${TEST_IMAGE}
before_script: before_script:
- apk add bash rsync openssh-client - apk add -q bash rsync openssh-client
.deploy_template_script: .deploy_template_script:
# Configure SSH # Configure SSH
- &deploy_template_script |- - &deploy_template_script |-
mkdir -p ~/.ssh eval $(ssh-agent -s) && echo "${SSH_PRIVATE_KEY}" | ssh-add -
echo "${SSH_PRIVATE_KEY}" | sed -e 's/\r//g' > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
rsync -vAax public/assets ${DOCROOT}/public/ rsync -vAax public/assets ${DOCROOT}/public/
cd "${DOCROOT}" cd "${DOCROOT}"