Skip to content

Commit

Permalink
feat(core) Added CI and security pipelines
Browse files Browse the repository at this point in the history
  • Loading branch information
MrAnyx committed Nov 27, 2023
1 parent 45c26f1 commit 26d9ccd
Show file tree
Hide file tree
Showing 3 changed files with 130 additions and 5 deletions.
9 changes: 4 additions & 5 deletions .env.test
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
APP_SECRET='$ecretf0rt3st'
APP_ENV=test
APP_SECRET=secret
KERNEL_CLASS='App\Kernel'
SYMFONY_DEPRECATIONS_HELPER=999999
PANTHER_APP_ENV=panther
PANTHER_ERROR_SCREENSHOT_DIR=./var/error-screenshots
DATABASE_URL="mysql://root:password@database:3306/flashcard?serverVersion=10.11.2-MariaDB&charset=utf8mb4"

DATABASE_URL="sqlite:///%kernel.project_dir%/data/database.sqlite"
MAILER_DSN="smtp://maildev:25"
CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
94 changes: 94 additions & 0 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
name: CI

on:
push:
branches: [master, dev]
pull_request:
branches: [master, dev]
workflow_call:

jobs:
php:
runs-on: ubuntu-latest
strategy:
fail-fast: true

# services:
# database:
# image: mariadb
# env:
# MYSQL_ROOT_PASSWORD: password
# ports:
# - 3306:3306

steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v3
with:
node-version: 16

- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: "8.2"
extensions: mbstring, xml, ctype, iconv, intl, pdo, pdo_mysql, dom, filter, gd, json, opcache, zip, pcov
env:
update: true

- name: Check php version
run: php -v

- name: Validate composer.json and composer.lock
run: composer validate --strict

# - name: Copy test files
# run: |
# cp .ci/.env.test .env
# cp .ci/.env.test .env.test

- name: Cache Composer packages
id: composer-cache
uses: actions/cache@v2
with:
path: vendor
key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-php-
- name: Install dependencies
run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist

- name: Run PHP static tests
run: composer run stan:github

- name: Run PHP CS tests
run: composer run cs:check

- name: Check the Symfony console
run: php bin/console about

- name: Create Database
run: |
mkdir -p data
touch data/database.sqlite
- name: Doctrine cache clear
run: php bin/console doctrine:cache:clear-metadata

- name: Drop previous database
run: php bin/console doctrine:database:drop --force --if-exists --env=test --no-interaction

- name: Create database
run: php bin/console doctrine:database:create --if-not-exists --env=test --no-interaction

- name: Load migrations
run: php bin/console doctrine:migrations:migrate --env=test --no-interaction --allow-no-migration

- name: Validate database schema
run: php bin/console doctrine:schema:validate --env=test --no-interaction

- name: Load fixtures
run: php bin/console doctrine:fixtures:load --env=test --no-interaction

- name: Run PHP unit tests
run: composer run test
32 changes: 32 additions & 0 deletions .github/workflows/security.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Security Checker

on:
push:
branches: [master, dev]
pull_request:
branches: [master, dev]
workflow_call:

jobs:
php:
runs-on: ubuntu-latest
strategy:
fail-fast: true

steps:
- uses: actions/checkout@v2

- name: Validate composer.json and composer.lock
run: composer validate --strict

- uses: actions/checkout@v2
- uses: actions/cache@v2
id: cache-db
with:
path: ~/.symfony/cache
key: db

- uses: symfonycorp/security-checker-action@v3

- name: Display the vulnerabilities as JSON
run: echo ${{ steps.security-check.outputs.vulns }}

0 comments on commit 26d9ccd

Please sign in to comment.