diff --git a/.db_requirements b/.db_requirements index 03ac64035..00a2c6f10 100644 --- a/.db_requirements +++ b/.db_requirements @@ -1 +1 @@ -v0.0.13 +v0.1.16 diff --git a/.editorconfig b/.editorconfig index 713c41db3..fbd31fd85 100644 --- a/.editorconfig +++ b/.editorconfig @@ -14,5 +14,8 @@ trim_trailing_whitespace = false [*.{yml,yaml}] indent_size = 2 +[*.{js,ts}] +indent_size = 2 + [docker-compose{*,/**/*}.{yml,yaml}] indent_size = 4 diff --git a/.env b/.env index 68cdeb6c2..05f555bd0 100644 --- a/.env +++ b/.env @@ -60,7 +60,7 @@ COOKIE_NAME=WOOPID TOTP_ISSUER=localhost # Application mode. Could be only for balie (backend), frontend, or both -APP_MODE=both +APP_MODE=BOTH # Base URL of the application frontend (which could different from backend when APP_MODE is not BOTH) PUBLIC_BASE_URL=http://localhost:8000 @@ -86,3 +86,27 @@ STORAGE_MINIO_BATCH_BUCKET=batch_bucket # ----------------------------------------------------- # Identification number for Piwik analytics PIWIK_ANALYTICS_ID=0 + +###> php-amqplib/rabbitmq-bundle ### +RABBITMQ_URL=amqp://guest:guest@localhost:5672 +###< php-amqplib/rabbitmq-bundle ### + +#------------------------------------------------------ +# audit logger variables +# Generate keys with "php bin/console woopie:auditlog:generate-keys" +AUDITLOG_ENCRYPTION_PUB_KEY= +AUDITLOG_ENCRYPTION_PRIV_KEY= + +AUDITLOG_PSR_ENCRYPTED=false +AUDITLOG_PSR_LOG_PII=false + +AUDITLOG_DOCTRINE_ENCRYPTED=false +AUDITLOG_DOCTRINE_LOG_PII=false + +AUDITLOG_RABBITMQ_ENCRYPTED=false +AUDITLOG_RABBITMQ_LOG_PII=false +AUDITLOG_RABBITMQ_ROUTING_KEY=auditlog + +AUDITLOG_FILE_ENCRYPTED=false +AUDITLOG_FILE_LOG_PII=false +AUDITLOG_FILE_PATH=%kernel.logs_dir%/audit.log diff --git a/.env.ci b/.env.ci index 2c974b90f..1336b45a8 100644 --- a/.env.ci +++ b/.env.ci @@ -30,7 +30,7 @@ COOKIE_NAME=WOOPID TOTP_ISSUER=localhost -APP_MODE=both +APP_MODE=BOTH PUBLIC_BASE_URL=http://localhost:8000 @@ -39,3 +39,15 @@ STORAGE_THUMBNAIL_ADAPTER=local STORAGE_BATCH_ADAPTER=local PIWIK_ANALYTICS_ID=0 + +#------------------------------------------------------ +# audit logger variables +AUDITLOG_ENCRYPTION_PUB_KEY= +AUDITLOG_ENCRYPTION_PRIV_KEY= + +AUDITLOG_PSR_ENCRYPTED=false +AUDITLOG_DOCTRINE_ENCRYPTED=false +AUDITLOG_RABBITMQ_ENCRYPTED=false +AUDITLOG_FILE_ENCRYPTED=false +AUDITLOG_FILE_PATH=%kernel.logs_dir%/audit.log + diff --git a/.env.development b/.env.development index 5a9848af4..26e480210 100644 --- a/.env.development +++ b/.env.development @@ -36,7 +36,7 @@ COOKIE_NAME=WOOPID TOTP_ISSUER=localhost -APP_MODE=both +APP_MODE=BOTH PUBLIC_BASE_URL=http://localhost:8000 STORAGE_DOCUMENT_ADAPTER=local @@ -44,3 +44,13 @@ STORAGE_THUMBNAIL_ADAPTER=local STORAGE_BATCH_ADAPTER=local PIWIK_ANALYTICS_ID=0 + +AUDITLOG_ENCRYPTION_PUB_KEY= +AUDITLOG_ENCRYPTION_PRIV_KEY= + +AUDITLOG_PSR_ENCRYPTED=false +AUDITLOG_DOCTRINE_ENCRYPTED=false +AUDITLOG_RABBITMQ_ENCRYPTED=false +AUDITLOG_FILE_ENCRYPTED=false +AUDITLOG_FILE_PATH=%kernel.logs_dir%/audit.log +RABBITMQ_URL=amqp://guest:guest@rabbitmq:5672 diff --git a/.github/workflows/daily-e2e-robotrun.yml b/.github/workflows/daily-e2e-robotrun.yml index c6d388af4..83e6468a9 100644 --- a/.github/workflows/daily-e2e-robotrun.yml +++ b/.github/workflows/daily-e2e-robotrun.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install python dependencies run: | python -m pip install --upgrade pip @@ -18,8 +18,13 @@ jobs: - name: Execute E2E tests (Robot Framework) env: OTP_SECRET_WOO: ${{ secrets.OTP_SECRET_WOO }} - USERNAME_WOO: ${{ secrets.USERNAME_WOO }} - PASSWORD_WOO: ${{ secrets.PASSWORD_WOO }} + USERNAME_WOO_STAGING: ${{ secrets.USERNAME_WOO_STAGING }} + PASSWORD_WOO_STAGING: ${{ secrets.PASSWORD_WOO_STAGING }} + USERNAME_WOO_TEST: ${{ secrets.USERNAME_WOO_TEST }} + PASSWORD_WOO_TEST: ${{ secrets.PASSWORD_WOO_TEST }} + EMAIL_WOO_TEST_BALIE: ${{ secrets.EMAIL_WOO_TEST_BALIE }} + PASSWORD_WOO_TEST_BALIE: ${{ secrets.PASSWORD_WOO_TEST_BALIE }} + SECRET_WOO_TEST_BALIE: ${{ secrets.SECRET_WOO_TEST_BALIE }} run: | python -m robot -d tests/robot_framework/results -x outputxunit.xml -i E2E -e LOGS -v headless:true tests/robot_framework - name: Upload test results diff --git a/.github/workflows/documentation-linter.yml b/.github/workflows/documentation-linter.yml index 0d9c53b86..afd178224 100644 --- a/.github/workflows/documentation-linter.yml +++ b/.github/workflows/documentation-linter.yml @@ -8,8 +8,8 @@ jobs: name: lint markDown file runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: DavidAnson/markdownlint-cli2-action@v12 + - uses: actions/checkout@v4 + - uses: DavidAnson/markdownlint-cli2-action@v13 with: globs: '**/*.md' diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 01254f30d..bcd95db31 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -11,9 +11,9 @@ jobs: steps: - name: Set env run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install Node.js - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' diff --git a/.github/workflows/php-tests.yml b/.github/workflows/php-tests.yml index d558663e6..3bb1e54b6 100644 --- a/.github/workflows/php-tests.yml +++ b/.github/workflows/php-tests.yml @@ -10,7 +10,7 @@ jobs: composer-install: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/cache@v3 with: path: vendor/ @@ -22,7 +22,9 @@ jobs: php-version: ${{ matrix.php-versions }} extensions: zip - name: Install Dependencies - run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist + env: + COMPOSER_AUTH: '{"github-oauth": {"github.com": "${{ secrets.REPO_READ_ONLY_TOKEN }}"}}' + run: composer install --no-interaction --no-scripts --no-progress --prefer-dist strategy: max-parallel: 3 matrix: @@ -33,7 +35,7 @@ jobs: - composer-install runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/cache@v3 with: path: vendor/ @@ -59,7 +61,7 @@ jobs: - composer-install runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/cache@v3 with: path: vendor/ @@ -76,12 +78,34 @@ jobs: matrix: php-versions: [ '8.1', '8.2' ] + php-linting-phpcsfixer: + needs: + - composer-install + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v4 + - uses: actions/cache@v3 + with: + path: vendor/ + key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} + restore-keys: ${{ runner.os }}-composer- + - name: Install PHP + uses: shivammathur/setup-php@master + with: + php-version: ${{ matrix.php-versions }} + - name: PHP CS Fixer + run: vendor/bin/php-cs-fixer fix --dry-run --diff --verbose + strategy: + max-parallel: 3 + matrix: + php-versions: [ '8.1', '8.2' ] + php-linting-phpmd: needs: - composer-install runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/cache@v3 with: path: vendor/ @@ -103,7 +127,7 @@ jobs: - composer-install runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/cache@v3 with: path: vendor/ @@ -127,12 +151,12 @@ jobs: matrix: php-versions: [ '8.1', '8.2' ] - php-security-check: + php-linting-twig: needs: - composer-install runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/cache@v3 with: path: vendor/ @@ -142,19 +166,30 @@ jobs: uses: shivammathur/setup-php@master with: php-version: ${{ matrix.php-versions }} - - name: Local PHP Security Checker - uses: docker://pplotka/local-php-security-checker-github-actions + - name: copy env file + run: | + cp .env.ci .env.local + # change database url to sqlite + sed -i 's|^DATABASE_URL=.*|DATABASE_URL=sqlite:///%kernel.project_dir%/var/data.db|' .env.local + - name: Twig linter + run: | + bin/console cache:clear + bin/console cache:warmup + bin/console lint:twig templates + env: + APP_ENV: prod + APP_DEBUG: false strategy: max-parallel: 3 matrix: php-versions: [ '8.1', '8.2' ] - php-linting-twig: + php-linting-translations: needs: - composer-install runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/cache@v3 with: path: vendor/ @@ -173,7 +208,7 @@ jobs: run: | bin/console cache:clear bin/console cache:warmup - bin/console lint:twig templates + bin/console lint:yaml translations env: APP_ENV: prod APP_DEBUG: false diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 17627032b..00c06d57f 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -10,7 +10,7 @@ jobs: composer-install: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/cache@v3 with: path: vendor/ @@ -22,6 +22,8 @@ jobs: php-version: ${{ matrix.php-versions }} extensions: zip - name: Install Dependencies + env: + COMPOSER_AUTH: '{"github-oauth": {"github.com": "${{ secrets.REPO_READ_ONLY_TOKEN }}"}}' run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist strategy: max-parallel: 3 @@ -37,7 +39,7 @@ jobs: matrix: php-versions: [ '8.1', '8.2' ] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install PHP uses: shivammathur/setup-php@master with: @@ -83,7 +85,7 @@ jobs: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install PHP uses: shivammathur/setup-php@master with: diff --git a/.gitignore b/.gitignore index a07108b98..676b95854 100644 --- a/.gitignore +++ b/.gitignore @@ -43,5 +43,6 @@ yarn-error.log ### Editor and private files # +/coverage /database /public/sitemap* diff --git a/.npmrc b/.npmrc index 4d644ad0b..b822692dd 100644 --- a/.npmrc +++ b/.npmrc @@ -1 +1 @@ -@minvws:registry=https://npm.pkg.github.com \ No newline at end of file +@minvws:registry=https://npm.pkg.github.com diff --git a/.php-cs-fixer.dist.php b/.php-cs-fixer.dist.php index f0eae91f4..b0fa6f3b4 100644 --- a/.php-cs-fixer.dist.php +++ b/.php-cs-fixer.dist.php @@ -2,7 +2,7 @@ $finder = (new PhpCsFixer\Finder()) ->in(__DIR__) - ->exclude('var') + ->exclude(['var', 'node_modules']) ; return (new PhpCsFixer\Config()) @@ -15,6 +15,7 @@ 'not_operator_with_space' => false, 'not_operator_with_successor_space' => true, 'phpdoc_to_comment' => ['ignored_tags' => ['var']], + 'types_spaces' => ['space_multiple_catch' => 'single'], ]) ->setFinder($finder) ;