.gitlab-ci.yml 2.59 KiB
stages:
- test
- deploy
## Cache composer packages between all jobs and all branches
## of this project...
cache:
key: one-key-to-rull-them-all
paths:
- composer-cache/
# Test with PHP7.4
test:php74:
stage: test
image: cylab/php74
before_script:
# Install all project dependencies
- COMPOSER_CACHE_DIR=./composer-cache composer install
# setup Laravel
- cp env.test .env
- touch storage/app/db.sqlite
- php artisan migrate
script:
- vendor/bin/phpunit --coverage-text --colors=never
- vendor/bin/phpcs
- vendor/bin/phpstan analyze --memory-limit=512M
- vendor/bin/unused_scanner unused-scanner.php
test:dependencies:
image: cylab/php74
script:
# in cylab/php74, security-checker is already installed...
- ~/.composer/vendor/bin/security-checker security:check composer.lock
test:gitleaks:
stage: test
image:
name: "zricethezav/gitleaks"
entrypoint: [""]
script:
# to avoid
# fatal: unsafe repository ('/builds/...' is owned by someone else)
# with recent git versions
- git config --global --add safe.directory $CI_PROJECT_DIR
- gitleaks detect -v -c gitleaks.toml ./
build:
stage: test
## Run on a gitlab-runner that is configured with docker-in-docker
tags:
- dind
image: docker:20.10.16
services:
- docker:20.10.16-dind
variables:
DOCKER_TLS_CERTDIR: "/certs"
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- docker pull $CI_REGISTRY_IMAGE:latest || true
- docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --tag $CI_REGISTRY_IMAGE:latest .
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
- docker push $CI_REGISTRY_IMAGE:latest
deploy:
stage: deploy
image: alpine
before_script:
# install envsubst and ssh-add
- apk add gettext openssh-client