DQA-7523: Prepare release 10.2.0

ec-europa · Jul 31, 2023 · 4d354a0 · 4d354a0
2 parents e09f7bf + 449988e
commit 4d354a0
Show file tree

Hide file tree

Showing 37 changed files with 313 additions and 108 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,14 +1,20 @@
 # Toolkit change log
 
+## Version 9.12.0 | 10.2.0
+  - DQA-7395: Replace security-checker with composer audit.
+  - DQA-6756: Create example section in the toolkit documentation.
+  - DQA-7460: Toolkit phpcs improvements.
+  - DQA-6751: Create target to check credentials.
+
 ## Version 9.11.0 | 10.1.0
-- DQA-6750: Command to check drupal permissions.
-- DQA-6750: Control blocker of drupal:check-permissions.
-- DQA-7006: Duplicated options when running toolkit:lint-php.
-- DQA-6154: Component check - remove limitation of checking drupal module only.
-- DQA-6681: Command drupal:permissions-setup should not apply permissions recursively.
-- DQA-7280: Support Drush12.
-- DQA-7333: Add aliases to commands.
-- DQA-7296: Add user-agent to the Toolkit api calls.
+  - DQA-6750: Command to check drupal permissions.
+  - DQA-6750: Control blocker of drupal:check-permissions.
+  - DQA-7006: Duplicated options when running toolkit:lint-php.
+  - DQA-6154: Component check - remove limitation of checking drupal module only.
+  - DQA-6681: Command drupal:permissions-setup should not apply permissions recursively.
+  - DQA-7280: Support Drush12.
+  - DQA-7333: Add aliases to commands.
+  - DQA-7296: Add user-agent to the Toolkit api calls.
 
 ## Version 9.10.0 | 10.0.0
   - DQA-7047: Deploy commands run drush cr as first.

diff --git a/README.md b/README.md
@@ -25,7 +25,7 @@ composer require --dev ec-europa/toolkit:^9
 - [Building assets](/docs/guide/building-assets.rst)
 - [Commands](/docs/guide/commands.rst)
 - [Git Hooks](/docs/guide/git-hooks.rst)
-- [Update Project Documentation](/docs/guide/project-documentation.rst)
+- [Toolkit Documentation](/docs/guide/toolkit-documentation.rst)
 - [Changelog](/CHANGELOG.md)
 
 To have more details about this package, please check the [full documentation](https://ec-europa.github.io/toolkit/).

diff --git a/composer.json b/composer.json
@@ -27,6 +27,7 @@
         "jakeasmith/http_build_url": "^1.0",
         "league/container": "^4.1.1",
         "mglaman/phpstan-drupal": "^1.1",
+        "pear/archive_tar": "^1.4",
         "php-parallel-lint/php-parallel-lint": "^1.3",
         "phpmd/phpmd": "^2.12",
         "phpstan/phpstan": "^1.10",

diff --git a/config/commands/gitleaks.yml b/config/commands/gitleaks.yml
@@ -0,0 +1,7 @@
+command:
+  toolkit:
+    run-gitleaks:
+      options:
+        tag: ${gitleaks.tag}
+        os: ${gitleaks.os}
+        options: ${gitleaks.options}
diff --git a/config/runner/gitleaks.yml b/config/runner/gitleaks.yml
@@ -0,0 +1,5 @@
+gitleaks:
+  repo: https://github.com/gitleaks/gitleaks
+  tag: 8.17.0
+  os: linux_x64
+  options: '--no-banner -v'
diff --git a/docs/guide/commands.rst b/docs/guide/commands.rst
@@ -62,6 +62,7 @@ See bellow current list of available commands:
    toolkit:requirements              Check the Toolkit Requirements.
    toolkit:run-blackfire             [tk-bfire|tbf] Run Blackfire.
    toolkit:run-deploy                Run deployment sequence.
+   toolkit:run-gitleaks              [tk-gitleaks] Executes the Gitleaks.
    toolkit:run-phpcbf                [tk-phpcbf] Run PHP code autofixing.
    toolkit:setup-behat               Setup the Behat file.
    toolkit:setup-blackfire-behat     Copy the needed resources to run Behat with Blackfire.

diff --git a/docs/guide/components.rst b/docs/guide/components.rst
@@ -0,0 +1,6 @@
+Components
+===================
+
+In the QA Website, you can find the components being controlled by our CI/CD.
+
+`Components <https://digit-dqa.fpfis.tech.ec.europa.eu/package-reviews>`_
diff --git a/docs/guide/how-to.rst b/docs/guide/how-to.rst
@@ -0,0 +1,7 @@
+How-to
+===================
+
+In the QA Website, you can find the How-to section that
+has practical examples on how to use Toolkit and other tools.
+
+`How-to section <https://digit-dqa.fpfis.tech.ec.europa.eu/how-to>`_
diff --git a/docs/guide/index.rst b/docs/guide/index.rst
@@ -12,6 +12,9 @@ Index
     commands
     building-assets
     git-hooks
-    project-documentation
+    toolkit-documentation
+    how-to
+    requirements
+    components
 
 .. |phpdoc| replace:: phpDocumentor
diff --git a/docs/guide/requirements.rst b/docs/guide/requirements.rst
@@ -0,0 +1,6 @@
+Requirements
+===================
+
+In the QA Website, you can find the minimum requirements enforced by our CI/CD.
+
+`Requirements <https://digit-dqa.fpfis.tech.ec.europa.eu/requirements>`_
diff --git a/docs/guide/testing-project.rst b/docs/guide/testing-project.rst
@@ -1,4 +1,3 @@
-
 Testing the project
 ===================
 

diff --git a/docs/guide/project-documentation.rst → docs/guide/toolkit-documentation.rst b/docs/guide/project-documentation.rst → docs/guide/toolkit-documentation.rst
@@ -1,4 +1,4 @@
-Update Project Documentation
+Toolkit Documentation
 ============================
 
 To generate the Toolkit documentation you can make use of the ``toolkit:generate-documentation``

diff --git a/phpcs.xml b/phpcs.xml
@@ -306,4 +306,10 @@
     <rule ref="Squiz.WhiteSpace.SemicolonSpacing"/>
     <rule ref="Squiz.WhiteSpace.SuperfluousWhitespace"/>
 
+    <rule ref="Drupal.Classes.UnusedUseStatement"/>
+    <rule ref="Drupal.Classes.FullyQualifiedNamespace"/>
+    <rule ref="Drupal.Classes.UseLeadingBackslash"/>
+    <rule ref="Drupal.Files.EndFileNewline"/>
+    <rule ref="Drupal.Commenting.DataTypeNamespace.DataTypeNamespace"/>
+
 </ruleset>
diff --git a/phpdoc.dist.xml b/phpdoc.dist.xml
@@ -9,7 +9,7 @@
     <paths>
         <output>docs</output>
     </paths>
-    <version number="10.1.0">
+    <version number="10.2.0">
         <folder>latest</folder>
         <api>
             <source dsn=".">

diff --git a/phpunit.xml.dist b/phpunit.xml.dist
@@ -68,5 +68,8 @@
         <testsuite name="Tool">
             <file>tests/Features/Commands/ToolCommandsTest.php</file>
         </testsuite>
+        <testsuite name="Gitleaks">
+            <file>tests/Features/Commands/GitleaksCommandsTest.php</file>
+        </testsuite>
     </testsuites>
 </phpunit>
diff --git a/src/Task/Command/ConfigurationCommand.php b/src/Task/Command/ConfigurationCommand.php
@@ -4,8 +4,6 @@
 
 namespace EcEuropa\Toolkit\Task\Command;
 
-use EcEuropa\Toolkit\Task\File\ReplaceBlock;
-use Robo\Collection\CollectionBuilder;
 use Robo\Common\BuilderAwareTrait;
 use Robo\Contract\BuilderAwareInterface;
 use Robo\Exception\TaskException;
@@ -97,7 +95,7 @@ public function run()
      * @param $task
      *   The task to execute.
      *
-     * @throws TaskException
+     * @throws \Robo\Exception\TaskException
      *
      * @SuppressWarnings(PHPMD.CyclomaticComplexity)
      * @SuppressWarnings(PHPMD.NPathComplexity)
@@ -207,7 +205,7 @@ protected function taskExecute($task)
                 return $taskExec;
 
             case 'replace-block':
-                /* @var ReplaceBlock $task */
+                /* @var \EcEuropa\Toolkit\Task\File\ReplaceBlock $task */
                 $replaceBlock = $this->collectionBuilder()
                     ->taskReplaceBlock($task['filename'])
                     ->start($task['start']);
@@ -247,7 +245,7 @@ public function getTasks()
      * @see \EcEuropa\Toolkit\Task\Command\ConfigurationCommand::availableTasks
      * @see \EcEuropa\Toolkit\Task\Command\ConfigurationCommand::paramDefaultValue()
      *
-     * @throws TaskException
+     * @throws \Robo\Exception\TaskException
      */
     private function validateAndEnsureParameters(&$task)
     {
@@ -295,7 +293,7 @@ private function prepareOutput($taskExec)
      * @param string $task
      *   The task being checked.
      *
-     * @throws TaskException
+     * @throws \Robo\Exception\TaskException
      */
     private function throwParamException(string $param, string $task)
     {
@@ -309,7 +307,7 @@ private function throwParamException(string $param, string $task)
      * @param string $task
      *   The task being checked.
      *
-     * @throws TaskException
+     * @throws \Robo\Exception\TaskException
      */
     private function throwInvalidTaskException(string $task)
     {

diff --git a/src/Task/File/ReplaceBlock.php b/src/Task/File/ReplaceBlock.php
@@ -84,7 +84,7 @@ public function __construct(string $filename = '')
      *
      * @return $this
      *
-     * @throws TaskException
+     * @throws \Robo\Exception\TaskException
      */
     public function filename(string $filename)
     {
@@ -154,8 +154,6 @@ public function excludeStartEnd(bool $exclude = true)
 
     /**
      * Run the task.
-     *
-     * @return Result
      */
     public function run()
     {

diff --git a/src/TaskRunner/AbstractCommands.php b/src/TaskRunner/AbstractCommands.php
@@ -8,7 +8,6 @@
 use Robo\Common\ConfigAwareTrait;
 use Robo\Contract\ConfigAwareInterface;
 use Robo\Exception\TaskException;
-use Robo\Robo;
 use Robo\Tasks;
 
 /**
@@ -41,7 +40,7 @@ public function getConfigurationFile()
      * @return string
      *   The bin path.
      *
-     * @throws TaskException
+     * @throws \Robo\Exception\TaskException
      */
     protected function getBin(string $name): string
     {
@@ -73,7 +72,7 @@ protected function getBinPath(string $name): string
      * @return string
      *   The bin path.
      *
-     * @throws TaskException
+     * @throws \Robo\Exception\TaskException
      */
     protected function getNodeBin(string $name): string
     {

diff --git a/src/TaskRunner/Commands/BuildCommands.php b/src/TaskRunner/Commands/BuildCommands.php
@@ -6,7 +6,6 @@
 
 use EcEuropa\Toolkit\TaskRunner\AbstractCommands;
 use EcEuropa\Toolkit\Toolkit;
-use Robo\Robo;
 use Robo\Symfony\ConsoleIO;
 use Symfony\Component\Console\Input\InputOption;
 use Symfony\Component\Finder\Finder;

diff --git a/src/TaskRunner/Commands/ComponentCheckCommands.php b/src/TaskRunner/Commands/ComponentCheckCommands.php
@@ -35,6 +35,7 @@ class ComponentCheckCommands extends AbstractCommands
     protected bool $skipRecommended = true;
     protected int $recommendedFailedCount = 0;
     protected array $installed;
+    protected $io;
 
     /**
      * Check composer.json for components that are not whitelisted/blacklisted.
@@ -59,7 +60,7 @@ public function componentCheck(ConsoleIO $io, array $options = [
         if (empty($auth = Website::apiAuth())) {
             return 1;
         }
-
+        $this->io = $io;
         $commitTokens = ToolCommands::getCommitTokens();
         if (isset($commitTokens['skipOutdated']) || !$this->getConfig()->get('toolkit.components.outdated.check')) {
             $this->skipOutdated = true;
@@ -424,25 +425,38 @@ protected function componentRecommended(array $modules, array $packages)
     protected function componentInsecure(array $modules)
     {
         $packages = [];
-        $drush_result = $this->taskExec($this->getBin('drush') . ' pm:security --format=json')
+        $drupalReleaseHistory = new DrupalReleaseHistory();
+
+        $exec = $this->taskExec($this->getBin('drush') . ' pm:security --format=json')
             ->setVerbosityThreshold(VerbosityThresholdInterface::VERBOSITY_DEBUG)
-            ->run()->getMessage();
-        $drush_result = trim($drush_result);
-        if (!empty($drush_result) && $drush_result !== '[]') {
-            $data = json_decode($drush_result, true);
-            if (!empty($data) && is_array($data)) {
-                $packages = $data;
+            ->run();
+        if (!empty($exec->getExitCode()) && $exec->getExitCode() !== 3) {
+            $this->io->error(['Failed to run: pm:security', $exec->getMessage()]);
+        } else {
+            $result = trim($exec->getMessage());
+            if (!empty($result) && $result !== '[]') {
+                $data = json_decode($result, true);
+                if (!empty($data) && is_array($data)) {
+                    $packages = $data;
+                }
             }
         }
 
-        $sc_result = $this->taskExec($this->getBin('security-checker') . ' security:check --no-dev --format=json')
+        $exec = $this->taskExec('composer audit --no-dev --locked --no-scripts --format=json')
             ->setVerbosityThreshold(VerbosityThresholdInterface::VERBOSITY_DEBUG)
-            ->run()->getMessage();
-        $sc_result = trim($sc_result);
-        if (!empty($sc_result) && $sc_result !== '[]') {
-            $data = json_decode($sc_result, true);
-            if (!empty($data) && is_array($data)) {
-                $packages = array_merge($packages, $data);
+            ->run();
+        $result = trim($exec->getMessage());
+        if (!empty($result) && $result !== '[]') {
+            $data = json_decode($result, true);
+            if (!empty($data['advisories']) && is_array($data['advisories'])) {
+                // Each package might have multiple issues, we take the first.
+                foreach ($data['advisories'] as $advisory) {
+                    $packageName = $advisory[0]['packageName'];
+                    if (!isset($packages[$packageName])) {
+                        $packages[] = $advisory[0];
+                        $packages[$packageName]['version'] = ToolCommands::getPackagePropertyFromComposer($packageName);
+                    }
+                }
             }
         }
 
@@ -455,7 +469,6 @@ protected function componentInsecure(array $modules)
                     continue;
                 }
             }
-            $drupalReleaseHistory = new DrupalReleaseHistory();
             $historyTerms = $drupalReleaseHistory->getPackageDetails($name, $package['version'], '8.x');
             if ($historyTerms === 1) {
                 $this->say("No release history found for package $name.");
@@ -488,7 +501,7 @@ protected function componentInsecure(array $modules)
      */
     protected function componentOutdated()
     {
-        $result = $this->taskExec('composer outdated --no-dev --locked --direct --minor-only --format=json')
+        $result = $this->taskExec('composer outdated --no-dev --locked --direct --minor-only --no-scripts --format=json')
             ->setVerbosityThreshold(VerbosityThresholdInterface::VERBOSITY_DEBUG)
             ->run()->getMessage();
 

diff --git a/src/TaskRunner/Commands/ConfigurationCommands.php b/src/TaskRunner/Commands/ConfigurationCommands.php
@@ -6,7 +6,6 @@
 
 use EcEuropa\Toolkit\TaskRunner\AbstractCommands;
 use Robo\Exception\AbortTasksException;
-use Robo\Robo;
 use Symfony\Component\Yaml\Yaml;
 
 /**

diff --git a/src/TaskRunner/Commands/DockerCommands.php b/src/TaskRunner/Commands/DockerCommands.php
@@ -7,7 +7,6 @@
 use EcEuropa\Toolkit\TaskRunner\AbstractCommands;
 use EcEuropa\Toolkit\Toolkit;
 use EcEuropa\Toolkit\Website;
-use Exception;
 use Robo\ResultData;
 use Symfony\Component\Yaml\Yaml;
 
@@ -40,7 +39,7 @@ final class DockerCommands extends AbstractCommands
      *
      * @aliases dk-rc
      *
-     * @throws Exception
+     * @throws \Exception
      */
     public function dockerRefreshConfiguration(): int
     {
@@ -127,7 +126,7 @@ private function getServicesImagesFromDockerCompose(array $dcContent): array
      * @param string $projectId
      *
      * @return array|string[]
-     * @throws Exception
+     * @throws \Exception
      */
     private function getWebsiteProjectInformation(string $projectId): array
     {
@@ -146,13 +145,13 @@ private function getWebsiteProjectInformation(string $projectId): array
      * Returns the toolkit requirements from the endpoint.
      *
      * @return array
-     * @throws Exception
+     * @throws \Exception
      */
     private function getWebsiteRequirements(): array
     {
         $data = Website::requirements();
         if (empty($data)) {
-            throw new Exception('Failed to connect to the endpoint. Required env var QA_API_AUTH_TOKEN.');
+            throw new \Exception('Failed to connect to the endpoint. Required env var QA_API_AUTH_TOKEN.');
         }
 
         return $data;
Original file line number	Diff line number	Diff line change
		@@ -1,4 +1,3 @@

		Testing the project
		===================

Expand Down