.gitlab-ci.yml 12.9 KB
Newer Older
1
image: rjsmelo/ubuntu-php:7.4-qa
2 3

cache:
4
  key: ${CI_COMMIT_REF_SLUG}
5 6
  paths:
    - .composercache/files
7
    - vendor_bundled/vendor/
8 9 10 11 12 13 14 15 16

variables:
  MYSQL_ROOT_PASSWORD: secret
  MYSQL_DATABASE: tikitest
  MYSQL_USER: tikiuser
  MYSQL_PASSWORD: tikipass
  ELASTICSEARCH_HOST: elasticsearch
  COMPOSER_CACHE_DIR: "$CI_PROJECT_DIR/.composercache"

17 18 19 20 21 22 23 24
workflow:
  rules:
    # IGNORE PUSHES ON NON VERSION BRANCHES
    - if: '$CI_PIPELINE_SOURCE == "push" && ($CI_COMMIT_BRANCH != "master" && $CI_COMMIT_BRANCH != /^\d*\.x$/)'
      when: never
    # THIS WILL TRIGGER PIPELINES FOR MERGE REQUESTS AND SCHEDULES, AND PUSHES ON VERSION BRANCHES LIKE 21.x. 18.x
    - when: always

25
stages:
26
  - build
27
  - lint
28
  - vendors-security
29 30
  - tiki-check
  - unit-tests
31 32 33 34 35 36 37 38 39 40 41 42 43 44
  - vendors_update

composer:
  stage: build
  variables:
    COMPOSER_DISCARD_CHANGES: "true"
    COMPOSER_NO_INTERACTION: "1"
  script:
    - composer --ansi install -d vendor_bundled --no-progress --prefer-dist -n
  artifacts:
    paths:
      - vendor_bundled/vendor/
    expire_in: 1 days
    when: on_success
45 46 47 48 49 50 51 52

#
# Lint
#

phpcs:
  stage: lint
  script:
53
    - git log -m --first-parent -1 --name-only --diff-filter=d --pretty="format:" | grep -v "^$" | sort -u | grep '\.php$' - 2>&1 > /dev/null || { git log -m -1 --name-only && echo && echo 'No files to be processed. Skipping...' && echo && exit 0; }
54
    - git log -m -1 --name-only
55
    - git log -m --first-parent -1 --name-only --diff-filter=d --pretty="format:" | grep -v "^$" | sort -u | xargs php vendor_bundled/vendor/squizlabs/php_codesniffer/bin/phpcs -s --runtime-set ignore_warnings_on_exit true
56 57
  allow_failure: true

58 59
phplint:
  stage: lint
Jorge Sá Pereira's avatar
Jorge Sá Pereira committed
60 61
  variables:
    TARGET: HEAD^
62
  script:
Jorge Sá Pereira's avatar
Jorge Sá Pereira committed
63 64 65 66 67
  - git diff --name-status $TARGET | grep -v "^D" | cut -c 3- | sort -u | grep '\.php$' - 2>&1 > /dev/null || { git diff --name-status $TARGET && echo && echo 'No files to be processed. Skipping...' && echo && exit 0; }
  - composer --ansi install -d vendor_bundled --no-progress --prefer-dist -n
  - git diff --name-status $TARGET
  # Because we just lint changed files we need to filter by php extension before call bin/phplint
  - git diff --name-status $TARGET | grep -v "^D" | cut -c 3- | sort -u | grep '\.php$' | xargs php bin/phplint -n
68 69
  allow_failure: false

Jorge Sá Pereira's avatar
Jorge Sá Pereira committed
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95
smarty-lint:
  stage: lint
  variables:
    TARGET: HEAD^
  script:
  - git diff --name-status $TARGET | grep -v "^D" | cut -c 3- | sort -u | grep '\.tpl$' - 2>&1 > /dev/null || { git diff --name-status $TARGET && echo && echo 'No files to be processed. Skipping...' && echo && exit 0; }
  - composer --ansi install -d vendor_bundled --no-progress --prefer-dist -n
  - git diff --name-status $TARGET
  - git diff --name-status $TARGET | grep -v "^D" | cut -c 3- | sort -u | grep '\.tpl$' | xargs -I 0 php vendor_bundled/vendor/umakantp/smartylint/smartyl --files=0 --ignore-rules=doc/devtools/smartyl.rules.xml
  allow_failure: true

eslint:
  image: docker:stable-git
  stage: lint
  variables:
    TARGET: HEAD^
  services:
    - docker:stable-dind
  script:
    - git diff --name-status $TARGET | grep -v "^D" | cut -c 3- | sort -u | grep '\.js$' - 2>&1 > /dev/null || { git diff --name-status $TARGET && echo && echo 'No files to be processed. Skipping...' && echo && exit 0; }
    - git diff --name-status $TARGET
    - git diff --name-status $TARGET | grep -v "^D" | cut -c 3- | sort -u | grep '\.js$' | xargs docker run -v "$PWD":/data --volume /var/run/docker.sock:/var/run/docker.sock cytopia/eslint
  allow_failure: true
  tags:
    - docker

96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117
#
# Check Tikiwiki development specific check (related also with release)
#

sql-engine:
  stage: tiki-check
  script:
    - php -d display_errors=On doc/devtools/check_sql_engine.php
  allow_failure: false

schema-sql-drop:
  stage: tiki-check
  script:
    - php -d display_errors=On doc/devtools/check_schema_sql_drop.php
  allow_failure: false

schema-naming-convention:
  stage: tiki-check
  script:
    - php -d display_errors=On doc/devtools/check_schema_naming_convention.php
  allow_failure: false

118 119 120 121 122 123 124 125
translation:
  stage: tiki-check
  script:
  - 'composer -Vvvv 2>&1 | grep -E "(Running|Composer)"'
  - php -v
  - git log --first-parent --pretty="format:%h" -1 --skip=1 | xargs -I gitHash php -d display_errors=On doc/devtools/translate.php --diff-command="git diff gitHash" --git --audit
  allow_failure: true

126 127 128 129 130 131
translation-standards:
  stage: tiki-check
  script:
    - php doc/devtools/check_template_translation_standards.php --all
  allow_failure: true

Jorge Sá Pereira's avatar
Jorge Sá Pereira committed
132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149
check-bom-encoding:
  stage: tiki-check
  script:
  - git log -m --first-parent -1 --name-only --diff-filter=d --pretty="format:" | grep -v "^$" | sort -u | xargs php doc/devtools/check_bom_encoding.php
  allow_failure: true

unix-ending-line:
  stage: tiki-check
  script:
  - git log -m --first-parent -1 --name-only --diff-filter=d --pretty="format:" | grep -v "^$" | sort -u | xargs php doc/devtools/check_unix_ending_line.php
  allow_failure: true

check-directories:
  stage: tiki-check
  script:
  - php doc/devtools/check_tiki_directories.php
  allow_failure: true

150 151 152 153 154 155 156
composer-lock:
  stage: tiki-check
  script:
    - cp $(command -v composer) temp/composer.phar
    - php doc/devtools/update_composer_lock.php
  allow_failure: true

157 158 159 160 161 162 163
.template-tiki-schema-upgrade: &template-tiki-schema-upgrade
  stage: tiki-check
  cache:
    paths:
      - .composercache/files
      - doc/devtools/dbdiff/cache
  services:
164 165
    - name: $IMAGE
      alias: mysql
166 167 168 169 170 171 172 173
  script:
    - 'mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e "SELECT CONCAT(''Version: '', VERSION(), CHAR(13), ''sql_mode: '', @@GLOBAL.sql_mode)"'
    - 'composer -Vvvv 2>&1 | grep -E "(Running|Composer)"'
    - php -v
    - composer --ansi install -d doc/devtools/dbdiff/ --no-progress --prefer-dist -n
    - echo "GRANT ALL ON tikiold.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
    - echo "GRANT ALL ON tikinew.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
    - '[ ! -d doc/devtools/dbdiff/cache ] && mkdir doc/devtools/dbdiff/cache'
174
    - '[ ! -f doc/devtools/dbdiff/cache/$DBFILE ] && curl -sS https://gitlab.com/tikiwiki/tikiwiki-ci-databases/raw/master/$DBFILE.gz -o doc/devtools/dbdiff/cache/$DBFILE.gz && gzip -d doc/devtools/dbdiff/cache/$DBFILE.gz'
175
    - php -d display_errors=On doc/devtools/check_schema_upgrade.php -m $DBVER -e $ENGINE --db1=$MYSQL_USER:[email protected]:tikiold --db2=$MYSQL_USER:[email protected]:tikinew
176 177 178 179 180 181 182 183 184 185 186
  after_script:
    - echo "SHOW CREATE DATABASE tikiold" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
    - echo "SHOW CREATE DATABASE tikinew" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
    - mysqldump -u root --password=$MYSQL_ROOT_PASSWORD -h mysql tikiold > tikiold.sql
    - mysqldump -u root --password=$MYSQL_ROOT_PASSWORD -h mysql tikinew > tikinew.sql
  artifacts:
    paths:
      - tikiold.sql
      - tikinew.sql
    expire_in: 2 days
    when: always
187 188
  allow_failure: false

189
db-upgrade-20:
190 191
  <<: *template-tiki-schema-upgrade
  variables:
192 193
    DBFILE: ci_20.sql
    DBVER: 20
194
    IMAGE: mysql:5.6
195 196
    ENGINE: InnoDB

197
db-upgrade-19:
198 199
  <<: *template-tiki-schema-upgrade
  variables:
200 201
    DBFILE: ci_19.sql
    DBVER: 19
202 203
    IMAGE: mysql:5.6
    ENGINE: InnoDB
204

205
db-upgrade-18-lts:
206 207
  <<: *template-tiki-schema-upgrade
  variables:
208 209 210
    DBFILE: ci_18.sql
    DBVER: 18
    IMAGE: mysql:5.6
211 212
    ENGINE: InnoDB

213
db-upgrade-18-lts-myisam:
214 215
  <<: *template-tiki-schema-upgrade
  variables:
216 217
    DBFILE: ci_18.sql
    DBVER: 18
218
    IMAGE: mysql:5.5
219
    ENGINE: MyISAM
220

221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238
sql-engine-conversion:
  stage: tiki-check
  cache:
    paths:
    - .composercache/files
    - doc/devtools/dbdiff/cache
  services:
  - mysql:5.6
  script:
  - 'mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e "SELECT CONCAT(''Version: '', VERSION(), CHAR(13), ''sql_mode: '', @@GLOBAL.sql_mode)"'
  - 'composer -Vvvv 2>&1 | grep -E "(Running|Composer)"'
  - php -v
  - composer --ansi install -d doc/devtools/dbdiff/ --no-progress --prefer-dist -n
  - echo "GRANT ALL ON tikiold.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
  - echo "GRANT ALL ON tikinew.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
  - php -d display_errors=On doc/devtools/check_sql_engine_conversion.php --db1=$MYSQL_USER:[email protected]:tikiold --db2=$MYSQL_USER:[email protected]:tikinew
  allow_failure: false

239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257
tiki-sniffs:
  stage: tiki-check
  cache:
    paths:
    - .composercache/files
  before_script:
    - |
      if [ -z $CI_MERGE_REQUEST_TARGET_BRANCH_NAME ]; then
        TARGET="HEAD^"
      else
        TARGET=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME
      fi
  script:
    - echo $TARGET
    - git diff --name-status $TARGET | grep -v "^D" | cut -c 3- | sort -u | grep '\.php$' - 2>&1 > /dev/null || { git log -m -1 --name-only && echo && echo 'No files to be processed. Skipping...' && echo && exit 0; }
    - composer --ansi install -d vendor_bundled --no-progress --prefer-dist -n
    - git diff --name-status $TARGET
    - git diff --name-status $TARGET | grep -v "^D" | cut -c 3- | sort -u | xargs php vendor_bundled/vendor/squizlabs/php_codesniffer/bin/phpcs --standard=./doc/devtools/codesniffer/standards/Tiki -s --runtime-set ignore_warnings_on_exit true

258 259 260 261 262 263 264 265 266 267 268 269 270 271
#
# Unit Tests
#

.template-unit-tests: &template-unit-tests
  stage: unit-tests
  services:
    - mysql:5.6
    - elasticsearch:5
  script:
    - curl -sS -XGET 'http://elasticsearch:9200'
    - mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e 'SELECT VERSION()'
    - 'composer -Vvvv 2>&1 | grep -E "(Running|Composer)"'
    - php -v
272
    - echo '<?php $db_tiki = "mysqli"; $dbversion_tiki = "21.0"; $host_tiki = "mysql"; $user_tiki = "tikiuser"; $pass_tiki = "tikipass"; $dbs_tiki = "tikitest"; $client_charset = "utf8mb4"; ' > lib/test/local.php
273 274
    - php -d display_errors=On vendor_bundled/vendor/phpunit/phpunit/phpunit --colors=always

275 276 277
unit-tests-74:
  <<: *template-unit-tests
  image: rjsmelo/ubuntu-php:7.4-qa
278
  allow_failure: true
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293

#
# Vendors Security
#

sensiolabs-vendor-security-check:
  stage: vendors-security
  script:
    - cp composer.json.dist composer.json
    - composer require jerome-breton/casperjs-installer:dev-master --no-progress
    - composer require enygma/expose:^3.0 --no-progress
    - composer require fullcalendar/fullcalendar-scheduler ^1.9 --no-progress
    - composer require fzaninotto/faker dev-master --no-progress
    - composer require google/apiclient ^2.2.2 --no-progress
    - composer require npm-asset/lozad ^1.6.0 --no-progress
Manasse Ngudia's avatar
Manasse Ngudia committed
294
    - composer require mpdf/mpdf ^8.0.0 --no-progress
295
    - composer require xorti/mxgraph-editor ^3.9.12.2 --no-progress
296
    - composer require tikiwiki/diagram ^10 --no-progress
297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320
    - composer require onelogin/php-saml ^2.10 --no-progress
    - composer require thiagoalessio/tesseract_ocr ^2.7.0 --no-progress
    - composer require mathjax/mathjax ^2.7 --no-progress
    - composer require media-alchemyst/media-alchemyst ^0.5.1 --no-progress
    - composer require npm-asset/pdfjs-dist ~2.0.487 --no-progress
    - composer require bower-asset/wodo.texteditor ^0.5.9 --no-progress
    - composer require j0k3r/php-readability ^1.1.10 --no-progress
    - php bin/security-checker security:check composer.lock
  allow_failure: false
  only:
    refs:
      - schedules
    variables:
      - $SCHEDULER == "vendor_check"

sensiolabs-vendor-bundled-security-check:
  stage: vendors-security
  script:
    - php bin/security-checker security:check vendor_bundled/composer.lock
  only:
    refs:
      - schedules
    variables:
      - $SCHEDULER == "vendor_check"
321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338

update_vendor_bundled_dependencies:
  stage: vendors_update
  dependencies:
    - composer
  variables:
    BRANCH_NAME: "${CI_COMMIT_REF_NAME}_vendor_bundled_update"
    COMMIT_MESSAGE: "[UPD] Update ${CI_COMMIT_REF_NAME} vendor_bundled dependencies"
    CI_REPOSITORY_URL: "https://${GITLAB_USER_LOGIN}:${GITLAB_USER_TOKEN}@gitlab.com/${CI_PROJECT_PATH}.git"
    COMPOSER_DISCARD_CHANGES: "true"
    COMPOSER_NO_INTERACTION: "1"
  before_script:
    - git config --global user.email "${GITLAB_USER_EMAIL}"
    - git config --global user.name "${GITLAB_USER_NAME}"
  script:
    - DATE=`date +%Y%m%d`
    - BRANCH_NAME="${BRANCH_NAME}_${DATE}"
    - php doc/devtools/update_vendor_bundled.php
339 340 341 342 343 344
    - if git diff --quiet --exit-code vendor_bundled/composer.lock; then exit 0; fi;
    - if git rev-parse --verify ${BRANCH_NAME}; then git branch -D ${BRANCH_NAME}; fi;
    - git checkout -b ${BRANCH_NAME}
    - git add vendor_bundled/composer.lock
    - git commit -m "${COMMIT_MESSAGE}"
    - git push ${CI_REPOSITORY_URL} HEAD:${BRANCH_NAME} --quiet
345
    - |
346 347
      HOST=${CI_PROJECT_URL} CI_PROJECT_ID=${CI_PROJECT_ID} SOURCE_BRANCH=${BRANCH_NAME} TARGET_BRANCH=${CI_COMMIT_REF_NAME} GITLAB_USER_ID=${GITLAB_USER_ID} PRIVATE_TOKEN=${GITLAB_USER_TOKEN} TARGET_PROJECT_ID=${TARGET_PROJECT_ID} SET_MERGE=${SET_MERGE} \
      /bin/bash ./doc/devtools/gitlab/auto_merge_request.sh "${COMMIT_MESSAGE} (${DATE})"
348 349 350 351 352
  only:
    refs:
      - schedules
    variables:
      - $SCHEDULER == "update_vendor_bundled"