.gitlab-ci.yml

stages:
  - test
  - deploy

## Cache composer packages between all jobs and all branches
## of this project...
cache:
  key: one-key-to-rull-them-all
  paths:
    - composer-cache/

# Test with PHP7.4 
test:php74:
  stage: test
  image: cylab/php74
  before_script:
    # Install all project dependencies
    - COMPOSER_CACHE_DIR=./composer-cache composer install
    # setup Laravel
    - cp env.test .env
    - touch storage/app/db.sqlite
    - php artisan migrate
  script:
    - vendor/bin/phpunit --coverage-text --colors=never
    - vendor/bin/phpcs
    - vendor/bin/phpstan analyze --memory-limit=512M
    - vendor/bin/unused_scanner unused-scanner.php

test:dependencies:
  image: cylab/php74
  script:
    # in cylab/php74, security-checker is already installed...
    - ~/.composer/vendor/bin/security-checker security:check composer.lock

test:gitleaks:
  stage: test
  image: 
    name: "zricethezav/gitleaks"
    entrypoint: [""]
  script:
    # to avoid
    # fatal: unsafe repository ('/builds/...' is owned by someone else)
    # with recent git versions
    - git config --global --add safe.directory $CI_PROJECT_DIR
    - gitleaks detect -v -c gitleaks.toml ./
    
build:
  stage: test
  ## Run on a gitlab-runner that is configured with docker-in-docker
  tags:
    - dind
  image: docker:20.10.16
  services:
    - docker:20.10.16-dind
  variables:
    DOCKER_TLS_CERTDIR: "/certs"
  before_script:
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
  script:
    - docker pull $CI_REGISTRY_IMAGE:latest || true
    - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --tag $CI_REGISTRY_IMAGE:latest .
    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
    - docker push $CI_REGISTRY_IMAGE:latest