Skip to content

Add LDAP filter for the filter to prevent security problem #107

Add LDAP filter for the filter to prevent security problem

Add LDAP filter for the filter to prevent security problem #107

Workflow file for this run

name: "GLPI CI"
on:
# Runs test suite when a new commit is pushed on "master" and "*/bugfixes" branches
# and when a new tag is created
push:
branches:
- master
- '*/bugfixes'
- 'feature/*'
- 'fix/*'
- 'security/*'
tags:
- '*'
# Runs test suite when a PR is opened or synchronyzed
pull_request:
# Runs test suite every night
schedule:
- cron: '0 0 * * *'
# Enable manual run
workflow_dispatch:
jobs:
lint:
# Do not run scheduled lint on tier repositories
if: github.repository == 'glpi-project/glpi' || github.event_name != 'schedule'
name: "Lint on PHP ${{ matrix.php-version }}"
runs-on: "${{ 'ubuntu-latest' }}"
strategy:
fail-fast: false
matrix:
include:
- {php-version: "7.2"} # Lint on lower PHP version to detected too early usage of new syntaxes
- {php-version: "8.0"} # Lint on higher PHP version to detected deprecated elements usage
env:
COMPOSE_FILE: ".github/actions/docker-compose-app.yml"
APPLICATION_ROOT: "${{ github.workspace }}"
PHP_IMAGE: "githubactions-php:${{ matrix.php-version }}"
UPDATE_FILES_ACL: true
steps:
- name: "Cancel previous runs"
uses: "styfle/[email protected]"
with:
access_token: "${{ github.token }}"
- name: "Clean workspace"
run: |
echo "APP_CONTAINER_HOME=${{ runner.temp }}/app_home" >> $GITHUB_ENV
rm -rf "${{ env.APPLICATION_ROOT }}/*"
rm -rf "${{ env.APP_CONTAINER_HOME }}/*"
- name: "Checkout"
uses: "actions/checkout@v2"
- name: "Restore dependencies cache"
uses: actions/cache@v2
with:
path: |
${{ env.APP_CONTAINER_HOME }}/.composer/cache/
${{ env.APP_CONTAINER_HOME }}/.npm/_cacache/
key: "app_home_deps-${{ matrix.php-version }}-${{ hashFiles('composer.lock', 'package-lock.json') }}"
restore-keys: |
app_home_deps-${{ matrix.php-version }}-
app_home_deps-
- name: "Restore lint cache"
uses: actions/cache@v2
with:
path: |
${{ env.APP_CONTAINER_HOME }}/phpcs.cache
key: "app_home_lint-${{ matrix.php-version }}-${{ github.base_ref || github.ref }}"
restore-keys: |
app_home_lint-${{ matrix.php-version }}
app_home_lint-
- name: "Initialize containers"
run: |
.github/actions/init_containers-start.sh
- name: "Show versions"
run: |
.github/actions/init_show-versions.sh
- name: "Install dependencies"
run: |
docker-compose exec -T app .github/actions/init_install-dependencies.sh
- name: "PHP lint"
run: |
docker-compose exec -T app .github/actions/lint_php-lint.sh
- name: "JS lint"
run: |
docker-compose exec -T app .github/actions/lint_js-lint.sh
- name: "Misc lint"
run: |
docker-compose exec -T app .github/actions/lint_misc-lint.sh
- name: "Cleanup containers"
if: always()
run: |
.github/actions/teardown_containers-cleanup.sh
tests:
# Do not run scheduled tests on tier repositories
if: github.repository == 'glpi-project/glpi' || github.event_name != 'schedule'
name: "Test on PHP ${{ matrix.php-version }} using ${{ matrix.db-image }}"
runs-on: "${{ 'ubuntu-latest' }}"
strategy:
fail-fast: false
matrix:
include:
# test higher PHP version with higher MariaDB and MySQL versions
- {php-version: "8.0", db-image: "mariadb:10.6", always: true}
- {php-version: "8.0", db-image: "mysql:8.0", always: true}
# test other PHP versions
- {php-version: "7.2", db-image: "mariadb:10.6", always: false}
- {php-version: "7.3", db-image: "mariadb:10.6", always: false}
- {php-version: "7.4", db-image: "mariadb:10.6", always: false}
# test other DB servers/versions
- {php-version: "8.0", db-image: "mariadb:10.1", always: false}
- {php-version: "8.0", db-image: "mysql:5.6", always: false}
- {php-version: "8.0", db-image: "percona:5.6", always: false}
- {php-version: "8.0", db-image: "percona:8.0", always: false}
env:
# Skip jobs that should not be always run on pull requests or on push on tier repository (to limit workers usage).
# No jobs will be skipped on nightly build, manual dispatch or push on main branches (master and */bugfixes) or tags.
# skip: ${{ matrix.always == false && (github.event_name == 'pull_request' || github.repository != 'glpi-project/glpi' || !(github.event_name == 'workflow_dispatch' || github.ref == 'refs/heads/master' || endsWith(github.ref, '/bugfixes') || startsWith(github.ref, 'refs/tags'))) }}
COMPOSE_FILE: ".github/actions/docker-compose-app.yml:.github/actions/docker-compose-services.yml"
APPLICATION_ROOT: "${{ github.workspace }}"
DB_IMAGE: "githubactions-${{ matrix.db-image }}"
PHP_IMAGE: "githubactions-php:${{ matrix.php-version }}"
UPDATE_FILES_ACL: true
steps:
- name: "Cancel previous runs"
if: env.skip != 'true'
uses: "styfle/[email protected]"
with:
access_token: "${{ github.token }}"
- name: "Clean workspace"
if: env.skip != 'true'
run: |
echo "APP_CONTAINER_HOME=${{ runner.temp }}/app_home" >> $GITHUB_ENV
rm -rf "${{ env.APPLICATION_ROOT }}/*"
rm -rf "${{ env.APP_CONTAINER_HOME }}/*"
- name: "Checkout"
if: env.skip != 'true'
uses: "actions/checkout@v2"
- name: "Restore dependencies cache"
if: env.skip != 'true'
uses: actions/cache@v2
with:
path: |
${{ env.APP_CONTAINER_HOME }}/.composer/cache/
${{ env.APP_CONTAINER_HOME }}/.npm/_cacache/
key: "app_home_deps-${{ matrix.php-version }}-${{ hashFiles('composer.lock', 'package-lock.json') }}"
restore-keys: |
app_home_deps-${{ matrix.php-version }}-
app_home_deps-
- name: "Initialize containers"
if: env.skip != 'true'
run: |
.github/actions/init_containers-start.sh
- name: "Show versions"
if: env.skip != 'true'
run: |
.github/actions/init_show-versions.sh
- name: "Install dependencies"
if: env.skip != 'true'
run: |
docker-compose exec -T app .github/actions/init_install-dependencies.sh
- name: "Install DB tests"
if: env.skip != 'true'
run: |
docker-compose exec -T app .github/actions/test_install.sh
- name: "Update DB tests"
if: env.skip != 'true'
run: |
.github/actions/init_initialize-old-dbs.sh
docker-compose exec -T app .github/actions/test_update-from-older-version.sh
- name: "Unit tests"
if: env.skip != 'true'
run: |
docker-compose exec -T app .github/actions/test_tests-units.sh
- name: "Functionnal tests"
if: env.skip != 'true'
run: |
docker-compose exec -T app .github/actions/test_tests-functionnal.sh
- name: "LDAP tests"
if: env.skip != 'true'
run: |
.github/actions/init_initialize-ldap-fixtures.sh
docker-compose exec -T app .github/actions/test_tests-ldap.sh
- name: "IMAP tests"
if: env.skip != 'true'
run: |
.github/actions/init_initialize-imap-fixtures.sh
docker-compose exec -T app .github/actions/test_tests-imap.sh
- name: "WEB tests"
if: env.skip != 'true'
run: |
docker-compose exec -T app .github/actions/test_tests-web.sh
- name: "Cleanup containers"
if: env.skip != 'true' && always()
run: |
.github/actions/teardown_containers-cleanup.sh