From cba3fa7f1811601b76259c0742e2e50ba2410468 Mon Sep 17 00:00:00 2001 From: Julien Loizelet Date: Fri, 24 Mar 2023 15:57:08 +0900 Subject: [PATCH 1/2] test(*): Use ddev add-ons --- .github/workflows/coding-standards.yml | 52 +++++++------- .github/workflows/test-suite.yml | 71 +++++++++--------- composer.json | 2 +- docs/DEVELOPER.md | 88 +++++++++++------------ scripts/public/geolocation-test.php | 4 +- tests/Integration/IpVerificationTest.php | 5 +- tests/end-to-end/__scripts__/run-tests.sh | 12 ++-- tests/end-to-end/__scripts__/test-init.sh | 2 +- tests/end-to-end/settings/base.php.dist | 2 +- tests/end-to-end/utils/constants.js | 2 +- tests/end-to-end/utils/helpers.js | 4 +- 11 files changed, 125 insertions(+), 119 deletions(-) diff --git a/.github/workflows/coding-standards.yml b/.github/workflows/coding-standards.yml index 0ff1e67..95460a4 100644 --- a/.github/workflows/coding-standards.yml +++ b/.github/workflows/coding-standards.yml @@ -12,6 +12,13 @@ on: description: Generate PHPUNIT Code Coverage report default: false +permissions: + contents: read + +env: + # Allow ddev get to use a GitHub token to prevent rate limiting by tests + DDEV_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + jobs: coding-standards: strategy: @@ -23,38 +30,33 @@ jobs: runs-on: ubuntu-latest if: ${{ !contains(github.event.head_commit.message, 'chore(') }} env: - EXTENSION_PATH: "my-own-modules/crowdsec-php-lib" + EXTENSION_PATH: "my-code/crowdsec-bouncer-lib" steps: - - name: Clone DDEV files - uses: actions/checkout@v3 - with: - path: .ddev - repository: julienloizelet/ddev-php - ref: "main" - name: Install DDEV - env: - DDEV_VERSION: v1.21.4 + # @see https://ddev.readthedocs.io/en/stable/#installationupgrade-script-linux-and-macos-armarm64-and-amd64-architectures run: | - # @see https://ddev.readthedocs.io/en/stable/#installationupgrade-script-linux-and-macos-armarm64-and-amd64-architectures - sudo apt-get -qq update - sudo apt-get -qq -y install libnss3-tools - curl -LO https://raw.githubusercontent.com/drud/ddev/master/scripts/install_ddev.sh - bash install_ddev.sh ${{env.DDEV_VERSION}} + curl -fsSL https://apt.fury.io/drud/gpg.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/ddev.gpg > /dev/null + echo "deb [signed-by=/etc/apt/trusted.gpg.d/ddev.gpg] https://apt.fury.io/drud/ * *" | sudo tee /etc/apt/sources.list.d/ddev.list + sudo apt-get -q update + sudo apt-get -q -y install libnss3-tools ddev + mkcert -install ddev config global --instrumentation-opt-in=false --omit-containers=dba,ddev-ssh-agent - rm install_ddev.sh - - name: Set PHP_VERSION_CODE env - # used in some directory path and conventional file naming - # Example : 7.4 => 74 - run: | - echo "PHP_VERSION_CODE=$(echo php${{ matrix.php-version }} | sed 's/\.//g' )" >> $GITHUB_ENV + - name: Create empty PHP DDEV project + run: ddev config --project-type=php --project-name=crowdsec-bouncer-lib --php-version=${{ matrix.php-version }} + - name: Add Redis, Memcached and Crowdsec + run: | + ddev get ddev/ddev-redis + ddev get ddev/ddev-memcached + # override redis.conf + ddev get julienloizelet/ddev-tools + ddev get julienloizelet/ddev-crowdsec-php - - name: Start DDEV with PHP ${{ matrix.php-version }} + - name: Start DDEV run: | - cp .ddev/config_overrides/config.${{ env.PHP_VERSION_CODE }}.yaml .ddev/config.${{ env.PHP_VERSION_CODE }}.yaml ddev start - name: Some DEBUG information @@ -66,7 +68,7 @@ jobs: - name: Clone PHP lib Crowdsec files uses: actions/checkout@v3 with: - path: my-own-modules/crowdsec-php-lib + path: my-code/crowdsec-bouncer-lib - name: Install CrowdSec lib dependencies run: ddev composer update --working-dir ./${{env.EXTENSION_PATH}} @@ -89,10 +91,8 @@ jobs: - name: Prepare for Code Coverage if: github.event.inputs.coverage_report == 'true' run: | - cp .ddev/additional_docker_compose/docker-compose.crowdsec.yaml .ddev/docker-compose.crowdsec.yaml mkdir ${{ github.workspace }}/cfssl - cp -r .ddev/custom_files/crowdsec/cfssl/* ${{ github.workspace }}/cfssl - ddev restart + cp -r .ddev/okaeli-add-on/custom_files/crowdsec/cfssl/* ${{ github.workspace }}/cfssl ddev maxmind-download DEFAULT GeoLite2-City /var/www/html/${{env.EXTENSION_PATH}}/tests ddev maxmind-download DEFAULT GeoLite2-Country /var/www/html/${{env.EXTENSION_PATH}}/tests cd ${{env.EXTENSION_PATH}}/tests diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml index 2c3ec46..dae335d 100644 --- a/.github/workflows/test-suite.yml +++ b/.github/workflows/test-suite.yml @@ -7,6 +7,13 @@ on: - '**.md' workflow_dispatch: +permissions: + contents: read + +env: + # Allow ddev get to use a GitHub token to prevent rate limiting by tests + DDEV_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + jobs: test-suite: strategy: @@ -18,46 +25,42 @@ jobs: runs-on: ubuntu-latest if: ${{ !contains(github.event.head_commit.message, 'chore(') }} env: - EXTENSION_PATH: "my-own-modules/crowdsec-php-lib" + EXTENSION_PATH: "my-code/crowdsec-bouncer-lib" + DDEV_PROJECT: "crowdsec-bouncer-lib" JP_TEST_IP: "210.249.74.42" IPV6_TEST_IP: "2001:0db8:0000:85a3:0000:0000:ac1f:8001" IPV6_TEST_PROXY_IP: "2345:0425:2CA1:0000:0000:0567:5673:23b5" steps: - - name: Clone DDEV files - uses: actions/checkout@v3 - with: - path: .ddev - repository: julienloizelet/ddev-php - ref: "main" - - name: Install DDEV - env: - DDEV_VERSION: v1.21.4 + # @see https://ddev.readthedocs.io/en/stable/#installationupgrade-script-linux-and-macos-armarm64-and-amd64-architectures run: | - # @see https://ddev.readthedocs.io/en/stable/#installationupgrade-script-linux-and-macos-armarm64-and-amd64-architectures - sudo apt-get -qq update - sudo apt-get -qq -y install libnss3-tools - curl -LO https://raw.githubusercontent.com/drud/ddev/master/scripts/install_ddev.sh - bash install_ddev.sh ${{env.DDEV_VERSION}} + curl -fsSL https://apt.fury.io/drud/gpg.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/ddev.gpg > /dev/null + echo "deb [signed-by=/etc/apt/trusted.gpg.d/ddev.gpg] https://apt.fury.io/drud/ * *" | sudo tee /etc/apt/sources.list.d/ddev.list + sudo apt-get -q update + sudo apt-get -q -y install libnss3-tools ddev + mkcert -install ddev config global --instrumentation-opt-in=false --omit-containers=dba,ddev-ssh-agent - rm install_ddev.sh - - name: Set PHP_VERSION_CODE env - # used in some directory path and conventional file naming - # Example : 7.4 => 74 + - name: Create empty PHP DDEV project + run: ddev config --project-type=php --project-name=${{env.DDEV_PROJECT}} --php-version=${{ matrix.php-version }} + + - name: Add Redis, Memcached and Crowdsec run: | - echo "PHP_VERSION_CODE=$(echo php${{ matrix.php-version }} | sed 's/\.//g' )" >> $GITHUB_ENV + ddev get ddev/ddev-redis + ddev get ddev/ddev-memcached + # override redis.conf + ddev get julienloizelet/ddev-tools + ddev get julienloizelet/ddev-crowdsec-php + ddev get julienloizelet/ddev-playwright + + - name: Start DDEV + run: | + ddev start - name: Start DDEV with PHP ${{ matrix.php-version }} - run: | - cp .ddev/config_overrides/config.${{ env.PHP_VERSION_CODE }}.yaml .ddev/config.${{ env.PHP_VERSION_CODE }}.yaml - cp .ddev/additional_docker_compose/docker-compose.crowdsec.yaml .ddev/docker-compose.crowdsec.yaml - cp .ddev/additional_docker_compose/docker-compose.playwright.yaml .ddev/docker-compose.playwright.yaml - mkdir ${{ github.workspace }}/cfssl - cp -r .ddev/custom_files/crowdsec/cfssl/* ${{ github.workspace }}/cfssl - ddev start + run: ddev start - name: Set BOUNCER_KEY and PROXY_IP env run: | @@ -74,7 +77,7 @@ jobs: - name: Clone PHP lib Crowdsec files uses: actions/checkout@v3 with: - path: my-own-modules/crowdsec-php-lib + path: my-code/crowdsec-bouncer-lib - name: Validate composer.json run: ddev composer validate --strict --working-dir ./${{env.EXTENSION_PATH}} @@ -89,6 +92,8 @@ jobs: - name: Prepare PHP Integration and end-to-end tests run: | + mkdir ${{ github.workspace }}/cfssl + cp -r .ddev/okaeli-add-on/custom_files/crowdsec/cfssl/* ${{ github.workspace }}/cfssl ddev maxmind-download DEFAULT GeoLite2-City /var/www/html/${{env.EXTENSION_PATH}}/tests ddev maxmind-download DEFAULT GeoLite2-Country /var/www/html/${{env.EXTENSION_PATH}}/tests cd ${{env.EXTENSION_PATH}}/tests @@ -121,7 +126,7 @@ jobs: - name: Prepare Standalone Bouncer end-to-end tests run: | cd ${{ github.workspace }}/.ddev - ddev nginx-config custom_files/crowdsec-prepend-nginx-site.conf + ddev nginx-config okaeli-add-on/native/custom_files/crowdsec/crowdsec-prepend-nginx-site.conf cd ${{ github.workspace }} cp ${{env.EXTENSION_PATH}}/tests/end-to-end/settings/base.php.dist crowdsec-lib-settings.php sed -i -e 's/REPLACE_API_KEY/${{ env.BOUNCER_KEY }}/g' crowdsec-lib-settings.php @@ -137,10 +142,10 @@ jobs: - name: Verify auto_prepend_file directive run: | cd ${{ github.workspace }} - cp .ddev/custom_files/phpinfo.php ${{env.EXTENSION_PATH}}/scripts/public/phpinfo.php - curl -v https://${{ env.PHP_VERSION_CODE }}.ddev.site/${{env.EXTENSION_PATH}}/scripts/public/phpinfo.php - PREPENDVERIF=$(curl https://${{ env.PHP_VERSION_CODE }}.ddev.site/${{env.EXTENSION_PATH}}/scripts/public/phpinfo.php | grep -o -E "auto_prepend_file=(.*)php(.*)" | sed 's/<\/tr>//g; s/<\/td>//g;' | tr '\n' '#') - if [[ $PREPENDVERIF == "auto_prepend_file=/var/www/html/${{env.EXTENSION_PATH}}/scripts/auto-prepend/bounce.php#auto_prepend_file=/var/www/html/my-own-modules/crowdsec-php-lib/scripts/auto-prepend/bounce.php#" ]] + cp .ddev/okaeli-add-on/common/custom_files/phpinfo.php ${{env.EXTENSION_PATH}}/scripts/public/phpinfo.php + curl -v https://${{env.DDEV_PROJECT}}.ddev.site/${{env.EXTENSION_PATH}}/scripts/public/phpinfo.php + PREPENDVERIF=$(curl https://${{env.DDEV_PROJECT}}.ddev.site/${{env.EXTENSION_PATH}}/scripts/public/phpinfo.php | grep -o -E "auto_prepend_file=(.*)php(.*)" | sed 's/<\/tr>//g; s/<\/td>//g;' | tr '\n' '#') + if [[ $PREPENDVERIF == "auto_prepend_file=/var/www/html/${{env.EXTENSION_PATH}}/scripts/auto-prepend/bounce.php#auto_prepend_file=/var/www/html/my-code/crowdsec-bouncer-lib/scripts/auto-prepend/bounce.php#" ]] then echo "AUTO PREPEND FILE OK" else diff --git a/composer.json b/composer.json index b27f86e..dc859e7 100644 --- a/composer.json +++ b/composer.json @@ -40,7 +40,7 @@ ], "require": { "php": ">=7.2.5", - "crowdsec/remediation-engine": "^3.0.0", + "crowdsec/remediation-engine": "^3.1.1", "symfony/config": "^4.4.27 || ^5.2 || ^6.0", "twig/twig": "^3.4.2", "gregwar/captcha": "^1.1", diff --git a/docs/DEVELOPER.md b/docs/DEVELOPER.md index 8d9cd34..a820ada 100644 --- a/docs/DEVELOPER.md +++ b/docs/DEVELOPER.md @@ -78,18 +78,18 @@ For the DDEV installation, please follow the [official instructions](https://dde The final structure of the project will look like below. ``` -php-project-sources (choose the name you want for this folder) +crowdsec-bouncer-project (choose the name you want for this folder) │ │ (your php project sources; could be a simple index.php file) │ -└───.ddev (do not change this folder name) +└───.ddev │ │ -│ │ (Cloned sources of a PHP specific ddev repo) +│ │ (DDEV files) │ -└───my-own-modules (do not change this folder name) +└───my-code (do not change this folder name) │ │ - └───crowdsec-php-lib (do not change this folder name) + └───crowdsec-bouncer-lib (do not change this folder name) │ │ (Clone of this repo) @@ -97,37 +97,32 @@ php-project-sources (choose the name you want for this folder) - Create an empty folder that will contain all necessary sources: ```bash -mkdir php-project-sources +mkdir crowdsec-bouncer-project ``` -- Create a `crowdsec-php-lib` folder with sources of this repo: +- Create a DDEV php project: ```bash -cd php-project-sources -mkdir my-own-modules && mkdir my-own-modules/crowdsec-php-lib -cd my-own-modules/crowdsec-php-lib && git clone git@github.com:crowdsecurity/php-cs-bouncer.git ./ +cd crowdsec-bouncer-project +ddev config --project-type=php --php-version=8.2 --project-name=crowdsec-bouncer-lib ``` -- Create an empty `.ddev` folder for DDEV and clone our pre-configured DDEV repo: +- Add some DDEV add-ons: ```bash -cd php-project-sources -mkdir .ddev && cd .ddev && git clone git@github.com:julienloizelet/ddev-php.git ./ +ddev get ddev/ddev-redis +ddev get ddev/ddev-memcached +ddev get julienloizelet/ddev-tools +ddev get julienloizelet/ddev-crowdsec-php ``` -- Copy some configurations file: -```bash -cd php-project-sources -cp .ddev/additional_docker_compose/docker-compose.crowdsec.yaml .ddev/docker-compose.crowdsec.yaml -cp .ddev/additional_docker_compose/docker-compose.playwright.yaml .ddev/docker-compose.playwright.yaml -``` - -By default, ddev will launch a PHP 7.2 container. If you want to work with another PHP version, copy the corresponding configuration file. For example: +- Clone this repo sources in a `my-code/crowdsec-bouncer-lib` folder: ```bash -cd php-project-sources -cp .ddev/config_overrides/config.php74.yaml .ddev/config.php74.yaml +mkdir -p my-code/crowdsec-bouncer-lib +cd my-code/crowdsec-bouncer-lib && git clone git@github.com:crowdsecurity/php-cs-bouncer.git ./ ``` + - Launch DDEV ```bash @@ -163,7 +158,7 @@ ddev create-watcher [name] [password] Run: ```bash -ddev composer update --working-dir ./my-own-modules/crowdsec-php-lib +ddev composer update --working-dir ./my-code/crowdsec-bouncer-lib ``` #### Find IP of your docker services @@ -189,7 +184,7 @@ ddev find-ip ddev-router ```bash -ddev php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit ./my-own-modules/crowdsec-php-lib/tests/Unit --testdox +ddev php ./my-code/crowdsec-bouncer-lib/vendor/bin/phpunit ./my-code/crowdsec-bouncer-lib/tests/Unit --testdox ``` #### Integration test @@ -203,9 +198,9 @@ ddev create-bouncer Then, as we use a TLS ready CrowdSec container, you have to copy some certificates and key: ```bash -cd php-project-sources +cd crowdsec-bouncer-project mkdir cfssl -cp -r ../.ddev/custom_files/crowdsec/cfssl/* cfssl +cp -r ../.ddev/okaeli-add-on/custom_files/crowdsec/cfssl/* cfssl ``` Finally, run @@ -213,7 +208,7 @@ Finally, run ```bash ddev exec BOUNCER_KEY=your-bouncer-key AGENT_TLS_PATH=/var/www/html/cfssl LAPI_URL=https://crowdsec:8080 -MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/Integration/IpVerificationTest.php +MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-code/crowdsec-bouncer-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-code/crowdsec-bouncer-lib/tests/Integration/IpVerificationTest.php ``` For geolocation Unit Test, you should first put 2 free MaxMind databases in the `tests` folder : `GeoLite2-City.mmdb` @@ -224,7 +219,7 @@ Then, you can run: ```bash ddev exec BOUNCER_KEY=your-bouncer-key AGENT_TLS_PATH=/var/www/html/cfssl LAPI_URL=https://crowdsec:8080 -MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/Integration/GeolocationTest.php +MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-code/crowdsec-bouncer-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-code/crowdsec-bouncer-lib/tests/Integration/GeolocationTest.php ``` **N.B.**: If you want to test with `curl` instead of `file_get_contents` calls to LAPI, you have to add `USE_CURL=1` in @@ -234,7 +229,7 @@ the previous commands. and specify the path where you store certificates and keys. For example: ```bash -ddev exec USE_CURL=1 AGENT_TLS_PATH=/var/www/html/cfssl BOUNCER_TLS_PATH=/var/www/html/cfssl LAPI_URL=https://crowdsec:8080 MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/Integration/IpVerificationTest.php +ddev exec USE_CURL=1 AGENT_TLS_PATH=/var/www/html/cfssl BOUNCER_TLS_PATH=/var/www/html/cfssl LAPI_URL=https://crowdsec:8080 MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-code/crowdsec-bouncer-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-code/crowdsec-bouncer-lib/tests/Integration/IpVerificationTest.php ``` @@ -253,7 +248,7 @@ With that done, every access to your ddev url (i.e. `https://phpXX.ddev.site` wh For example, you should try to browse the following url: ``` -https://phpXX.ddev.site/my-own-modules/crowdsec-php-lib/scripts/public/protected-page.php +https://phpXX.ddev.site/my-code/crowdsec-bouncer-lib/scripts/public/protected-page.php ``` #### End-to-end tests @@ -265,6 +260,11 @@ We are using a Jest/Playwright Node.js stack to launch a suite of end-to-end tes Tests code is in the `tests/end-to-end` folder. You should have to `chmod +x` the scripts you will find in `tests/end-to-end/__scripts__`. +``` +cd crowdsec-bouncer-project +cp -r .ddev/okaeli-add-on/custom_files/crowdsec/cfssl/* cfssl +``` + Then you can use the `run-test.sh` script to run the tests: - the first parameter specifies if you want to run the test on your machine (`host`) or in the @@ -293,7 +293,7 @@ yarn global add cross-env We set up some coding standards tools that you will find in the `tools/coding-standards` folder. In order to use these, you will need to work with a PHP version >= 7.4 and run first: ``` -ddev composer update --working-dir=./my-own-modules/crowdsec-php-lib/tools/coding-standards +ddev composer update --working-dir=./my-code/crowdsec-bouncer-lib/tools/coding-standards ``` ##### PHPCS Fixer @@ -302,7 +302,7 @@ We are using the [PHP Coding Standards Fixer](https://cs.symfony.com/). With dde ```bash -ddev phpcsfixer my-own-modules/crowdsec-php-lib/tools/coding-standards/php-cs-fixer ../ +ddev phpcsfixer my-code/crowdsec-bouncer-lib/tools/coding-standards/php-cs-fixer ../ ``` @@ -312,7 +312,7 @@ To use the [PHPSTAN](https://github.com/phpstan/phpstan) tool, you can run: ```bash -ddev phpstan /var/www/html/my-own-modules/crowdsec-php-lib/tools/coding-standards phpstan/phpstan.neon /var/www/html/my-own-modules/crowdsec-php-lib/src +ddev phpstan /var/www/html/my-code/crowdsec-bouncer-lib/tools/coding-standards phpstan/phpstan.neon /var/www/html/my-code/crowdsec-bouncer-lib/src ``` @@ -322,7 +322,7 @@ ddev phpstan /var/www/html/my-own-modules/crowdsec-php-lib/tools/coding-standard To use the [PHPMD](https://github.com/phpmd/phpmd) tool, you can run: ```bash -ddev phpmd ./my-own-modules/crowdsec-php-lib/tools/coding-standards phpmd/rulesets.xml ../../src +ddev phpmd ./my-code/crowdsec-bouncer-lib/tools/coding-standards phpmd/rulesets.xml ../../src ``` @@ -331,13 +331,13 @@ ddev phpmd ./my-own-modules/crowdsec-php-lib/tools/coding-standards phpmd/rulese To use [PHP Code Sniffer](https://github.com/squizlabs/PHP_CodeSniffer) tools, you can run: ```bash -ddev phpcs ./my-own-modules/crowdsec-php-lib/tools/coding-standards my-own-modules/crowdsec-php-lib/src PSR12 +ddev phpcs ./my-code/crowdsec-bouncer-lib/tools/coding-standards my-code/crowdsec-php-lib/src PSR12 ``` and: ```bash -ddev phpcbf ./my-own-modules/crowdsec-php-lib/tools/coding-standards my-own-modules/crowdsec-php-lib/src PSR12 +ddev phpcbf ./my-code/crowdsec-php-lib/tools/coding-standards my-code/crowdsec-php-lib/src PSR12 ``` @@ -346,7 +346,7 @@ ddev phpcbf ./my-own-modules/crowdsec-php-lib/tools/coding-standards my-own-mod To use [PSALM](https://github.com/vimeo/psalm) tools, you can run: ```bash -ddev psalm ./my-own-modules/crowdsec-php-lib/tools/coding-standards ./my-own-modules/crowdsec-php-lib/tools/coding-standards/psalm +ddev psalm ./my-code/crowdsec-php-lib/tools/coding-standards ./my-code/crowdsec-php-lib/tools/coding-standards/psalm ``` ##### PHP Unit Code coverage @@ -360,7 +360,7 @@ ddev xdebug To generate a html report, you can run: ```bash -ddev exec XDEBUG_MODE=coverage BOUNCER_KEY=your-bouncer-key AGENT_TLS_PATH=/var/www/html/cfssl LAPI_URL=https://crowdsec:8080 REDIS_DSN=redis://redis:6379 MEMCACHED_DSN=memcached://memcached:11211 /usr/bin/php ./my-own-modules/crowdsec-php-lib/tools/coding-standards/vendor/bin/phpunit --configuration ./my-own-modules/crowdsec-php-lib/tools/coding-standards/phpunit/phpunit.xml +ddev exec XDEBUG_MODE=coverage BOUNCER_KEY=your-bouncer-key AGENT_TLS_PATH=/var/www/html/cfssl LAPI_URL=https://crowdsec:8080 REDIS_DSN=redis://redis:6379 MEMCACHED_DSN=memcached://memcached:11211 /usr/bin/php ./my-code/crowdsec-php-lib/tools/coding-standards/vendor/bin/phpunit --configuration ./my-code/crowdsec-php-lib/tools/coding-standards/phpunit/phpunit.xml ``` @@ -371,7 +371,7 @@ If you want to generate a text report in the same folder: ```bash ddev exec XDEBUG_MODE=coverage BOUNCER_KEY=your-bouncer-key LAPI_URL=https://crowdsec:8080 -MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-own-modules/crowdsec-php-lib/tools/coding-standards/vendor/bin/phpunit --configuration ./my-own-modules/crowdsec-php-lib/tools/coding-standards/phpunit/phpunit.xml --coverage-text=./my-own-modules/crowdsec-php-lib/tools/coding-standards/phpunit/code-coverage/report.txt +MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-code/crowdsec-php-lib/tools/coding-standards/vendor/bin/phpunit --configuration ./my-code/crowdsec-php-lib/tools/coding-standards/phpunit/phpunit.xml --coverage-text=./my-code/crowdsec-php-lib/tools/coding-standards/phpunit/code-coverage/report.txt ``` #### Generate CrowdSec tools and settings on start @@ -445,7 +445,7 @@ You will find some php scripts in the `scripts` folder. To clear your LAPI cache, you can use the [`clear-php`](../scripts/clear-cache.php) script: ```bash -ddev exec php my-own-modules/crowdsec-php-lib/scripts/clear-cache.php +ddev exec php my-code/crowdsec-php-lib/scripts/clear-cache.php ``` ### Full Live mode example @@ -474,7 +474,7 @@ Try with the `standalone-check-ip-live.php` file: ```bash -ddev exec php my-own-modules/crowdsec-php-lib/scripts/standalone-check-ip-live.php 1.2.3.4 +ddev exec php my-code/crowdsec-php-lib/scripts/standalone-check-ip-live.php 1.2.3.4 ``` #### Now ban range 1.2.3.4 to 1.2.3.7 for 12h @@ -488,13 +488,13 @@ ddev exec -s crowdsec cscli decisions add --range 1.2.3.4/30 --duration 12h --ty Clear the cache: ```bash -ddev exec php my-own-modules/crowdsec-php-lib/scripts/clear-cache.php +ddev exec php my-code/crowdsec-php-lib/scripts/clear-cache.php ``` One more time, get the remediation for the IP "1.2.3.4": ```bash -ddev exec php my-own-modules/crowdsec-php-lib/scripts/standalone-check-ip-live.php 1.2.3.4 +ddev exec php my-code/crowdsec-php-lib/scripts/standalone-check-ip-live.php 1.2.3.4 ``` This is a ban (and cache miss) as you can see in your terminal logs. diff --git a/scripts/public/geolocation-test.php b/scripts/public/geolocation-test.php index 664b8b2..daaf753 100644 --- a/scripts/public/geolocation-test.php +++ b/scripts/public/geolocation-test.php @@ -21,12 +21,12 @@ 'type' => 'maxmind', 'maxmind' => [ 'database_type' => $dbType, - 'database_path' => '/var/www/html/my-own-modules/crowdsec-php-lib/tests/' . $dbName, + 'database_path' => '/var/www/html/my-code/crowdsec-bouncer-lib/tests/' . $dbName, ], ]; if ($fakeBrokenDb) { - $geolocConfig['maxmind']['database_path'] = '/var/www/html/my-own-modules/crowdsec-php-lib/tests/broken.mmdb'; + $geolocConfig['maxmind']['database_path'] = '/var/www/html/my-code/crowdsec-bouncer-lib/tests/broken.mmdb'; } $finalConfig = array_merge($crowdSecStandaloneBouncerConfig, ['geolocation' => $geolocConfig]); diff --git a/tests/Integration/IpVerificationTest.php b/tests/Integration/IpVerificationTest.php index 470c324..f29f256 100644 --- a/tests/Integration/IpVerificationTest.php +++ b/tests/Integration/IpVerificationTest.php @@ -205,11 +205,12 @@ public function testTestCacheConnexion($cacheAdapterName, $origCacheName) // Test custom error handler for Memcached if($cacheAdapterName === 'memcached'){ - $bouncer2 = new StandaloneBouncer(array_merge($this->configs, + $configs = array_merge($this->configs, [ 'cache_system'=> $cacheAdapterName, 'memcached_dsn' => 'memcached://memcached:21', - ])); + ]); + $bouncer2 = new StandaloneBouncer($configs); $error = ''; try { diff --git a/tests/end-to-end/__scripts__/run-tests.sh b/tests/end-to-end/__scripts__/run-tests.sh index 829c62a..050bc80 100755 --- a/tests/end-to-end/__scripts__/run-tests.sh +++ b/tests/end-to-end/__scripts__/run-tests.sh @@ -43,10 +43,10 @@ HOSTNAME=$(ddev exec printenv DDEV_HOSTNAME | sed 's/\r//g') PHPVERSION=$(ddev exec printenv DDEV_PROJECT | sed 's/\r//g') PHP_URL=https://$HOSTNAME PROXY_IP=$(ddev find-ip ddev-router) -BOUNCER_KEY=$(ddev exec grep "'api_key'" /var/www/html/my-own-modules/crowdsec-php-lib/scripts/auto-prepend/settings.php | tail -1 | sed 's/api_key//g' | sed -e 's|[=>,"'\'']||g' | sed s/'\s'//g) -GEOLOC_ENABLED=$(ddev exec grep -E "'enabled'.*,$" /var/www/html/my-own-modules/crowdsec-php-lib/scripts/auto-prepend/settings.php | sed 's/enabled//g' | sed -e 's|[=>,"'\'']||g' | sed s/'\s'//g) -FORCED_TEST_FORWARDED_IP=$(ddev exec grep -E "'forced_test_forwarded_ip'.*,$" /var/www/html/my-own-modules/crowdsec-php-lib/scripts/auto-prepend/settings.php | sed 's/forced_test_forwarded_ip//g' | sed -e 's|[=>,"'\'']||g' | sed s/'\s'//g) -STREAM_MODE=$(ddev exec grep -E "'stream_mode'.*,$" /var/www/html/my-own-modules/crowdsec-php-lib/scripts/auto-prepend/settings.php | sed 's/stream_mode//g' | sed -e 's|[=>,"'\'']||g' | sed s/'\s'//g) +BOUNCER_KEY=$(ddev exec grep "'api_key'" /var/www/html/my-code/crowdsec-bouncer-lib/scripts/auto-prepend/settings.php | tail -1 | sed 's/api_key//g' | sed -e 's|[=>,"'\'']||g' | sed s/'\s'//g) +GEOLOC_ENABLED=$(ddev exec grep -E "'enabled'.*,$" /var/www/html/my-code/crowdsec-bouncer-lib/scripts/auto-prepend/settings.php | sed 's/enabled//g' | sed -e 's|[=>,"'\'']||g' | sed s/'\s'//g) +FORCED_TEST_FORWARDED_IP=$(ddev exec grep -E "'forced_test_forwarded_ip'.*,$" /var/www/html/my-code/crowdsec-bouncer-lib/scripts/auto-prepend/settings.php | sed 's/forced_test_forwarded_ip//g' | sed -e 's|[=>,"'\'']||g' | sed s/'\s'//g) +STREAM_MODE=$(ddev exec grep -E "'stream_mode'.*,$" /var/www/html/my-code/crowdsec-bouncer-lib/scripts/auto-prepend/settings.php | sed 's/stream_mode//g' | sed -e 's|[=>,"'\'']||g' | sed s/'\s'//g) JEST_PARAMS="--bail=true --runInBand --verbose" # If FAIL_FAST, will exit on first individual test fail # @see CustomEnvironment.js @@ -69,7 +69,7 @@ case $TYPE in "docker") DEBUG_STRING="" - YARN_PATH="./var/www/html/my-own-modules/crowdsec-php-lib/tests/end-to-end" + YARN_PATH="./var/www/html/my-code/crowdsec-bouncer-lib/tests/end-to-end" COMMAND="ddev exec -s playwright yarn --cwd ${YARN_PATH} cross-env" LAPI_URL_FROM_PLAYWRIGHT=https://crowdsec:8080 CURRENT_IP=$(ddev find-ip playwright) @@ -81,7 +81,7 @@ case $TYPE in "ci") DEBUG_STRING="DEBUG=pw:api" - YARN_PATH="./var/www/html/my-own-modules/crowdsec-php-lib/tests/end-to-end" + YARN_PATH="./var/www/html/my-code/crowdsec-bouncer-lib/tests/end-to-end" COMMAND="ddev exec -s playwright xvfb-run --auto-servernum -- yarn --cwd ${YARN_PATH} cross-env" LAPI_URL_FROM_PLAYWRIGHT=https://crowdsec:8080 CURRENT_IP=$(ddev find-ip playwright) diff --git a/tests/end-to-end/__scripts__/test-init.sh b/tests/end-to-end/__scripts__/test-init.sh index 3576d46..fbba567 100755 --- a/tests/end-to-end/__scripts__/test-init.sh +++ b/tests/end-to-end/__scripts__/test-init.sh @@ -9,5 +9,5 @@ if ! ddev --version >/dev/null 2>&1; then exit 1 fi -ddev exec -s playwright yarn --cwd ./var/www/html/my-own-modules/crowdsec-php-lib/tests/end-to-end --force && \ +ddev exec -s playwright yarn --cwd ./var/www/html/my-code/crowdsec-bouncer-lib/tests/end-to-end --force && \ ddev exec -s playwright yarn global add cross-env diff --git a/tests/end-to-end/settings/base.php.dist b/tests/end-to-end/settings/base.php.dist index 450d755..5964ccf 100644 --- a/tests/end-to-end/settings/base.php.dist +++ b/tests/end-to-end/settings/base.php.dist @@ -40,7 +40,7 @@ $crowdSecStandaloneBouncerConfig = [ 'type' => 'maxmind', 'maxmind' => [ 'database_type' => 'country', - 'database_path' => '/var/www/html/my-own-modules/crowdsec-php-lib/tests/GeoLite2-Country.mmdb' + 'database_path' => '/var/www/html/my-code/crowdsec-bouncer-lib/tests/GeoLite2-Country.mmdb' ] ], // Settings for ban and captcha walls diff --git a/tests/end-to-end/utils/constants.js b/tests/end-to-end/utils/constants.js index ea488f5..8cb0ecb 100644 --- a/tests/end-to-end/utils/constants.js +++ b/tests/end-to-end/utils/constants.js @@ -1,7 +1,7 @@ const { PHP_URL } = process.env; const PUBLIC_URL = - "/my-own-modules/crowdsec-php-lib/scripts/public/protected-page.php"; + "/my-code/crowdsec-bouncer-lib/scripts/public/protected-page.php"; const FORCED_TEST_FORWARDED_IP = process.env.FORCED_TEST_FORWARDED_IP !== "" ? process.env.FORCED_TEST_FORWARDED_IP diff --git a/tests/end-to-end/utils/helpers.js b/tests/end-to-end/utils/helpers.js index c5ea3f9..d3601cc 100644 --- a/tests/end-to-end/utils/helpers.js +++ b/tests/end-to-end/utils/helpers.js @@ -14,7 +14,7 @@ const goToPublicPage = async (endpoint = PUBLIC_URL) => { const runCacheAction = async (actionType = "refresh", otherParams = "") => { await goToPublicPage( - `/my-own-modules/crowdsec-php-lib/scripts/public/cache-actions.php?action=${actionType}${otherParams}`, + `/my-code/crowdsec-bouncer-lib/scripts/public/cache-actions.php?action=${actionType}${otherParams}`, ); await page.waitForLoadState("networkidle"); await expect(page).not.toMatchTitle(/404/); @@ -22,7 +22,7 @@ const runCacheAction = async (actionType = "refresh", otherParams = "") => { }; const runGeolocationTest = async (ip, saveResult, brokenDb = false) => { - let url = `/my-own-modules/crowdsec-php-lib/scripts/public/geolocation-test.php?ip=${ip}`; + let url = `/my-code/crowdsec-bouncer-lib/scripts/public/geolocation-test.php?ip=${ip}`; if (saveResult) { url += "&cache-duration=120"; } From 232aaba3f984e7340c9911bf4107bdab024639c1 Mon Sep 17 00:00:00 2001 From: Julien Loizelet Date: Fri, 24 Mar 2023 17:19:23 +0900 Subject: [PATCH 2/2] feat(*): Prepare release 1.3.0 --- CHANGELOG.md | 10 ++++++++++ src/Constants.php | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1d06daf..92660e4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,16 @@ The [public API](https://semver.org/spec/v2.0.0.html#spec-item-1) of this librar --- +## [1.3.0](https://github.com/crowdsecurity/php-cs-bouncer/releases/tag/v1.3.0) - 2023-03-24 +[_Compare with previous release_](https://github.com/crowdsecurity/php-cs-bouncer/compare/v1.2.0...v1.3.0) + + +### Changed +- Use `crowdsec/remediation-engine` `^3.1.1` instead of `^3.0.0` +- Use Redis and PhpFiles cache without cache tags + +--- + ## [1.2.0](https://github.com/crowdsecurity/php-cs-bouncer/releases/tag/v1.2.0) - 2023-03-09 [_Compare with previous release_](https://github.com/crowdsecurity/php-cs-bouncer/compare/v1.1.1...v1.2.0) diff --git a/src/Constants.php b/src/Constants.php index 3f5017c..972e00f 100644 --- a/src/Constants.php +++ b/src/Constants.php @@ -39,7 +39,7 @@ class Constants extends RemConstants /** @var string Path for html templates folder (e.g. ban and captcha wall) */ public const TEMPLATES_DIR = __DIR__ . "/templates"; /** @var string The last version of this library */ - public const VERSION = 'v1.2.0'; + public const VERSION = 'v1.3.0'; /** @var string The "disabled" x-forwarded-for setting */ public const X_FORWARDED_DISABLED = 'no_forward'; }