Readme update (badges + description)

.github/workflows/dockerimage.yml

@@ -70,41 +70,52 @@ jobs:
       #- name: Database Check
       #  run: docker-compose exec -T php bin/console doctrine:schema:validate
       - name: Security Checks
-        run: docker-compose exec -T php composer req sensiolabs/security-checker
+        run: |
+          curl -L -sS --output local-php-security-checker https://github.com/fabpot/local-php-security-checker/releases/download/v1.0.0/local-php-security-checker_1.0.0_linux_amd64
+          chmod +x ./local-php-security-checker
+          ./local-php-security-checker --path ./api/composer.lock
+
+      - uses: codecov/codecov-action@v1
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
+          name: codecov-umbrella
+          fail_ci_if_error: true
+          verbose: true
       #- name: Run Postman Tests
       #  if: contains( github.ref, 'master' ) == false && contains( github.base_ref, 'master' ) == false
       #  run: newman run api/public/schema/*.postman_collection.json
-      #            - name: Add docker tags
-      #              if: github.ref == 'refs/heads/master'
-      #              run: |
-      #                  images=$(docker-compose images -q | xargs docker inspect --format='{{ index .RepoTags 0}}' | cut -d':' -f1 | grep $APP_NAME_TECHNICAL)
-      #                  for image in $images
-      #                  do
-      #                    docker tag "${image}":latest "${image}":"${APP_BUILD}"
-      #                  done
-      #                  echo 'IMAGES=$images' >> $GITHUB_ENV
+      - name: Add docker tags
+        if: github.ref == 'refs/heads/master'
+        run: |
+          images=$(docker-compose images -q | xargs docker inspect --format='{{ index .RepoTags 0}}' | cut -d':' -f1 | grep $APP_NAME)
+          for image in $images
+          do
+            docker tag "${image}":latest "${image}":"${APP_BUILD}"
+          done
+          echo 'IMAGES=$images' >> $GITHUB_ENV
       - name: Show all images
         run: docker images
-      - name: Login to DockerHub Registry
-        id: dockerhub-login
+      - name: Login to Container Registry
+        id: containerregistry-login
         run: |
-          if [ "${{ secrets.DOCKERHUB_PASSWORD }}" != "" ] && [ "${{ secrets.DOCKERHUB_USERNAME }}" != "" ]; then
-            echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
-            echo "##[set-output name=success;]true"
-          else
-            echo "##[set-output name=success;]false"
-          fi
-      - if: steps.dockerhub-login.outputs.success == 'true' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/development')
-        name: Push to docker hub
+         if [ "${{ secrets.GITHUB_TOKEN }}" != "" ]; then
+           echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $(cut -d'/' -f1 <<< $GITHUB_REPOSITORY) --password-stdin
+           echo "##[set-output name=success;]true"
+         else
+           echo "##[set-output name=success;]false"
+         fi
+      - if: steps.containerregistry-login.outputs.success == 'true' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/development')
+        name: Push to Container Registry
         run: docker-compose push
-      #            - if: steps.dockerhub-login.outputs.success == 'true' && github.ref == 'refs/heads/master'
-      #              name: Push versioned containers to Docker Hub
-      #              run: |
-      #                  images=$(docker-compose images -q | xargs docker inspect --format='{{ index .RepoTags 0}}' | cut -d':' -f1 | grep $APP_NAME)
-      #                  for image in $images
-      #                  do
-      #                    docker push "${image}":"${APP_BUILD}"
-      #                  done
+
+      - if: steps.containerregistry-login.outputs.success == 'true' && github.ref == 'refs/heads/master'
+        name: Push versioned containers to Container Registry
+        run: |
+          images=$(docker-compose images -q | xargs docker inspect --format='{{ index .RepoTags 0}}' | cut -d':' -f1 | grep $APP_NAME)
+          for image in $images
+          do
+            docker push "${image}":"${APP_BUILD}"
+          done
       - name: Create kube config
         id: kubeconfig
         if: contains( github.ref, 'development' )
@@ -115,6 +126,18 @@ jobs:
           else
             echo "##[set-output name=success]false"
           fi
+      - name: Rollout new containers
+        if: (contains( github.ref, 'development' )) && steps.kubeconfig.outputs.success == 'true' && success()
+        run: |
+          kubectl rollout restart deployment/$APP_NAME-php --kubeconfig="kubeconfig.yaml"  --namespace=$APP_ENV
+          kubectl rollout restart deployment/$APP_NAME-nginx --kubeconfig="kubeconfig.yaml"  --namespace=$APP_ENV
+          kubectl rollout restart deployment/$APP_NAME-varnish --kubeconfig="kubeconfig.yaml"  --namespace=$APP_ENV
+      #            - name: Export release code
+      #              if: (success() || failure())
+      #              id: releasecode
+      #              run: |
+      #                  export RELEASE=$APP_BUILD-$(git rev-parse --short $GITHUB_SHA)
+      #                  echo "##[set-output name=releasename]$RELEASE"
       - name: Print release name
         if: (success() || failure())
         run: echo $RELEASENAME

api/.bettercodehub.yml

@@ -0,0 +1,25 @@
+component_depth: 3
+languages:
+    - php
+exclude:
+    - /nlx-setup/.*
+    - /resources/.*
+    - /api/bin/.*
+    - /api/config/.*
+    - /api/docker/.*
+    - /api/docs/.*
+    - /api/helm/.*
+    - /api/migrations/.*
+    - /api/nlx-setup/.*
+    - /api/public/.*
+    - /api/templates/.*
+    - /api/translations/.*
+    - /api/var/.*
+    - /api/vendor/.*
+    - /api/src/Entity/.*
+    - /api/src/DataFixtures/.*
+    - /api/src/Repository/.*
+    - /api/src/Kernel.php
+test:
+    include:
+        - /api/tests/TrouwServiceTest.php

api/.env.test

@@ -0,0 +1,6 @@
+# define your env variables for the test env here
+KERNEL_CLASS='App\Kernel'
+APP_SECRET='$ecretf0rt3st'
+SYMFONY_DEPRECATIONS_HELPER=999999
+PANTHER_APP_ENV=panther
+PANTHER_ERROR_SCREENSHOT_DIR=./var/error-screenshots

api/.gitignore

@@ -13,3 +13,13 @@
 /.php_cs
 /.php_cs.cache
 ###< friendsofphp/php-cs-fixer ###
+
+###> phpunit/phpunit ###
+/phpunit.xml
+.phpunit.result.cache
+###< phpunit/phpunit ###
+
+###> symfony/phpunit-bridge ###
+.phpunit.result.cache
+/phpunit.xml
+###< symfony/phpunit-bridge ###

api/Dockerfile

@@ -39,6 +39,11 @@ COPY src src/
 COPY templates templates/
 COPY translations translations/
 
+RUN apk add --no-cache $PHPIZE_DEPS \
+    && pecl install xdebug-2.9.2 \
+    && docker-php-ext-enable xdebug;\
+    echo -e "xdebug.overload_var_dump=off" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini
+
 RUN set -eux; \
 	mkdir -p var/cache var/log; \
 	composer dump-autoload --classmap-authoritative --no-dev; \
@@ -53,50 +58,24 @@ RUN chmod +x /usr/local/bin/docker-entrypoint
 ENTRYPOINT ["docker-entrypoint"]
 CMD ["php-fpm"]
 
-#############################
-# 		"nginx" stage 		#
-#############################
-# depends on the "php" stage above, and with an litle bit of help from https://github.com/shiphp/nginx-env
-FROM conduction/pc-nginx:prod AS api_platform_nginx
 
-# Due to our config we need a copy of the public folder for serving static content
-COPY docker/nginx/conf.d/default.conf.template /etc/nginx/conf.d/default.conf
-WORKDIR /srv/api
-COPY --from=api_platform_php /srv/api/public public/
-
-#############################
-# 		"varnish" stage 	#
-#############################
-# does not depend on any of the above stages, but placed here to keep everything in one Dockerfile
-FROM conduction/pc-varnish:prod AS api_platform_varnish
-
-COPY docker/varnish/conf/default.vcl /etc/varnish/conf.d/
-# Lets install envsubst
-#RUN apk --no-cache add gettext
-
-#COPY docker/varnish/conf /usr/local/etc/varnish/
-
-#RUN envsubst '$PHP_SERVICE' < /usr/local/etc/varnish/default.vcl.template > /usr/local/etc/varnish/default.vcl
-
-# Lets parse the toml file
-# RUN envsubst < /usr/local/etc/varnish/default.vcl.template > /usr/local/etc/varnish/default.vcl
 
 #############################
 # 		NLX Outway	 		#
 #############################
 # does not depend on any of the above stages, but placed here to keep everything in one Dockerfile
-FROM nlxio/outway AS api-nlx-outway
-
-COPY nlx-setup /certs/
+#FROM nlxio/outway AS api-nlx-outway
+#
+#COPY nlx-setup /certs/
 
 #############################
 # 		NLX Inway	 		#
 #############################
 # depends on the "php" stage above
-FROM nlxio/inway AS api-nlx-inway
-
-COPY nlx-setup /certs/
-COPY nlx-setup/service-config.toml.template /service-config.toml.template
+#FROM nlxio/inway AS api-nlx-inway
+#
+#COPY nlx-setup /certs/
+#COPY nlx-setup/service-config.toml.template /service-config.toml.template
 
 # Lets install envsubst
 #RUN apk --no-cache add gettext

api/Dockerfile-nginx

@@ -0,0 +1,13 @@
+#############################
+# 		"nginx" stage 		#
+#############################
+# depends on the "php" stage above, and with an litle bit of help from https://github.com/shiphp/nginx-env
+FROM nginx:latest AS api_platform_nginx
+
+# Due to our config we need a copy of the public folder for serving static content
+COPY docker/nginx/conf.d/default.conf.template /etc/nginx/templates/default.conf.template
+WORKDIR /srv/api
+COPY public public/
+
+RUN apt update; \
+  apt upgrade -y

api/bin/phpunit

@@ -0,0 +1,19 @@
+#!/usr/bin/env php
+<?php
+
+if (!ini_get('date.timezone')) {
+    ini_set('date.timezone', 'UTC');
+}
+
+if (is_file(dirname(__DIR__).'/vendor/phpunit/phpunit/phpunit')) {
+    define('PHPUNIT_COMPOSER_INSTALL', dirname(__DIR__).'/vendor/autoload.php');
+    require PHPUNIT_COMPOSER_INSTALL;
+    PHPUnit\TextUI\Command::main();
+} else {
+    if (!is_file(dirname(__DIR__).'/vendor/symfony/phpunit-bridge/bin/simple-phpunit.php')) {
+        echo "Unable to find the `simple-phpunit.php` script in `vendor/symfony/phpunit-bridge/bin/`.\n";
+        exit(1);
+    }
+
+    require dirname(__DIR__).'/vendor/symfony/phpunit-bridge/bin/simple-phpunit.php';
+}

api/composer.json

@@ -6,25 +6,32 @@
         "ext-ctype": "*",
         "ext-iconv": "*",
         "api-platform/api-pack": "^1.1",
-        "conduction/commongroundbundle": "dev-symfony51",
-        "phpdocumentor/reflection-docblock": "^4.3",
+        "conduction/commongroundbundle": "^2.*-dev",
+        "phpdocumentor/reflection-docblock": "^5.1",
         "sensio/framework-extra-bundle": "^5.5",
         "sensiolabs/security-checker": "^6.0",
-        "symfony/asset": "5.1.*",
-        "symfony/console": "5.1.*",
-        "symfony/dotenv": "5.1.*",
+        "symfony/asset": "^5.1",
+        "symfony/console": "5.1",
+        "symfony/dotenv": "^5.1",
         "symfony/flex": "^1.1",
-        "symfony/framework-bundle": "5.1.*",
+        "symfony/framework-bundle": "^5.1",
         "symfony/mercure-bundle": "*",
-        "symfony/property-access": "5.1.*",
-        "symfony/translation": "5.1.*",
-        "symfony/yaml": "5.1.*",
+        "symfony/property-access": "^5.1",
+        "symfony/translation": "^5.1",
+        "symfony/yaml": "^5.1",
         "tbbc/money-bundle": "^4.0",
         "webonyx/graphql-php": "^0.13.8"
     },
     "require-dev" : {
         "api-platform/schema-generator": "^2.1",
+        "phar-io/manifest": "^2.0.1",
+        "phar-io/version": "^3.0.1",
+        "phpspec/prophecy": "^1.11.1",
+        "phpunit/php-code-coverage": "^9",
+        "phpunit/phpunit": "^9.3",
+        "sebastian/global-state": "^5.0",
         "symfony/maker-bundle": "^1.11",
+        "symfony/phpunit-bridge": "^5.1",
         "symfony/profiler-pack": "^1.0"
     },
     "config" : {