1image: rjsmelo/ubuntu-php:7.2-qa
2
3cache:
4  key: ${CI_COMMIT_REF_SLUG}
5  paths:
6    - .composercache/files
7    - vendor_bundled/vendor/
8
9variables:
10  MYSQL_ROOT_PASSWORD: secret
11  MYSQL_DATABASE: tikitest
12  MYSQL_USER: tikiuser
13  MYSQL_PASSWORD: tikipass
14  ELASTICSEARCH_HOST: elasticsearch
15  COMPOSER_CACHE_DIR: "$CI_PROJECT_DIR/.composercache"
16
17stages:
18  - build
19  - lint
20  - vendors-security
21  - tiki-check
22  - unit-tests
23  - vendors_update
24
25composer:
26  stage: build
27  variables:
28    COMPOSER_DISCARD_CHANGES: "true"
29    COMPOSER_NO_INTERACTION: "1"
30  script:
31    - composer --ansi install -d vendor_bundled --no-progress --prefer-dist -n
32  artifacts:
33    paths:
34      - vendor_bundled/vendor/
35    expire_in: 1 days
36    when: on_success
37
38#
39# Lint
40#
41
42phpcs:
43  stage: lint
44  script:
45    - git log -m --first-parent -1 --name-only --diff-filter=d --pretty="format:" | grep -v "^$" | sort -u | grep '\.php$' - 2>&1 > /dev/null || { git log -m -1 --name-only && echo && echo 'No files to be processed. Skipping...' && echo && exit 0; }
46    - git log -m -1 --name-only
47    - git log -m --first-parent -1 --name-only --diff-filter=d --pretty="format:" | grep -v "^$" | sort -u | xargs php vendor_bundled/vendor/squizlabs/php_codesniffer/bin/phpcs -s --runtime-set ignore_warnings_on_exit true
48  allow_failure: true
49
50phplint:
51  stage: lint
52  script:
53    - composer --ansi install -d vendor_bundled --no-progress --prefer-dist -n
54    - git log -m --first-parent -1 --name-only --diff-filter=d --pretty="format:" | grep -v "^$" | sort -u | grep '\.php$' - 2>&1 > /dev/null || { git log -m -1 --name-only && echo && echo 'No files to be processed. Skipping...' && echo && exit 0; }
55    - git log -m -1 --name-only
56    # Because we just lint changed files we need to filter by php extension before call bin/phplint
57    - git log -m --first-parent -1 --name-only --diff-filter=d --pretty="format:" | grep -v "^$" | sort -u | grep '\.php$' | xargs php bin/phplint -n
58  allow_failure: false
59
60#
61# Check Tikiwiki development specific check (related also with release)
62#
63
64sql-engine:
65  stage: tiki-check
66  script:
67    - php -d display_errors=On doc/devtools/check_sql_engine.php
68  allow_failure: false
69
70schema-sql-drop:
71  stage: tiki-check
72  script:
73    - php -d display_errors=On doc/devtools/check_schema_sql_drop.php
74  allow_failure: false
75
76schema-naming-convention:
77  stage: tiki-check
78  script:
79    - php -d display_errors=On doc/devtools/check_schema_naming_convention.php
80  allow_failure: false
81
82translation:
83  stage: tiki-check
84  script:
85  - 'composer -Vvvv 2>&1 | grep -E "(Running|Composer)"'
86  - php -v
87  - git log --first-parent --pretty="format:%h" -1 --skip=1 | xargs -I gitHash php -d display_errors=On doc/devtools/translate.php --diff-command="git diff gitHash" --git --audit
88  allow_failure: true
89
90translation-standards:
91  stage: tiki-check
92  script:
93    - php doc/devtools/check_template_translation_standards.php --all
94  allow_failure: true
95
96composer-lock:
97  stage: tiki-check
98  script:
99    - cp $(command -v composer) temp/composer.phar
100    - php doc/devtools/update_composer_lock.php
101  allow_failure: true
102
103.template-tiki-schema-upgrade: &template-tiki-schema-upgrade
104  stage: tiki-check
105  cache:
106    paths:
107      - .composercache/files
108      - doc/devtools/dbdiff/cache
109  services:
110    - name: $IMAGE
111      alias: mysql
112  script:
113    - 'mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e "SELECT CONCAT(''Version: '', VERSION(), CHAR(13), ''sql_mode: '', @@GLOBAL.sql_mode)"'
114    - 'composer -Vvvv 2>&1 | grep -E "(Running|Composer)"'
115    - php -v
116    - composer --ansi install -d doc/devtools/dbdiff/ --no-progress --prefer-dist -n
117    - echo "GRANT ALL ON tikiold.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
118    - echo "GRANT ALL ON tikinew.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
119    - '[ ! -d doc/devtools/dbdiff/cache ] && mkdir doc/devtools/dbdiff/cache'
120    - '[ ! -f doc/devtools/dbdiff/cache/$DBFILE ] && curl -sS https://gitlab.com/tikiwiki/tikiwiki-ci-databases/raw/master/$DBFILE.gz -o doc/devtools/dbdiff/cache/$DBFILE.gz && gzip -d doc/devtools/dbdiff/cache/$DBFILE.gz'
121    - php -d display_errors=On doc/devtools/check_schema_upgrade.php -m $DBVER -e $ENGINE --db1=$MYSQL_USER:$MYSQL_PASSWORD@mysql:tikiold --db2=$MYSQL_USER:$MYSQL_PASSWORD@mysql:tikinew
122  after_script:
123    - echo "SHOW CREATE DATABASE tikiold" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
124    - echo "SHOW CREATE DATABASE tikinew" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
125    - mysqldump -u root --password=$MYSQL_ROOT_PASSWORD -h mysql tikiold > tikiold.sql
126    - mysqldump -u root --password=$MYSQL_ROOT_PASSWORD -h mysql tikinew > tikinew.sql
127  artifacts:
128    paths:
129      - tikiold.sql
130      - tikinew.sql
131    expire_in: 2 days
132    when: always
133  allow_failure: false
134
135db-upgrade-20:
136  <<: *template-tiki-schema-upgrade
137  variables:
138    DBFILE: ci_20.sql
139    DBVER: 20
140    IMAGE: mysql:5.6
141    ENGINE: InnoDB
142
143db-upgrade-19:
144  <<: *template-tiki-schema-upgrade
145  variables:
146    DBFILE: ci_19.sql
147    DBVER: 19
148    IMAGE: mysql:5.6
149    ENGINE: InnoDB
150
151db-upgrade-18-lts:
152  <<: *template-tiki-schema-upgrade
153  variables:
154    DBFILE: ci_18.sql
155    DBVER: 18
156    IMAGE: mysql:5.6
157    ENGINE: InnoDB
158
159db-upgrade-18-lts-myisam:
160  <<: *template-tiki-schema-upgrade
161  variables:
162    DBFILE: ci_18.sql
163    DBVER: 18
164    IMAGE: mysql:5.5
165    ENGINE: MyISAM
166
167sql-engine-conversion:
168  stage: tiki-check
169  cache:
170    paths:
171    - .composercache/files
172    - doc/devtools/dbdiff/cache
173  services:
174  - mysql:5.6
175  script:
176  - 'mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e "SELECT CONCAT(''Version: '', VERSION(), CHAR(13), ''sql_mode: '', @@GLOBAL.sql_mode)"'
177  - 'composer -Vvvv 2>&1 | grep -E "(Running|Composer)"'
178  - php -v
179  - composer --ansi install -d doc/devtools/dbdiff/ --no-progress --prefer-dist -n
180  - echo "GRANT ALL ON tikiold.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
181  - echo "GRANT ALL ON tikinew.* TO '${MYSQL_USER}';" | mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql
182  - php -d display_errors=On doc/devtools/check_sql_engine_conversion.php --db1=$MYSQL_USER:$MYSQL_PASSWORD@mysql:tikiold --db2=$MYSQL_USER:$MYSQL_PASSWORD@mysql:tikinew
183  allow_failure: false
184
185#
186# Unit Tests
187#
188
189.template-unit-tests: &template-unit-tests
190  stage: unit-tests
191  services:
192    - mysql:5.6
193    - elasticsearch:5
194  script:
195    - curl -sS -XGET 'http://elasticsearch:9200'
196    - mysql -u root --password=$MYSQL_ROOT_PASSWORD -h mysql --skip-column-names -B -e 'SELECT VERSION()'
197    - 'composer -Vvvv 2>&1 | grep -E "(Running|Composer)"'
198    - php -v
199    - echo '<?php $db_tiki = "mysqli"; $dbversion_tiki = "21.0"; $host_tiki = "mysql"; $user_tiki = "tikiuser"; $pass_tiki = "tikipass"; $dbs_tiki = "tikitest"; $client_charset = "utf8mb4"; ' > lib/test/local.php
200    - php -d display_errors=On vendor_bundled/vendor/phpunit/phpunit/phpunit --colors=always
201
202unit-tests-72:
203  <<: *template-unit-tests
204
205unit-tests-73:
206  <<: *template-unit-tests
207  image: rjsmelo/ubuntu-php:7.3-qa
208
209unit-tests-74:
210  <<: *template-unit-tests
211  image: rjsmelo/ubuntu-php:7.4-qa
212  allow_failure: true
213
214#
215# Vendors Security
216#
217
218sensiolabs-vendor-security-check:
219  stage: vendors-security
220  script:
221    - cp composer.json.dist composer.json
222    - composer require jerome-breton/casperjs-installer:dev-master --no-progress
223    - composer require enygma/expose:^3.0 --no-progress
224    - composer require fullcalendar/fullcalendar-scheduler ^1.9 --no-progress
225    - composer require fzaninotto/faker dev-master --no-progress
226    - composer require google/apiclient ^2.2.2 --no-progress
227    - composer require npm-asset/lozad ^1.6.0 --no-progress
228    - composer require mpdf/mpdf ^8.0.0 --no-progress
229    - composer require xorti/mxgraph-editor ^3.9.12.2 --no-progress
230    - composer require tikiwiki/diagram ^10 --no-progress
231    - composer require onelogin/php-saml ^2.10 --no-progress
232    - composer require thiagoalessio/tesseract_ocr ^2.7.0 --no-progress
233    - composer require mathjax/mathjax ^2.7 --no-progress
234    - composer require media-alchemyst/media-alchemyst ^0.5.1 --no-progress
235    - composer require npm-asset/pdfjs-dist ~2.0.487 --no-progress
236    - composer require bower-asset/wodo.texteditor ^0.5.9 --no-progress
237    - composer require j0k3r/php-readability ^1.1.10 --no-progress
238    - php bin/security-checker security:check composer.lock
239  allow_failure: false
240  only:
241    refs:
242      - schedules
243    variables:
244      - $SCHEDULER == "vendor_check"
245
246sensiolabs-vendor-bundled-security-check:
247  stage: vendors-security
248  script:
249    - php bin/security-checker security:check vendor_bundled/composer.lock
250  only:
251    refs:
252      - schedules
253    variables:
254      - $SCHEDULER == "vendor_check"
255
256update_vendor_bundled_dependencies:
257  stage: vendors_update
258  dependencies:
259    - composer
260  variables:
261    BRANCH_NAME: "${CI_COMMIT_REF_NAME}_vendor_bundled_update"
262    COMMIT_MESSAGE: "[UPD] Update ${CI_COMMIT_REF_NAME} vendor_bundled dependencies"
263    CI_REPOSITORY_URL: "https://${GITLAB_USER_LOGIN}:${GITLAB_USER_TOKEN}@gitlab.com/${CI_PROJECT_PATH}.git"
264    COMPOSER_DISCARD_CHANGES: "true"
265    COMPOSER_NO_INTERACTION: "1"
266  before_script:
267    - git config --global user.email "${GITLAB_USER_EMAIL}"
268    - git config --global user.name "${GITLAB_USER_NAME}"
269  script:
270    - DATE=`date +%Y%m%d`
271    - BRANCH_NAME="${BRANCH_NAME}_${DATE}"
272    - php doc/devtools/update_vendor_bundled.php
273    - if git diff --quiet --exit-code vendor_bundled/composer.lock; then exit 0; fi;
274    - if git rev-parse --verify ${BRANCH_NAME}; then git branch -D ${BRANCH_NAME}; fi;
275    - git checkout -b ${BRANCH_NAME}
276    - git add vendor_bundled/composer.lock
277    - git commit -m "${COMMIT_MESSAGE}"
278    - git push ${CI_REPOSITORY_URL} HEAD:${BRANCH_NAME} --quiet
279    - |
280      HOST=${CI_PROJECT_URL} CI_PROJECT_ID=${CI_PROJECT_ID} SOURCE_BRANCH=${BRANCH_NAME} TARGET_BRANCH=${CI_COMMIT_REF_NAME} GITLAB_USER_ID=${GITLAB_USER_ID} PRIVATE_TOKEN=${GITLAB_USER_TOKEN} TARGET_PROJECT_ID=${TARGET_PROJECT_ID} SET_MERGE=${SET_MERGE} \
281      /bin/bash ./doc/devtools/gitlab/auto_merge_request.sh "${COMMIT_MESSAGE} (${DATE})"
282  only:
283    refs:
284      - schedules
285    variables:
286      - $SCHEDULER == "update_vendor_bundled"
287