Olive
/
map
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'set-sast-config-1' into '0.x' 

Configure SAST in `.gitlab-ci.yml`, creating this file if it does not already exist

See merge request olive/PHP/map!1
This commit is contained in:
R. Eric Wheeler 2021-07-29 18:19:07 +00:00
parent bc5da952ce a55e5b2b24
commit 806dceac8b
1 changed files with 39 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
.gitlab-ci.yml
View File

@ -1,58 +1,65 @@
# Select what we should cache between builds # You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
cache: cache:
paths: paths:
- vendor/ - vendor/
variables: variables:
XDEBUG_MODE: coverage XDEBUG_MODE: coverage
before_script: before_script:
- apt-get update -yqq
- apt-get upgrade -yqq
- apt-get install -yqq git libzip-dev unzip zip libpcre3-dev
# Install PHP extensions
- docker-php-ext-install zip
# Install & enable Xdebug for code coverage reports
- pecl install xdebug
- docker-php-ext-enable xdebug
- > - >
if [ "$CI_JOB_NAME" == "test:7.4" ] || [ "$CI_JOB_NAME" == "test:8.0" ]; then if [ "$CI_JOB_STAGE" != "security" ]; then
pecl install ds && docker-php-ext-enable ds apt-get update -yqq && apt-get upgrade -yqq && apt-get install -yqq git libzip-dev unzip zip libpcre3-dev && docker-php-ext-install zip && pecl install xdebug && docker-php-ext-enable xdebug
fi
- >
if [ "$CI_JOB_NAME" == "test:7.4" ] || [ "$CI_JOB_NAME" == "test:8.0" ]; then
pecl install ds && docker-php-ext-enable ds
fi
- >
if [ "$CI_JOB_STAGE" != "security" ]; then
curl -sS https://getcomposer.org/installer | php
php composer.phar install
fi fi
# Install and run Composer
- curl -sS https://getcomposer.org/installer | php
- php composer.phar install
# Run our tests
# If Xdebug was installed you can generate a coverage report and see code coverage metrics.
test:7.4: test:7.4:
only: only:
- branches - branches
tags: tags:
- default - default
image: php:7.4 image: php:7.4
script: script:
- vendor/bin/phpunit --configuration phpunit.xml --coverage-text --colors=never - vendor/bin/phpunit --configuration phpunit.xml --coverage-text --colors=never
test:7.4-without-ext-ds: test:7.4-without-ext-ds:
only: only:
- branches - branches
tags: tags:
- default - default
image: php:7.4 image: php:7.4
script: script:
- vendor/bin/phpunit --configuration phpunit.xml --coverage-text --colors=never - vendor/bin/phpunit --configuration phpunit.xml --coverage-text --colors=never
test:8.0: test:8.0:
only: only:
- branches - branches
tags: tags:
- default - default
image: php:8.0 image: php:8.0
script: script:
- vendor/bin/phpunit --configuration phpunit.xml --coverage-text --colors=never - vendor/bin/phpunit --configuration phpunit.xml --coverage-text --colors=never
test:8.0-without-ext-ds: test:8.0-without-ext-ds:
only: only:
- branches - branches
tags: tags:
- default - default
image: php:7.4 image: php:8.0
script: script:
- vendor/bin/phpunit --configuration phpunit.xml --coverage-text --colors=never - vendor/bin/phpunit --configuration phpunit.xml --coverage-text --colors=never
stages:
- test
- security
sast:
image: ubuntu:latest
stage: security
include:
- template: Security/SAST.gitlab-ci.yml