init

.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+.idea

README.md

@@ -0,0 +1,2 @@
+# Gitlab Pipeline Templates
+

deployment/deployer.yaml

@@ -0,0 +1,11 @@
+variables:
+  DEPLOYER_CONFIG: 'deployment/deploy.php'
+  DEPLOY_STAGE: 'staging'
+
+'Deplyoer':
+  stage: deploy
+  image: composer
+  script:
+    - composer create-project deployer/deployer /tmp/deployer
+    - cd $(dirname ${DEPLOYER_CONFIG})
+    - php /tmp/deployer/bin/dep deploy --branch=$CI_COMMIT_REF_NAME $DEPLOY_STAGE

deployment/pages.yaml

@@ -0,0 +1,11 @@
+pages:
+  stage: pages
+  allow_failure: true
+  script:
+    - |
+      [[ -d reports ]] && mv reports public/
+    - cp -R build/pages/* public
+  artifacts:
+    paths:
+      - public
+    expire_in: 7 days

laravel/phpcs.yaml

@@ -0,0 +1,16 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'Codestyle':
+  stage: static
+  image: composer
+  allow_failure: true
+  before_script: []
+  script:
+    - composer create-project doctrine/coding-standard /tmp/cs
+    - mkdir -p reports/phpcs
+    - php /tmp/cs/vendor/bin/phpcs --standard=Doctrine --report=full --report=reports/phpcs/ --no-cache $LINT_DIRS
+  artifacts:
+    paths:
+      - reports
+    expire_in: 30m

laravel/phpmd.yaml

@@ -0,0 +1,17 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'Mess Detection':
+  stage: static
+  image: composer
+  before_script: []
+  allow_failure: true
+  script:
+    - composer create-project phpmd/phpmd /tmp/phpmd
+    - mkdir -p reports
+    - for dir in $LINT_DIRS; do mkdir -p reports/phpmd/${dir}; done;
+    - for dir in $LINT_DIRS; do php /tmp/phpmd/src/bin/phpmd $dir html cleancode,codesize,design,unusedcode --reportfile reports/${dir}/phpmd-report.html --ignore-violations-on-exit; done;
+  artifacts:
+    paths:
+      - reports
+    expire_in: 30m

linter/json.yaml

@@ -0,0 +1,12 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'Json Linting':
+  stage: lint
+  allow_failure: true
+  image: pipelinecomponents/jsonlint
+  before_script: []
+  script:
+    - |
+      find $LINT_DIRS -not -path './.git/*' -name '*.json' -type f -print0 |
+      parallel --will-cite -k -0 -n1 jsonlint -q

linter/markdown_spellcheck.yaml

@@ -0,0 +1,15 @@
+variables:
+  DOCS_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'Spellcheck the docs':
+  stage: lint
+  allow_failure: true
+  image: node:9.11.1
+  before_script: []
+  cache:
+    paths:
+      - node_modules/
+  script:
+    - npm i markdown-spellcheck -g
+    - mdspell --en-us --ignore-acronyms --ignore-numbers --report "$DOCS_DIRS/**/*.md"
+

linter/php7.1.yaml

@@ -0,0 +1,10 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'PHP 7.1 Linting':
+  stage: lint
+  image: php:7.1
+  before_script: []
+  allow_failure: false
+  script:
+    - sh -c 'if find ${LINT_DIRS} -name "*.php" -exec php -l {} 2>&1 \; | grep -v "^No syntax errors detected"; then exit 1; fi'

linter/php7.2.yaml

@@ -0,0 +1,10 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'PHP 7.2 Linting':
+  stage: lint
+  image: php:7.2
+  before_script: []
+  allow_failure: false
+  script:
+    - sh -c 'if find ${LINT_DIRS} -name "*.php" -exec php -l {} 2>&1 \; | grep -v "^No syntax errors detected"; then exit 1; fi'

linter/php7.3.yaml

@@ -0,0 +1,10 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'PHP 7.3 Linting':
+  stage: lint
+  image: php:7.3
+  before_script: []
+  allow_failure: false
+  script:
+    - sh -c 'if find ${LINT_DIRS} -name "*.php" -exec php -l {} 2>&1 \; | grep -v "^No syntax errors detected"; then exit 1; fi'

linter/php7.4.yaml

@@ -0,0 +1,10 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'PHP 7.4 Linting':
+  stage: lint
+  image: php:7.4
+  before_script: []
+  allow_failure: false
+  script:
+    - sh -c 'if find ${LINT_DIRS} -name "*.php" -exec php -l {} 2>&1 \; | grep -v "^No syntax errors detected"; then exit 1; fi'

linter/xml.yaml

@@ -0,0 +1,11 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'XML Linting':
+  stage: lint
+  allow_failure: true
+  image: composer
+  before_script: []
+  script:
+    - composer create-project sclable/xml-lint /tmp/xml-lint
+    - for dir in $LINT_DIRS; do php /tmp/xml-lint/bin/xmllint --skip-xsd $dir; done;

linter/yaml.yaml

@@ -0,0 +1,10 @@
+variables:
+  LINT_DIRS: "src app/code" # Separate multiple dirs with spaces
+
+'Yaml Linting':
+  stage: lint
+  allow_failure: true
+  before_script: []
+  image: sdesbure/yamllint
+  script:
+    - for dir in $LINT_DIRS; do yamllint $LINT_DIRS $dir; done;

magento2/phpcs.yaml

@@ -0,0 +1,17 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'Codestyle':
+  stage: static
+  image: composer
+  allow_failure: true
+  before_script: []
+  script:
+    - composer create-project magento/magento-coding-standard /tmp/meqp2
+    - mkdir -p reports
+    - for dir in $LINT_DIRS; do mkdir -p reports/phpcs/$dir; done;
+    - for dir in $LINT_DIRS; do php /tmp/meqp2/vendor/bin/phpcs $dir --standard=Magento2 --severity=10 --extensions=php,phtml --report=full --report-file=reports/phpcs/${dir}/phpcs-report.log; done;
+  artifacts:
+    paths:
+      - reports
+    expire_in: 30m

static/pdepend.yaml

@@ -0,0 +1,17 @@
+variables:
+  LINT_DIRS: "src app/code" # Separate multiple dirs with spaces
+
+'Dependency Analyzer':
+  stage: static
+  image: composer
+  allow_failure: true
+  before_script: []
+  script:
+    - composer create-project pdepend/pdepend /tmp/pdepend
+    - mkdir -p reports/pdepend
+    - for dir in $LINT_DIRS; do mkdir -p reports/pdepend/$dir; done;
+    - for dir in $LINT_DIRS; do php /tmp/pdepend/src/bin/pdepend.php --overview-pyramid=reports/pdepend/${dir}/overview-pyramid.svg --jdepend-chart=reports/pdepend/${dir}/jdepend-chart.svg $dir; done;
+  artifacts:
+    paths:
+      - reports
+    expire_in: 30m

static/phpcpd.yaml

@@ -0,0 +1,16 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'Copy/Paste Detection':
+  stage: static
+  image: composer
+  allow_failure: true
+  before_script: []
+  script:
+    - composer create-project sebastian/phpcpd /tmp/phpcpd
+    - mkdir -p reports/phpcpd
+    - php /tmp/phpcpd/phpcpd --regexps-exclude="#.*Test.*#" --log-pmd=reports/phpcpd/phpcpd.xml $LINT_DIRS
+  artifacts:
+    paths:
+      - reports
+    expire_in: 30m

static/phpmetrics.yaml

@@ -0,0 +1,16 @@
+variables:
+  LINT_DIRS: "app/code src" # Separate multiple dirs with spaces
+
+'PHP Metrics':
+  stage: static
+  allow_failure: true
+  image: composer
+  before_script: []
+  script:
+    - composer create-project phpmetrics/phpmetrics /tmp/phpmetrics
+    - mkdir -p reports/phpmetrics
+    - php /tmp/phpmetrics/bin/phpmetrics --report-html=reports/phpmetrics $LINT_DIRS
+  artifacts:
+    paths:
+      - reports
+    expire_in: 30m

test/security_sensiolab.yaml

@@ -0,0 +1,19 @@
+variables:
+  PRODUCTION_URL: 'https://example.com/override-me'
+
+'Security Advisories':
+  stage: security
+  allow_failure: false
+  dependencies: []
+  before_script: []
+  image: php:7.3
+  only:
+    - master
+  script:
+    - mkdir -p reports
+    - curl -O https://get.sensiolabs.org/security-checker.phar
+    - php security-checker.phar security:check composer.lock | sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g" | tee reports/security_advisories.txt
+  artifacts:
+    paths:
+      - reports
+    expire_in: 30m

test/security_zap_baseline.yaml

@@ -0,0 +1,41 @@
+variables:
+  PRODUCTION_URL: "https://example.com/override-me"
+
+'OWASP ZAP Baseline':
+  stage: post-deploy
+  before_script: []
+  image:
+    name: owasp/zap2docker-weekly
+    entrypoint: [""]
+  script:
+    - |
+      cat > zap.conf << EOF
+        10010	IGNORE	(Cookie No HttpOnly Flag)
+        10011	IGNORE	(Cookie Without Secure Flag)
+        10012	IGNORE	(Password Autocomplete in Browser)
+        10015	IGNORE	(Incomplete or No Cache-control and Pragma HTTP Header Set)
+        10016	FAIL	(Web Browser XSS Protection Not Enabled)
+        10017	IGNORE	(Cross-Domain JavaScript Source File Inclusion)
+        10019	FAIL	(Content-Type Header Missing)
+        10020	FAIL	(X-Frame-Options Header Scanner)
+        10021	IGNORE	(X-Content-Type-Options Header Missing)
+        10023	FAIL	(Information Disclosure - Debug Error Messages)
+        10024	FAIL	(Information Disclosure - Sensitive Informations in URL)
+        10025	FAIL	(Information Disclosure - Sensitive Information in HTTP Referrer Header)
+        10026	FAIL	(HTTP Parameter Override)
+        10027	FAIL	(Information Disclosure - Suspicious Comments)
+        10032	FAIL	(Viewstate Scanner)
+        10040	FAIL	(Secure Pages Include Mixed Content)
+        10054	IGNORE	(Cookie Without SameSite Attribute)
+        10105	FAIL	(Weak Authentication Method)
+        10202	IGNORE	(Absence of Anti-CSRF Tokens)
+        2	FAIL	(Private IP Disclosure)
+        3	FAIL	(Session ID in URL Rewrite)
+        50001	FAIL	(Script Passive Scan Rules)
+        90001	FAIL	(Insecure JSF ViewState)
+        90011	FAIL	(Charset Mismatch)
+        90022	FAIL	(Application Error Disclosure)
+        90030	FAIL	(WSDL File Passive Scanner)
+        90033	FAIL	(Loosely Scoped Cookie)
+      EOF
+    - zap-baseline.py -I -t $PRODUCTION_URL -u file://$(pwd)/zap.conf

test/sitespeed.yaml

@@ -0,0 +1,11 @@
+variables:
+  SITESPEED_URL: https://example.com/override-me
+
+'Sitespeed':
+  stage: post-deploy
+  image:
+    name: sitespeedio/sitespeed.io:10.3.2
+    entrypoint: [""]
+  before_script: []
+  script:
+    - /start.sh $SITESPEED_URL

test/smoke.yaml

@@ -0,0 +1,12 @@
+variables:
+  CIGAR_JSON: .cigar.json
+  SMOKE_TEST_BASE_URL: "https://example.com/override-me"
+
+'Smoke Test':
+  stage: post-deploy
+  before_script: []
+  image:
+    name: brunty/cigar:1.12.3
+    entrypoint: [""]
+  script:
+    - if [ -f $CIGAR_JSON ]; then cigar -u $SMOKE_TEST_BASE_URL -c $CIGAR_JSON; fi