diff --git a/.github/workflows/php-sdk-development-tests.yml b/.github/workflows/php-sdk-development-tests.yml index 799e334..4d6f106 100644 --- a/.github/workflows/php-sdk-development-tests.yml +++ b/.github/workflows/php-sdk-development-tests.yml @@ -12,6 +12,11 @@ on: description: The LAPI client json to use required: true default: '["main","crowdsecurity/php-lapi-client"]' + capi_client_json: + type: string + description: The CAPI client json to use + required: true + default: '["main","crowdsecurity/php-capi-client"]' remediation_engine_json: type: string description: The Remediation Engine json to use @@ -37,6 +42,11 @@ on: description: The LAPI client json to use required: true default: '["main"]' + capi_client_json: + type: string + description: The CAPI client json to use + required: true + default: '["main"]' remediation_engine_json: type: string description: The Remediation Engine json to use @@ -49,9 +59,16 @@ permissions: env: # Allow ddev get to use a GitHub token to prevent rate limiting by tests DDEV_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + STANDALONE_BOUNCER_REPO: crowdsecurity/cs-standalone-php-bouncer + BOUNCER_LIB_REPO: crowdsecurity/php-cs-bouncer + REMEDIATION_ENGINE_REPO: crowdsecurity/php-remediation-engine + CAPI_CLIENT_REPO: crowdsecurity/php-capi-client + LAPI_CLIENT_REPO: crowdsecurity/php-lapi-client + PHP_COMMON_REPO: crowdsecurity/php-common PHP_COMMON_JSON: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.php_common_json || inputs.php_common_json }} LAPI_CLIENT_JSON: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.lapi_client_json || inputs.lapi_client_json }} REMEDIATION_ENGINE_JSON: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.remediation_engine_json || inputs.remediation_engine_json }} + CAPI_CLIENT_JSON: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.capi_client_json || inputs.capi_client_json }} jobs: test-suite: @@ -65,7 +82,10 @@ jobs: if: ${{ !contains(github.event.head_commit.message, 'chore(') }} env: EXTENSION_PATH: "my-code/crowdsec-bouncer-lib" - BOUNCER_LIB_REPO: crowdsecurity/php-cs-bouncer + REMEDIATION_ENGINE_PATH: "my-code/php-remediation-engine" + CAPI_CLIENT_PATH: "my-code/php-capi-client" + LAPI_CLIENT_PATH: "my-code/php-lapi-client" + PHP_COMMON_PATH: "my-code/php-common" DDEV_PROJECT: "crowdsec-bouncer-lib" JP_TEST_IP: "210.249.74.42" IPV6_TEST_IP: "2001:0db8:0000:85a3:0000:0000:ac1f:8001" @@ -75,10 +95,9 @@ jobs: - name: Set PHP common variables id: set-common-data run: | - echo "major_tag=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/crowdsecurity/php-common/releases/latest | grep -oP "\/tag\/v\K(.*)$" | cut -d. -f1)" >> $GITHUB_OUTPUT echo "branch=${{ fromJson(env.PHP_COMMON_JSON)[0] }}" >> $GITHUB_OUTPUT if [ "${{ inputs.is_call }}" = "true" ]; then - echo "repo=crowdsecurity/php-common" >> $GITHUB_OUTPUT + echo "repo=${{env.PHP_COMMON_REPO}}" >> $GITHUB_OUTPUT else echo "repo=${{ fromJson(env.PHP_COMMON_JSON)[1] }}" >> $GITHUB_OUTPUT fi @@ -86,21 +105,29 @@ jobs: - name: Set LAPI client variables id: set-lapi-client-data run: | - echo "major_tag=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/crowdsecurity/php-lapi-client/releases/latest | grep -oP "\/tag\/v\K(.*)$" | cut -d. -f1)" >> $GITHUB_OUTPUT echo "branch=${{ fromJson(env.LAPI_CLIENT_JSON)[0] }}" >> $GITHUB_OUTPUT if [ "${{ inputs.is_call }}" = "true" ]; then - echo "repo=crowdsecurity/php-lapi-client" >> $GITHUB_OUTPUT + echo "repo=${{env.LAPI_CLIENT_REPO}}" >> $GITHUB_OUTPUT else echo "repo=${{ fromJson(env.LAPI_CLIENT_JSON)[1] }}" >> $GITHUB_OUTPUT fi + - name: Set CAPI client variables + id: set-capi-client-data + run: | + echo "branch=${{ fromJson(env.CAPI_CLIENT_JSON)[0] }}" >> $GITHUB_OUTPUT + if [ "${{ inputs.is_call }}" = "true" ]; then + echo "repo=${{env.CAPI_CLIENT_REPO}}" >> $GITHUB_OUTPUT + else + echo "repo=${{ fromJson(env.CAPI_CLIENT_JSON)[1] }}" >> $GITHUB_OUTPUT + fi + - name: Set Remediation engine variables id: set-remediation-engine-data run: | - echo "major_tag=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/crowdsecurity/php-remediation-engine/releases/latest | grep -oP "\/tag\/v\K(.*)$" | cut -d. -f1)" >> $GITHUB_OUTPUT echo "branch=${{ fromJson(env.REMEDIATION_ENGINE_JSON)[0] }}" >> $GITHUB_OUTPUT if [ "${{ inputs.is_call }}" = "true" ]; then - echo "repo=crowdsecurity/php-remediation-engine" >> $GITHUB_OUTPUT + echo "repo=${{env.REMEDIATION_ENGINE_REPO}}" >> $GITHUB_OUTPUT else echo "repo=${{ fromJson(env.REMEDIATION_ENGINE_JSON)[1] }}" >> $GITHUB_OUTPUT fi @@ -165,38 +192,67 @@ jobs: with: repository: ${{ steps.set-common-data.outputs.repo}} ref: ${{ steps.set-common-data.outputs.branch }} - path: my-code/php-common + path: ${{env.PHP_COMMON_PATH}} - - name: Clone PHP LAPI client + - name: Clone LAPI client uses: actions/checkout@v4 with: repository: ${{ steps.set-lapi-client-data.outputs.repo }} ref: ${{ steps.set-lapi-client-data.outputs.branch }} - path: my-code/php-lapi-client + path: ${{env.LAPI_CLIENT_PATH}} + + - name: Clone CAPI client + uses: actions/checkout@v4 + with: + repository: ${{ steps.set-capi-client-data.outputs.repo }} + ref: ${{ steps.set-capi-client-data.outputs.branch }} + path: ${{env.CAPI_CLIENT_PATH}} - name: Clone PHP remediation engine uses: actions/checkout@v4 with: repository: ${{ steps.set-remediation-engine-data.outputs.repo }} ref: ${{ steps.set-remediation-engine-data.outputs.branch }} - path: my-code/php-remediation-engine + path: ${{env.REMEDIATION_ENGINE_PATH}} - name: Add local repositories to composer run: | + # Bouncer lib ddev exec --raw composer config repositories.0 '{"type": "path", "url": "../php-common", "options": {"symlink": true}}' --working-dir ./${{ env.EXTENSION_PATH }} ddev exec --raw composer config repositories.1 '{"type": "path", "url": "../php-lapi-client", "options": {"symlink": true}}' --working-dir ./${{ env.EXTENSION_PATH }} ddev exec --raw composer config repositories.2 '{"type": "path", "url": "../php-remediation-engine", "options": {"symlink": true}}' --working-dir ./${{ env.EXTENSION_PATH }} + ddev exec --raw composer config repositories.3 '{"type": "path", "url": "../php-capi-client", "options": {"symlink": true}}' --working-dir ./${{ env.EXTENSION_PATH }} - name: Modify dependencies to use development aliases run: | - composer require crowdsec/common:"dev-${{ steps.set-common-data.outputs.branch }} as ${{ steps.set-common-data.outputs.major_tag }}.999.0" --no-update --working-dir ./${{env.EXTENSION_PATH}} - composer require crowdsec/lapi-client:"dev-${{ steps.set-lapi-client-data.outputs.branch }} as ${{ steps.set-lapi-client-data.outputs.major_tag }}.999.0" --no-update --working-dir ./${{env.EXTENSION_PATH}} - composer require crowdsec/remediation-engine:"dev-${{ steps.set-remediation-engine-data.outputs.branch }} as ${{ steps.set-remediation-engine-data.outputs.major_tag }}.999.0" --no-update --working-dir ./${{env.EXTENSION_PATH}} - - cat ./${{env.EXTENSION_PATH}}/composer.json + # Bouncer lib + composer require crowdsec/common:"dev-${{ steps.set-common-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.EXTENSION_PATH}} + composer require crowdsec/lapi-client:"dev-${{ steps.set-lapi-client-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.EXTENSION_PATH}} + composer require crowdsec/remediation-engine:"dev-${{ steps.set-remediation-engine-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.EXTENSION_PATH}} + composer require crowdsec/capi-client:"dev-${{ steps.set-capi-client-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.EXTENSION_PATH}} + # Remediation engine + composer require crowdsec/common:"dev-${{ steps.set-common-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.REMEDIATION_ENGINE_PATH}} + composer require crowdsec/lapi-client:"dev-${{ steps.set-lapi-client-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.REMEDIATION_ENGINE_PATH}} + composer require crowdsec/capi-client:"dev-${{ steps.set-capi-client-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.REMEDIATION_ENGINE_PATH}} + # CAPI client + composer require crowdsec/common:"dev-${{ steps.set-common-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.CAPI_CLIENT_PATH}} + # LAPI client + composer require crowdsec/common:"dev-${{ steps.set-common-data.outputs.branch }} as 999.999.0" --no-update --working-dir ./${{env.LAPI_CLIENT_PATH}} - name: Validate composer.json - run: ddev composer validate --strict --working-dir ./${{env.EXTENSION_PATH}} + run: | + # Bouncer lib + cat ./${{env.EXTENSION_PATH}}/composer.json + ddev composer validate --strict --working-dir ./${{env.EXTENSION_PATH}} + # Remediation engine + cat ./${{env.REMEDIATION_ENGINE_PATH}}/composer.json + ddev composer validate --strict --working-dir ./${{env.REMEDIATION_ENGINE_PATH}} + # CAPI client + cat ./${{env.CAPI_CLIENT_PATH}}/composer.json + ddev composer validate --strict --working-dir ./${{env.CAPI_CLIENT_PATH}} + # LAPI client + cat ./${{env.LAPI_CLIENT_PATH}}/composer.json + ddev composer validate --strict --working-dir ./${{env.LAPI_CLIENT_PATH}} - name: Install CrowdSec lib dependencies run: | @@ -223,6 +279,15 @@ jobs: echo $LAPI_CLIENT_VERSION exit 1 fi + CAPI_CLIENT_VERSION=$(ddev composer show crowdsec/capi-client --working-dir ./${{env.EXTENSION_PATH}} | grep -oP "versions : \* \K(.*)") + if [[ $CAPI_CLIENT_VERSION == "dev-${{ steps.set-capi-client-data.outputs.branch }}" ]] + then + echo "CAPI_CLIENT_VERSION COMPARISON OK" + else + echo "CAPI_CLIENT_VERSION COMPARISON KO" + echo $CAPI_CLIENT_VERSION + exit 1 + fi REMEDIATION_ENGINE_VERSION=$(ddev composer show crowdsec/remediation-engine --working-dir ./${{env.EXTENSION_PATH}} | grep -oP "versions : \* \K(.*)") if [[ $REMEDIATION_ENGINE_VERSION == "dev-${{ steps.set-remediation-engine-data.outputs.branch }}" ]] then diff --git a/.github/workflows/sdk-chain-tests.yml b/.github/workflows/sdk-chain-tests.yml index 9aa7dec..4c2c32a 100644 --- a/.github/workflows/sdk-chain-tests.yml +++ b/.github/workflows/sdk-chain-tests.yml @@ -1,9 +1,4 @@ name: SDK chain tests -# To test all the SDK chain, we run Standalone Bouncer tests, as it depends on: -# - PHP Bouncer Lib -# - Remediation Engine Lib -# - LAPI client lib -# - PHP common lib on: push: @@ -23,9 +18,10 @@ jobs: test-standalone-bouncer: name: Run Standalone Bouncer tests if: ${{ !contains(github.event.head_commit.message, 'chore(') }} - uses: crowdsecurity/cs-standalone-php-bouncer/.github/workflows/php-sdk-development-tests.yml@736a2971d93dc6a7e9dc3a73051986b8f7e0b41a + uses: crowdsecurity/cs-standalone-php-bouncer/.github/workflows/php-sdk-development-tests.yml@21a85d5696ba607e2028330c4ddda4b5e361547a with: php_common_json: '["main"]' lapi_client_json: '["main"]' + capi_client_json: '["main"]' remediation_engine_json: '["main"]' bouncer_lib_json: '["${{ github.ref_name }}"]'