Skip to content

Commit

Permalink
SEC-7290: Adding memcache support to manage tokens. (#8)
Browse files Browse the repository at this point in the history
  • Loading branch information
hasmukhravariya authored Aug 22, 2024
1 parent 459ff60 commit 65cde78
Show file tree
Hide file tree
Showing 14 changed files with 530 additions and 130 deletions.
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ coveralls.phar

coverage/
vendor/
build/
build/*
!build/build.xml
log/*.log

phpunit
Expand Down
71 changes: 71 additions & 0 deletions Jenkinsfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
String GITHUB_REPOSITORY = 'CSRF-Protector-PHP'

pipeline {
agent any

options {
ansiColor('xterm')
disableConcurrentBuilds()
timestamps()
}

parameters {
string(name: 'SHARED_LIBRARIES_VERSION', defaultValue: 'master', description: 'The version of the Jenkins shared libraries to use. Can be a branch, tag or Git revision.')
}

triggers {
issueCommentTrigger('.*retest this please.*')
}

stages {
stage('Load Shared Libraries') {
steps {
library "jenkins-global-libraries@${params.SHARED_LIBRARIES_VERSION}"
}
}
stage('Compliance Checks') {
steps {
complianceChecks()
}
}
stage('Unit Tests and Style Checks (PHP 7.4)') {
steps {
withEcr {
sh 'docker compose up --exit-code-from unit_tests_74 --abort-on-container-exit --build unit_tests_74'
}
}
post {
always {
sh 'docker compose down'
xunit tools: [PHPUnit(pattern: 'build/logs/php74/phpunit.xml', deleteOutputFiles: true, failIfNotNew: true, stopProcessingIfError: true)]
clover cloverReportDir: 'build/logs/php74', cloverReportFileName: 'phpunit.coverage.xml',
healthyTarget: [methodCoverage: 70, conditionalCoverage: 80, statementCoverage: 80],
unhealthyTarget: [methodCoverage: 0, conditionalCoverage: 0, statementCoverage: 0],
failingTarget: [methodCoverage: 0, conditionalCoverage: 0, statementCoverage: 0]
}
}
}
stage('Unit Tests and Style Checks (PHP 8.2)') {
steps {
withEcr {
sh 'docker compose up --exit-code-from unit_tests_82 --abort-on-container-exit --build unit_tests_82'
}
}
post {
always {
sh 'docker compose down'
xunit tools: [PHPUnit(pattern: 'build/logs/php82/phpunit.xml', deleteOutputFiles: true, failIfNotNew: true, stopProcessingIfError: true)]
clover cloverReportDir: 'build/logs/php82', cloverReportFileName: 'phpunit.coverage.xml',
healthyTarget: [methodCoverage: 70, conditionalCoverage: 80, statementCoverage: 80],
unhealthyTarget: [methodCoverage: 0, conditionalCoverage: 0, statementCoverage: 0],
failingTarget: [methodCoverage: 0, conditionalCoverage: 0, statementCoverage: 0]
}
}
}
stage('Static Application Security Tests') {
steps {
sastTests()
}
}
}
}
64 changes: 64 additions & 0 deletions build/build.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
<?xml version="1.0" encoding="UTF-8"?>
<project name="Orchard CSRF-PROTECTOR-PHP Library" default="lint_test">
<target name="lint_test" depends="prepare,lint,phpcs,phpunit"/>
<property name="exclusionlist" value="${basedir}/../vendor"/>
<property name="sourcedir" value="${basedir}/../libs"/>
<property name="unittestsdir" value="${basedir}/../test"/>
<property name="execdir" value="${basedir}/../vendor/bin"/>
<property environment="env"/>
<property name="env" value="${env.PHP_ENV}"/>
<property name="logs_dir" value="${basedir}/logs/${env}"/>
<property name="coverage_dir" value="${basedir}/coverage/${env}"/>

<target name="clean" description="Cleanup build artifacts">
<delete dir="${coverage_dir}"/>
<delete dir="${logs_dir}"/>
</target>

<target name="prepare" depends="clean" description="Prepare for build">
<mkdir dir="${coverage_dir}"/>
<mkdir dir="${logs_dir}"/>
</target>

<target name="get-php-bin" description="Find out where php binary is">
<exec executable="/usr/bin/which" outputProperty="php-bin">
<arg value="php"/>
</exec>
</target>

<target name="lint" depends="get-php-bin">
<apply executable="${php-bin}" failonerror="true">
<arg value="-l"/>

<fileset dir="${basedir}/../">
<include name="**/*.php"/>
<exclude name="vendor/**"/>
</fileset>
</apply>
</target>

<target name="phpunit" description="Run unit tests with PHPUnit">
<exec executable="${execdir}/phpunit" dir="${unittestsdir}" failonerror="true">
<arg value="--stderr"/>
<arg value="--coverage-html"/>
<arg value="${coverage_dir}/"/>
<arg value="--coverage-clover"/>
<arg value="${logs_dir}/phpunit.coverage.xml"/>
<arg value="--log-junit"/>
<arg value="${logs_dir}/phpunit.xml"/>
</exec>
</target>

<target name="phpcs" description="Find coding standard violations using PHP_CodeSniffer">
<exec executable="${execdir}/phpcs">
<arg value="--extensions=php"/>
<arg value="-p"/>
<arg value="--report=checkstyle"/>
<arg value="--report-file=${logs_dir}/checkstyle.xml"/>
<arg value="--standard=PSR2"/>
<arg value="--ignore=${exclusionlist}"/>
<arg path="${sourcedir}"/>
<arg path="${unittestsdir}"/>
</exec>
</target>
</project>
4 changes: 3 additions & 1 deletion composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,9 @@
"homepage": "https://github.com/theorchard/CSRF-Protector-PHP",
"license": "Apache-2.0",
"require-dev": {
"satooshi/php-coveralls": "~1.0"
"php-coveralls/php-coveralls": "2.7.0",
"phpunit/phpunit": "~9.1",
"squizlabs/php_codesniffer": "~3.9"
},
"autoload": {
"classmap": ["libs/csrf/"]
Expand Down
19 changes: 19 additions & 0 deletions docker-compose.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
services:
unit_tests_74:
build:
context: .
dockerfile: php74.tests.Dockerfile
hostname: csrf_protector_library_tests74
environment:
- Environment=testing
volumes:
- ./build:/var/app/build
unit_tests_82:
build:
context: .
dockerfile: php82.tests.Dockerfile
hostname: csrf_protector_library_tests82
environment:
- Environment=testing
volumes:
- ./build:/var/app/build
6 changes: 5 additions & 1 deletion libs/config.sample.php
Original file line number Diff line number Diff line change
Expand Up @@ -27,5 +27,9 @@
Cross-Site Request Forgeries </a> attacks. In order to do so, you must have JavaScript enabled in your web browser otherwise this site will fail to work correctly for you.
See details of your web browser for how to enable JavaScript.",
"verifyGetFor" => array(),
"redactSensitiveInfo" => array()
"redactSensitiveInfo" => array(),
"useMemcache" => false,
"memcacheHost" => '',
"sessionKeyPrefix" => "memc.sess.key.",
"memcacheExpiry" => 7200
);
Loading

0 comments on commit 65cde78

Please sign in to comment.