stages: - build - lint - tiki-check - unit-tests - package-tiki - vendors-security - vendors_update variables: MYSQL_ROOT_PASSWORD: secret MYSQL_DATABASE: tikitest MYSQL_USER: tikiuser MYSQL_PASSWORD: tikipass ELASTICSEARCH_HOST: elasticsearch BASE_QA_IMAGE: rjsmelo/ubuntu-php:7.4-qa workflow: rules: # IGNORE PUSHES ON NON VERSION BRANCHES - if: '$CI_PIPELINE_SOURCE == "push" && ($CI_COMMIT_BRANCH != "master" && $CI_COMMIT_BRANCH != /^\d*\.x$/)' when: never # THIS WILL TRIGGER PIPELINES FOR MERGE REQUESTS AND SCHEDULES, AND PUSHES ON VERSION BRANCHES LIKE 21.x. 18.x - when: always # Utilities .run_command_on_files_changed: &run_command_on_files_changed - if [ -z "$RUN_COMMAND" ] ; then echo "Environment variable RUN_COMMAND is not defined, I do not know what command to run!" ; exit 1 ; fi - if [ -z "$RUN_COMMAND_FILTER" ] ; then RUN_COMMAND_FILTER="." ; fi - if [ -z "$CI_MERGE_REQUEST_TARGET_BRANCH_NAME" ] ; then TARGET="HEAD^" ; else TARGET="origin/$CI_MERGE_REQUEST_TARGET_BRANCH_NAME"; git fetch origin $CI_MERGE_REQUEST_TARGET_BRANCH_NAME ; fi - echo "Comparing with '$TARGET' to check files changed" - git diff --name-only --diff-filter=d $TARGET | grep ${RUN_COMMAND_FILTER} - 2>&1 > /dev/null || { git log -m -1 --name-only && echo && echo 'No files to be processed. Skipping...' && echo && exit 0; } - git diff --name-status --diff-filter=d $TARGET - git diff --name-only --diff-filter=d $TARGET | grep ${RUN_COMMAND_FILTER} | eval "xargs ${RUN_COMMAND}" # # build # composer: stage: build image: ${BASE_QA_IMAGE} variables: COMPOSER_DISCARD_CHANGES: "true" COMPOSER_NO_INTERACTION: "1" COMPOSER_CACHE_DIR: "$CI_PROJECT_DIR/.composercache" script: - composer -V | grep "version 2" || composer self-update --2 - composer --ansi install -d vendor_bundled --no-progress --prefer-dist -n cache: key: prefix: "composer" files: - vendor_bundled/vendor/composer.lock paths: - .composercache/files policy: pull-push artifacts: paths: - vendor_bundled/vendor/ expire_in: 7 days when: always composer-dbdiff: stage: build image: ${BASE_QA_IMAGE} variables: COMPOSER_DISCARD_CHANGES: "true" COMPOSER_NO_INTERACTION: "1" COMPOSER_CACHE_DIR: "$CI_PROJECT_DIR/.composercache-dbdiff" script: - composer -V | grep "version 2" || composer self-update --2 - composer --ansi install -d doc/devtools/dbdiff/ --no-progress --prefer-dist -n cache: key: prefix: "composer-dbdiff" files: - doc/devtools/dbdiff/composer.lock paths: - .composercache-dbdiff/files policy: pull-push artifacts: paths: - doc/devtools/dbdiff/vendor/ expire_in: 7 days when: always # # Lint # phpcs: stage: lint image: ${BASE_QA_IMAGE} script: - RUN_COMMAND_FILTER='\.php$' - RUN_COMMAND="php vendor_bundled/vendor/squizlabs/php_codesniffer/bin/phpcs -s --runtime-set ignore_warnings_on_exit true" - *run_command_on_files_changed dependencies: - composer needs: - composer allow_failure: true phplint: stage: lint image: ${BASE_QA_IMAGE} script: - RUN_COMMAND_FILTER='\.php$' - RUN_COMMAND="php vendor_bundled/vendor/overtrue/phplint/bin/phplint -n" - *run_command_on_files_changed dependencies: - composer needs: - composer allow_failure: false phplint80: stage: lint image: rjsmelo/ubuntu-php:8.0-qa script: - RUN_COMMAND_FILTER='\.php$' - RUN_COMMAND="php vendor_bundled/vendor/overtrue/phplint/bin/phplint -n" - *run_command_on_files_changed dependencies: - composer needs: - composer allow_failure: false phplint81: stage: lint image: xorti/ubuntu-php:8.1-qa script: - RUN_COMMAND_FILTER='\.php$' - RUN_COMMAND="php vendor_bundled/vendor/overtrue/phplint/bin/phplint -n" - *run_command_on_files_changed dependencies: - composer needs: - composer allow_failure: false smarty-lint: stage: lint image: ${BASE_QA_IMAGE} script: - RUN_COMMAND_FILTER='\.tpl$' - RUN_COMMAND="-I 0 php vendor_bundled/vendor/umakantp/smartylint/smartyl --files=0 --ignore-rules=doc/devtools/smartyl.rules.xml" - *run_command_on_files_changed dependencies: - composer needs: - composer allow_failure: true eslint: stage: lint image: docker:stable-git services: - docker:stable-dind script: - RUN_COMMAND_FILTER='\.js$' - RUN_COMMAND="docker run -v \"$PWD\":/data --volume /var/run/docker.sock:/var/run/docker.sock cytopia/eslint" - *run_command_on_files_changed allow_failure: true dependencies: [] needs: [] tags: - docker # # Check Tikiwiki development specific check (related also with release) # sql-engine: stage: tiki-check image: ${BASE_QA_IMAGE} script: - php -d display_errors=On doc/devtools/check_sql_engine.php dependencies: [] needs: [] allow_failure: false schema-sql-drop: stage: tiki-check image: ${BASE_QA_IMAGE} script: - php -d display_errors=On doc/devtools/check_schema_sql_drop.php dependencies: [] needs: [] allow_failure: false schema-naming-convention: stage: tiki-check image: ${BASE_QA_IMAGE} script: - php -d display_errors=On doc/devtools/check_schema_naming_convention.php dependencies: [] needs: [] allow_failure: false translation: stage: tiki-check image: ${BASE_QA_IMAGE} script: - git log --first-parent --pretty="format:%h" -1 --skip=1 | xargs -I gitHash php -d display_errors=On doc/devtools/translate.php --diff-command="git diff gitHash" --git --audit dependencies: - composer needs: - composer allow_failure: true translation-standards: stage: tiki-check image: ${BASE_QA_IMAGE} script: - php doc/devtools/check_template_translation_standards.php --all dependencies: - composer needs: - composer allow_failure: false check-bom-encoding: stage: tiki-check image: ${BASE_QA_IMAGE} script: - RUN_COMMAND="php doc/devtools/check_bom_encoding.php" - *run_command_on_files_changed dependencies: [] needs: [] allow_failure: false unix-ending-line: stage: tiki-check image: ${BASE_QA_IMAGE} script: - RUN_COMMAND="php doc/devtools/check_unix_ending_line.php" - *run_command_on_files_changed dependencies: [] needs: [] allow_failure: false check-directories: image: ${BASE_QA_IMAGE} stage: tiki-check script: - php doc/devtools/check_tiki_directories.php dependencies: [] needs: [] allow_failure: false composer-lock: image: ${BASE_QA_IMAGE} stage: tiki-check script: - cp $(command -v composer) temp/composer.phar - php temp/composer.phar -V | grep "version 2" || php temp/composer.phar self-update --2 - php doc/devtools/update_composer_lock.php dependencies: - composer needs: - composer allow_failure: true .template-tiki-schema-upgrade: &template-tiki-schema-upgrade image: ${BASE_QA_IMAGE} stage: tiki-check services: - name: $IMAGE alias: mysql script: - 'mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e "SELECT CONCAT(''Version: '', VERSION(), CHAR(13), ''sql_mode: '', @@GLOBAL.sql_mode)"' - echo "GRANT ALL ON tikiold.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql - echo "GRANT ALL ON tikinew.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql - '[ ! -d doc/devtools/dbdiff/cache ] && mkdir doc/devtools/dbdiff/cache' - '[ ! -f doc/devtools/dbdiff/cache/$DBFILE ] && curl -sS https://gitlab.com/tikiwiki/tikiwiki-ci-databases/raw/master/$DBFILE.gz -o doc/devtools/dbdiff/cache/$DBFILE.gz && gzip -d doc/devtools/dbdiff/cache/$DBFILE.gz' - php -d display_errors=On doc/devtools/check_schema_upgrade.php -m $DBVER -e $ENGINE --db1=$MYSQL_USER:$MYSQL_PASSWORD@mysql:tikiold --db2=$MYSQL_USER:$MYSQL_PASSWORD@mysql:tikinew after_script: - echo "SHOW CREATE DATABASE tikiold" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql - echo "SHOW CREATE DATABASE tikinew" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql - mysqldump --column-statistics=0 -u root --password=$MYSQL_ROOT_PASSWORD -h mysql tikiold > tikiold.sql - mysqldump --column-statistics=0 -u root --password=$MYSQL_ROOT_PASSWORD -h mysql tikinew > tikinew.sql dependencies: - composer - composer-dbdiff needs: - composer - composer-dbdiff artifacts: paths: - tikiold.sql - tikinew.sql expire_in: 7 days when: always allow_failure: false db-upgrade-22-mysql8: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_22.sql DBVER: 22 IMAGE: mysql:8.0.4 ENGINE: InnoDB services: - name: $IMAGE command: [ "--default-authentication-plugin=mysql_native_password", "--explicit-defaults-for-timestamp=off" ] alias: mysql db-upgrade-22: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_22.sql DBVER: 22 IMAGE: mysql:5.6 ENGINE: InnoDB db-upgrade-21-mysql8: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_21.sql DBVER: 21 IMAGE: mysql:8.0.4 ENGINE: InnoDB services: - name: $IMAGE command: [ "--default-authentication-plugin=mysql_native_password", "--explicit-defaults-for-timestamp=off" ] alias: mysql db-upgrade-21: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_21.sql DBVER: 21 IMAGE: mysql:5.6 ENGINE: InnoDB db-upgrade-20-mysql8: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_20.sql DBVER: 20 IMAGE: mysql:8.0.4 ENGINE: InnoDB services: - name: $IMAGE command: [ "--default-authentication-plugin=mysql_native_password", "--explicit-defaults-for-timestamp=off" ] alias: mysql db-upgrade-20: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_20.sql DBVER: 20 IMAGE: mysql:5.6 ENGINE: InnoDB db-upgrade-19: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_19.sql DBVER: 19 IMAGE: mysql:5.6 ENGINE: InnoDB db-upgrade-18-lts: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_18.sql DBVER: 18 IMAGE: mysql:5.6 ENGINE: InnoDB db-upgrade-18-lts-myisam: <<: *template-tiki-schema-upgrade variables: DBFILE: ci_18.sql DBVER: 18 IMAGE: mysql:5.5 ENGINE: MyISAM sql-engine-conversion: stage: tiki-check image: ${BASE_QA_IMAGE} services: - mysql:5.6 script: - 'mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e "SELECT CONCAT(''Version: '', VERSION(), CHAR(13), ''sql_mode: '', @@GLOBAL.sql_mode)"' - echo "GRANT ALL ON tikiold.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql - echo "GRANT ALL ON tikinew.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql - php -d display_errors=On doc/devtools/check_sql_engine_conversion.php --db1=$MYSQL_USER:$MYSQL_PASSWORD@mysql:tikiold --db2=$MYSQL_USER:$MYSQL_PASSWORD@mysql:tikinew after_script: - echo "SHOW CREATE DATABASE tikiold" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql - echo "SHOW CREATE DATABASE tikinew" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql - mysqldump --column-statistics=0 -u root --password=$MYSQL_ROOT_PASSWORD -h mysql tikiold > tikiold.sql - mysqldump --column-statistics=0 -u root --password=$MYSQL_ROOT_PASSWORD -h mysql tikinew > tikinew.sql dependencies: - composer - composer-dbdiff needs: - composer - composer-dbdiff artifacts: paths: - tikiold.sql - tikinew.sql expire_in: 7 days when: always allow_failure: false tiki-sniffs: stage: tiki-check image: ${BASE_QA_IMAGE} script: - RUN_COMMAND_FILTER='\.php$' - RUN_COMMAND="php vendor_bundled/vendor/squizlabs/php_codesniffer/bin/phpcs --standard=./doc/devtools/codesniffer/standards/Tiki -s --runtime-set ignore_warnings_on_exit true" - *run_command_on_files_changed dependencies: - composer needs: - composer # # Unit Tests # .template-unit-tests: &template-unit-tests stage: unit-tests services: - mysql:5.6 - elasticsearch:5 script: - curl -sS -XGET 'http://elasticsearch:9200' - mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e 'SELECT VERSION()' - php -v - echo ' lib/test/local.php - php -d display_errors=On vendor_bundled/vendor/phpunit/phpunit/phpunit --colors=always --log-junit report.xml dependencies: - composer needs: - composer artifacts: when: always paths: - report.xml reports: junit: report.xml expire_in: 7 days unit-tests-74: <<: *template-unit-tests image: rjsmelo/ubuntu-php:7.4-qa unit-tests-74-mysql8: <<: *template-unit-tests image: rjsmelo/ubuntu-php:7.4-qa services: - elasticsearch:5 - name: mysql:8.0.4 command: [ "--default-authentication-plugin=mysql_native_password", "--explicit-defaults-for-timestamp=off" ] alias: mysql unit-tests-80: <<: *template-unit-tests image: rjsmelo/ubuntu-php:8.0-qa unit-tests-80-mysql8: <<: *template-unit-tests image: rjsmelo/ubuntu-php:8.0-qa services: - elasticsearch:5 - name: mysql:8.0.4 command: [ "--default-authentication-plugin=mysql_native_password", "--explicit-defaults-for-timestamp=off" ] alias: mysql unit-tests-81: <<: *template-unit-tests image: xorti/ubuntu-php:8.1-qa allow_failure: true unit-tests-81-mysql8: <<: *template-unit-tests image: xorti/ubuntu-php:8.1-qa services: - elasticsearch:5 - name: mysql:8.0.4 command: [ "--default-authentication-plugin=mysql_native_password", "--explicit-defaults-for-timestamp=off" ] alias: mysql allow_failure: true # # Package this Tiki build # tiki-package: image: ${BASE_QA_IMAGE} stage: package-tiki script: # cleanup local copy - composer -V | grep "version 2" || composer self-update --2 - composer --ansi install -d vendor_bundled --no-dev --optimize-autoloader --no-progress --prefer-dist -n # remove dev packages - rm -fr temp && git checkout temp # clean temp # create packing dir - mkdir tiki-${CI_COMMIT_REF_SLUG} - cp -a $(ls -1 | grep -v tiki-${CI_COMMIT_REF_SLUG}) tiki-${CI_COMMIT_REF_SLUG} - cd tiki-${CI_COMMIT_REF_SLUG} # cleanup folders not bundled - '[ -d tests ] && rm -fr tests' - '[ -d doc/devtools ] && rm -fr doc/devtools' - '[ -d bin ] && rm -fr bin' - '[ -f .gitignore ] && rm .gitignore' # remove comments from language files - find lang/ -name language.php -exec php ../doc/devtools/stripcomments.php {} \; # set Permissions - find . -type f -exec chmod 0664 {} \; - find . -type d -exec chmod 0755 {} \; # pack - cd .. - tar --exclude *.DS_Store -pczf tiki-${CI_COMMIT_REF_SLUG}.tar.gz tiki-${CI_COMMIT_REF_SLUG} cache: key: prefix: "composer" files: - vendor_bundled/vendor/composer.lock paths: - vendor_bundled/vendor/ - .composercache/files policy: pull dependencies: [] #dependencies: # - composer artifacts: paths: - tiki-${CI_COMMIT_REF_SLUG}.tar.gz expire_in: 30 days # Vendors Security # sensiolabs-vendor-security-check: image: ${BASE_QA_IMAGE} stage: vendors-security script: - composer -V | grep "version 2" || composer self-update --2 - cp composer.json.dist composer.json - composer require jerome-breton/casperjs-installer:dev-master --no-progress - composer require enygma/expose:^3.0 --no-progress - composer require fullcalendar/fullcalendar-scheduler ^1.9 --no-progress - composer require fakerphp/faker dev-master --no-progress - composer require google/apiclient ^2.2.2 --no-progress - composer require npm-asset/lozad ^1.6.0 --no-progress - composer require mpdf/mpdf ^8.0.0 --no-progress - composer require xorti/mxgraph-editor ^3.9.12.2 --no-progress - composer require tikiwiki/diagram ^10 --no-progress - composer require thiagoalessio/tesseract_ocr ^2.7.0 --no-progress - composer require mathjax/mathjax ^2.7 --no-progress - composer require media-alchemyst/media-alchemyst ^0.5.1 --no-progress - composer require npm-asset/pdfjs-dist ~2.0.487 --no-progress - composer require bower-asset/wodo.texteditor ^0.5.9 --no-progress - composer require j0k3r/php-readability ^1.1.10 --no-progress - php bin/security-checker security:check composer.lock allow_failure: false dependencies: - composer needs: - composer only: refs: - schedules variables: - $SCHEDULER == "vendor_check" sensiolabs-vendor-bundled-security-check: image: ${BASE_QA_IMAGE} stage: vendors-security script: - php bin/security-checker security:check vendor_bundled/composer.lock dependencies: - composer needs: - composer only: refs: - schedules variables: - $SCHEDULER == "vendor_check" update_vendor_bundled_dependencies: image: ${BASE_QA_IMAGE} stage: vendors_update dependencies: - composer needs: - composer variables: BRANCH_NAME: "${CI_COMMIT_REF_NAME}_vendor_bundled_update" COMMIT_MESSAGE: "[UPD] Update ${CI_COMMIT_REF_NAME} vendor_bundled dependencies" CI_REPOSITORY_URL: "https://${GITLAB_USER_LOGIN}:${GITLAB_USER_TOKEN}@gitlab.com/${CI_PROJECT_PATH}.git" COMPOSER_DISCARD_CHANGES: "true" COMPOSER_NO_INTERACTION: "1" before_script: - git config --global user.email "${GITLAB_USER_EMAIL}" - git config --global user.name "${GITLAB_USER_NAME}" script: - composer -V | grep "version 2" || composer self-update --2 - DATE=`date +%Y%m%d` - BRANCH_NAME="${BRANCH_NAME}_${DATE}" - php doc/devtools/update_vendor_bundled.php - if git diff --quiet --exit-code vendor_bundled/composer.lock; then exit 0; fi; - if git rev-parse --verify ${BRANCH_NAME}; then git branch -D ${BRANCH_NAME}; fi; - git checkout -b ${BRANCH_NAME} - git add vendor_bundled/composer.lock - git commit -m "${COMMIT_MESSAGE}" - git push ${CI_REPOSITORY_URL} HEAD:${BRANCH_NAME} --quiet - | HOST=${CI_PROJECT_URL} CI_PROJECT_ID=${CI_PROJECT_ID} SOURCE_BRANCH=${BRANCH_NAME} TARGET_BRANCH=${CI_COMMIT_REF_NAME} GITLAB_USER_ID=${GITLAB_USER_ID} PRIVATE_TOKEN=${GITLAB_USER_TOKEN} TARGET_PROJECT_ID=${TARGET_PROJECT_ID} SET_MERGE=${SET_MERGE} \ /bin/bash ./doc/devtools/gitlab/auto_merge_request.sh "${COMMIT_MESSAGE} (${DATE})" only: refs: - schedules variables: - $SCHEDULER == "update_vendor_bundled"