Commit 5c7c5530 authored by Thomas Löffler's avatar Thomas Löffler
Browse files

Add composer security test + general updates

* Update caches
* Remove allow_failure for typoscript linter
* Remove assets branch mention
* Remove unused PRODUCTION_PORT variable
parent fee2caaa
......@@ -6,17 +6,18 @@ variables:
cache:
key: "$CI_COMMIT_REF_NAME-$CI_JOB_STAGE"
paths:
- cache/
- vendor/
- private/typo3conf/ext/t3olayout/Build/node_modules/
before_script:
- apk add bash --no-cache
- apk add bash --no-cache
stages:
- maintenance
- test
- build
- layout
- deploy
- maintenance
- test
- build
- layout
- deploy
test:typoscript:
stage: test
......@@ -27,7 +28,6 @@ test:typoscript:
- composer global require helmich/typo3-typoscript-lint --update-with-all-dependencies
script:
- /tmp/vendor/bin/typoscript-lint -c typoscript-lint.yml --fail-on-warnings
allow_failure: true
test:php:
stage: test
......@@ -35,7 +35,15 @@ test:php:
variables:
GIT_STRATEGY: "clone"
script:
- php-cs-fixer fix --dry-run --config=.gitlab-ci/build/.php_cs --diff
- php-cs-fixer fix --dry-run --config=.gitlab-ci/build/.php_cs --diff
test:composer:
stage: test
image: composer:1
before_script:
- composer global require sensiolabs/security-checker
script:
- /tmp/vendor/bin/security-checker security:check
build:
stage: build
......@@ -44,18 +52,18 @@ build:
GIT_STRATEGY: "clone"
GIT_SUBMODULE_STRATEGY: "recursive"
before_script:
- apk add bash --no-cache
- apk add git --update
- export COMPOSER_CACHE_DIR=/cache/composer
- composer config store-auths false
- composer config http-basic.git-t3o.typo3.org gitlab-ci-token ${CI_BUILD_TOKEN}
- apk add bash --no-cache
- apk add git --update
- export COMPOSER_CACHE_DIR=/cache/composer
- composer config store-auths false
- composer config http-basic.git-t3o.typo3.org gitlab-ci-token ${CI_BUILD_TOKEN}
script:
- composer config store-auths false
- composer config http-basic.git-t3o.typo3.org gitlab-ci-token ${CI_BUILD_TOKEN}
- composer install --no-dev --ignore-platform-reqs
- composer config store-auths false
- composer config http-basic.git-t3o.typo3.org gitlab-ci-token ${CI_BUILD_TOKEN}
- composer install --no-dev --ignore-platform-reqs
artifacts:
paths:
- ./
- ./
expire_in: '1h'
......@@ -63,39 +71,37 @@ layout:
stage: layout
image: node:12
before_script:
- cd private/typo3conf/ext/t3olayout/Build
- cd private/typo3conf/ext/t3olayout/Build
script:
- npm install
- npm run build
- npm install
- npm run build
after_script:
- rm -Rf private/typo3conf/ext/t3olayout/Build/node_modules
- rm -Rf private/typo3conf/ext/t3olayout/Build/node_modules
artifacts:
paths:
- ./
- ./
expire_in: '4h'
dependencies:
- build
- build
.deploy-template: &deploy_template
stage: deploy
image: composer:1
before_script:
- apk add rsync --update
- mkdir -p /root/.ssh/
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY_STAGE" | ssh-add -
- echo "$SSH_PRIVATE_KEY_PRODUCTION" | ssh-add -
- ssh-keyscan ${STAGE_HOST} >> /root/.ssh/known_hosts
- ssh-keyscan -p ${PRODUCTION_PORT} ${PRODUCTION_HOST} >> /root/.ssh/known_hosts
- composer config cache-dir /cache/composer
- composer global require deployer/deployer:6.6.0 --update-with-dependencies
- composer global require deployer/recipes
- apk add rsync --update
- mkdir -p /root/.ssh/
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY_STAGE" | ssh-add -
- echo "$SSH_PRIVATE_KEY_PRODUCTION" | ssh-add -
- ssh-keyscan ${STAGE_HOST} >> /root/.ssh/known_hosts
- ssh-keyscan ${PRODUCTION_HOST} >> /root/.ssh/known_hosts
- composer config cache-dir /cache/composer
- composer global require deployer/deployer:6.6.0 --update-with-dependencies
- composer global require deployer/recipes
script:
- /tmp/vendor/bin/dep --file=./.gitlab-ci/deployer/deploy.php deploy -vv ${CI_BUILD_REF_NAME}
- /tmp/vendor/bin/dep --file=./.gitlab-ci/deployer/deploy.php deploy -vv ${CI_BUILD_REF_NAME}
dependencies:
- layout
except:
- assets
- layout
deploy-master:
<<: *deploy_template
......@@ -103,7 +109,7 @@ deploy-master:
name: master
url: https://${PRODUCTION_HOST}
only:
- master
- master
deploy-develop:
<<: *deploy_template
......@@ -111,7 +117,7 @@ deploy-develop:
name: develop
url: https://${STAGE_HOST}
only:
- develop
- develop
.maintenance: &maintenance_template
variables:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment