Merge pull request #2 from crowdsecurity/feature/setup

Feature/setup
crowdsecurity · Dec 3, 2020 · 6ce4661 · 6ce4661
2 parents 709f28c + ec1431f
commit 6ce4661
Show file tree

Hide file tree

Showing 40 changed files with 6,421 additions and 2 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,7 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
diff --git a/.github/workflows/superlinter.yml b/.github/workflows/superlinter.yml
@@ -0,0 +1,43 @@
+name: Super-Linter
+
+on:
+    push:
+    pull_request:
+
+jobs:
+  super-lint:
+    name: Lint code base
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Get Composer Cache Directory
+        id: composer-cache
+        run: |
+          echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Cache Composer Downloads
+        uses: actions/cache@v2
+        with:
+          path: vendor/
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+        
+      - name: Cache PHP dependencies
+        uses: actions/cache@v2
+        with:
+          path: vendor
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+
+      - name: Install PHP dependencies
+        uses: php-actions/composer@v4
+
+      - name: Run Super-Linter
+        uses: github/super-linter@v3
+        env:
+          FILTER_REGEX_INCLUDE: /tmp/lint/src/.*
+          DEFAULT_BRANCH: main
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -0,0 +1,100 @@
+name: Tests
+
+on:
+    pull_request:
+#    push: TODO P3 No tests on push because it causes an unresolved bug (no space left on device). This Smell a race condition.
+
+jobs:
+
+    integration:
+        name: Integration
+        runs-on: ubuntu-latest
+
+        strategy:
+            matrix:
+                php: ['7.2', '7.3', '7.4']
+                # TODO P2 PHP 8 Compatibility: Fix: Error: Class "Memcached" not found (https://github.com/crowdsecurity/php-cs-bouncer/runs/1491476055?check_suite_focus=true)
+
+        services:
+            redis:
+                image: redis:6.0.0
+                ports:
+                    - 6379:6379
+            memcached:
+                image: memcached:1.6.5
+                ports:
+                    - 11211:11211
+
+        steps:
+            -   name: Checkout
+                uses: actions/checkout@v2
+
+                # In this step, this action saves a list of existing images,
+                # the cache is created without them in the post run.
+                # It also restores the cache if it exists.
+            -   uses: satackey/[email protected]
+                # Ignore the failure of a step and avoid terminating the job.
+                continue-on-error: true
+
+            -   name: Checkout Crowdsec
+                uses: actions/checkout@v2
+                with:
+                    repository: crowdsecurity/crowdsec
+                    ref: v1.0.0-rc4
+                    path: ./var/.tmp-crowdsec
+
+            -   name: Build Crowdsec 1.0.0 (RC4) Docker image
+                run: docker build -t crowdsec:v1.0.0-rc4 ./var/.tmp-crowdsec
+
+            -   name: Run the crowdsec container
+                run: docker run -d --name crowdsec -p 8080:8080 -e "DISABLE_AGENT=true" crowdsec:v1.0.0-rc4
+
+            -   name: Add a bouncer to run phpunit tests
+                run: docker exec crowdsec cscli bouncers add bouncer-php-library -o raw > .bouncer-key
+
+            # TODO P2 Move values to env vars
+            -   name: Add a machine to pilot crowdsec state
+                run: docker exec crowdsec cscli machines add PhpUnitTestMachine --password PhpUnitTestMachinePassword
+
+            -   name: Setup PHP
+                uses: shivammathur/setup-php@v2
+                with:
+                    coverage: "none"
+                    extensions: "json,memcached,redis,xsl,ldap"
+                    ini-values: "memory_limit=-1"
+                    php-version: "${{ matrix.php }}"
+                    tools: pecl
+
+            -   name: Display versions
+                run: |
+                    php -r 'foreach (get_loaded_extensions() as $extension) echo $extension . " " . phpversion($extension) . PHP_EOL;'
+                    php -i
+
+            -   name: Get Composer Cache Directory
+                id: composer-cache
+                run: |
+                    echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+            -   name: Cache Composer Downloads
+                uses: actions/cache@v2
+                with:
+                    path: vendor/
+                    key: ${{ runner.os }}-${{ matrix.php }}-composer-${{ hashFiles('**/composer.lock') }}
+                    restore-keys: |
+                        ${{ runner.os }}-${{ matrix.php }}-composer-${{ hashFiles('**/composer.lock') }}
+                
+            -   name: Cache PHP dependencies
+                uses: actions/cache@v2
+                with:
+                    path: vendor
+                    key: ${{ runner.os }}-${{ matrix.php }}-composer-${{ hashFiles('**/composer.lock') }}
+
+            -   name: Install PHP dependencies
+                uses: php-actions/composer@v4
+
+            -   name: Run tests
+                run: ./vendor/bin/phpunit --testdox --colors --exclude-group ignore --group integration -v tests/IpVerificationTest.php
+                env:
+                    LAPI_URL: http://localhost:8080
+                    MEMCACHED_DSN: memcached://localhost:11211
+                    REDIS_DSN: redis://localhost:6379
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,12 @@
+# Composer
+/vendor/
+
+# Systems
+.DS_Store
+
+# App
+/var/
+.bouncer-key
+.phpdoc
+TODO.md
+.php_cs.cache
diff --git a/.php_cs b/.php_cs
@@ -0,0 +1,25 @@
+<?php
+
+if (!file_exists(__DIR__.'/src')) {
+    exit(0);
+}
+
+return PhpCsFixer\Config::create()
+    ->setRules([
+        '@Symfony' => true,
+        '@Symfony:risky' => true,
+        '@PHPUnit75Migration:risky' => true,
+        'php_unit_dedicate_assert' => ['target' => '5.6'],
+        'array_syntax' => ['syntax' => 'short'],
+        'fopen_flags' => false,
+        'protected_to_private' => false,
+        'native_constant_invocation' => true,
+        'combine_nested_dirname' => true,
+        'list_syntax' => ['syntax' => 'short'],
+    ])
+    ->setRiskyAllowed(true)
+    ->setFinder(
+        PhpCsFixer\Finder::create()
+            ->in(__DIR__.'/src')
+    )
+;
diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@ The official PHP client for the CrowdSec APIs (LAPI or CAPI).
 
 This client helps to create CrowdSec bouncers for PHP applications or frameworks (e-commerce, blog, other apps...).
 
-## Getting started!
+## Getting started
 
 View `docs/getting-started.md` to learn how to include this library in your project.
 
@@ -16,4 +16,30 @@ You will find the full documenation here: (...) TODO P2
 
 # Licence
 
-MIT License. Details in the `./LICENSE` file.
+MIT License. Details in the `./LICENSE` file.
+
+# TODO
+
+Features:
+- [x] Fast API client
+- [x] LAPI Support
+- [x] Built-in support for the most known cache systems: Redis, Memcached, PhpFiles
+- [x] Rupture mode
+- [ ] Stream mode (alpha version)
+- [ ] Cap remediation level (ex: for sensitives websites: ban will be capped to captcha)
+- [ ] Direct CAPI support
+- [ ] Log events using monolog
+- [ ] PHP 5.6 retro compatibility (currenly PHP 7.2+)
+- [ ] Retrieve cache items with pagination
+- [ ] Release 1.0.0 version
+- [ ] Support more cache systems (Apcu, Couchbase, Doctrine, Pdo)
+
+Code:
+- [x] Docker dev environment (Dockerized Crowdsec, Redis, Memcached, Composer, PHPUnit)
+- [x] Continuous Integration (CI, includes Integration Tests and Super Linter)
+- [x] Integration tests (with TDD)
+- [x] Documented (Static documentation, PHP Doc)
+- [ ] Continuous Delivery (CD)
+- [ ] Load tests (compare performances)
+- [ ] Report Code coverage
+- [ ] Setup Xdebug environment
diff --git a/composer.json b/composer.json
@@ -0,0 +1,27 @@
+{
+    "name": "crowdsec/bouncer-php-library",
+    "description": "The official PHP client for the CrowdSec LAPI/CAPI",
+    "type": "library",
+    "license": "MIT License",
+    "minimum-stability": "stable",
+    "autoload": {
+        "psr-4": {
+            "CrowdSecBouncer\\": "src/"
+        }
+    },
+    "require-dev": {
+        "symfony/var-dumper": "^5.1",
+        "phpunit/phpunit": "^8.5",
+        "predis/predis": "^1.1",
+        "friendsofphp/php-cs-fixer": "^2.16",
+        "phpstan/phpstan": "^0.12.58"
+    },
+    "require": {
+        "symfony/config": "^5.1",
+        "symfony/cache": "^5.1"
+    },
+    "scripts": {
+        "lintfix":"vendor/bin/php-cs-fixer fix --verbose --show-progress=estimating --config=.php_cs ./src",
+        "phpstan":"vendor/bin/phpstan analyse"
+    }
+}