Update actions/stale action to v7 (#161)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.github/workflows/build.yml

@@ -0,0 +1,64 @@
+name: Deploy
+on:
+  push:
+    branches: main
+
+jobs:
+  tests:
+      name: Tests
+      runs-on: ubuntu-latest
+      steps:
+        - name: Checkout
+          uses: actions/checkout@v2
+          with:
+            fetch-depth: 0
+        - name: Setup PHP with Xdebug
+          uses: shivammathur/setup-php@v2
+          with:
+            php-version: '8.1'
+            coverage: xdebug 
+        - name: Install dependencies with composer
+          run: composer update --no-ansi --no-interaction --no-progress
+        - name: Run tests with phpunit/phpunit
+          run: vendor/bin/phpunit --coverage-clover=coverage.xml
+        - name: Fix code coverage paths
+          run: sed -i 's@'$GITHUB_WORKSPACE'@/github/workspace/@g' coverage.xml
+        - name: SonarCloud Scan
+          uses: SonarSource/sonarcloud-github-action@master
+          env:
+            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+            SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+  release-on-push:
+    runs-on: ubuntu-latest
+    outputs: 
+      ver: ${{ steps.release.outputs.version }}
+      tag: ${{ steps.release.outputs.tag_name }}
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Get Release
+        id: release
+        uses: rymndhng/release-on-push-action@master
+        with:
+          bump_version_scheme: patch
+      - name: Check Release Output
+        id: rop-check
+        run: |
+          echo "Got tag name ${{ steps.release.outputs.tag_name }}"
+          echo "Got release version ${{ steps.release.outputs.version }}"
+
+  build:
+    name: GitHub Container Registry
+    runs-on: ubuntu-latest
+    needs: [tests, release-on-push]
+    steps:
+    - uses: actions/checkout@v3
+    - name: Login to GitHub Container Registry
+      run: echo ${{ secrets.PAT }} | docker login ghcr.io -u luketainton --password-stdin
+    - name: Build image for GitHub Container Registry
+      run: docker build . --file Dockerfile --tag ghcr.io/luketainton/fhed:${{ needs.release-on-push.outputs.ver }} --tag ghcr.io/luketainton/fhed:latest
+    - name: Push image to GitHub Container Registry
+      run: |
+        docker push ghcr.io/luketainton/fhed:latest
+        docker push ghcr.io/luketainton/fhed:${{ needs.release-on-push.outputs.ver }}

.github/workflows/deploy.yml

@@ -1,67 +0,0 @@
-name: Deploy
-on:
-  push:
-    branches: main
-
-jobs:
-  release-on-push:
-    runs-on: ubuntu-latest
-    outputs: 
-      ver: ${{ steps.release.outputs.version }}
-      tag: ${{ steps.release.outputs.tag_name }}
-    env:
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-    steps:
-      - id: release
-        uses: rymndhng/release-on-push-action@master
-        with:
-          bump_version_scheme: minor
-          
-      - name: Check Output Parameters
-        run: |
-          echo "Got tag name ${{ steps.release.outputs.tag_name }}"
-          echo "Got release version ${{ steps.release.outputs.version }}"
-
-  docker-dh:
-    name: Push to Docker Hub
-    needs: [release-on-push]
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-    - name: Login to DockerHub Registry
-      run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
-    - name: Build image for Docker Hub
-      run: docker build . --file Dockerfile --build-arg VERSION=${{ needs.release-on-push.outputs.ver }} --tag luketainton/fhed:${{ needs.release-on-push.outputs.tag }} --tag luketainton/fhed:latest
-    - name: Push image to Docker Hub
-      run: |
-        docker push luketainton/fhed:${{ needs.release-on-push.outputs.tag }} &&
-        docker push luketainton/fhed:latest
-      
-  docker-ghr:
-    name: Push to GitHub Package Registry
-    needs: [release-on-push]
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-    - name: Login to DockerHub Registry
-      run: echo ${{ secrets.GITHUB_TOKEN }} | docker login https://docker.pkg.github.com -u luketainton --password-stdin
-    - name: Build image for GitHub Package Registry
-      run: docker build . --file Dockerfile --build-arg VERSION=${{ needs.release-on-push.outputs.ver }} --tag docker.pkg.github.com/luketainton/fhed/fhed:latest --tag docker.pkg.github.com/luketainton/fhed/fhed:${{ needs.release-on-push.outputs.tag }}
-    - name: Push image to GitHub Package Registry
-      run: |
-        docker push docker.pkg.github.com/luketainton/fhed/fhed:${{ needs.release-on-push.outputs.tag }} &&
-        docker push docker.pkg.github.com/luketainton/fhed/fhed:latest
-
-  deploy:
-    name: Update Docker image on server
-    runs-on: ubuntu-latest
-    needs: [docker-dh]
-    steps:
-    - name: Update image on server
-      uses: garygrossgarten/github-action-ssh@release
-      with:
-        command: cd /docker/active/fhed && docker-compose pull && docker-compose up -d
-        host: ${{ secrets.SSH_HOST }}
-        port: ${{ secrets.SSH_PORT }}
-        username: ${{ secrets.SSH_USERNAME }}
-        privateKey: ${{ secrets.SSH_SSHKEY }}

.github/workflows/stale.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/stale@v1
+    - uses: actions/stale@v7
       with:
         repo-token: ${{ secrets.GITHUB_TOKEN }}
         stale-issue-message: 'This issue has been marked as stale due to inactivity. If this issue is still ongoing, please leave a comment.'

.gitlab-archive/.gitlab-ci.yml

@@ -0,0 +1,18 @@
+stages:
+- build
+
+build:
+  stage: build
+  only:
+  - tags
+  image: docker:20.10.22
+  services:
+  - docker:20.10.22-dind
+  variables:
+    IMAGE_TAG: "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG"
+  script:
+  - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+  - docker build -t $CI_REGISTRY_IMAGE:latest -t $IMAGE_TAG .
+  - docker build -t $IMAGE_TAG -t $CI_REGISTRY_IMAGE:latest .
+  - docker push $IMAGE_TAG
+  - docker push $CI_REGISTRY_IMAGE:latest

Dockerfile

@@ -4,6 +4,7 @@ RUN composer --working-dir=/srv install
 
 FROM php:apache
 LABEL maintainer="Luke Tainton <luke@tainton.uk>"
+LABEL org.opencontainers.image.source="https://github.com/luketainton/fhed"
 ARG VERSION
 RUN docker-php-ext-install pdo_mysql && a2enmod rewrite remoteip
 COPY vhost.conf /etc/apache2/sites-enabled/000-default.conf

app/.env.sample

@@ -13,3 +13,5 @@ OIDC_HOST          = ""
 OIDC_CLIENT_ID     = ""
 OIDC_CLIENT_SECRET = ""
 OIDC_DISABLE_SSL   = ""
+
+SENTRY_ENVIRONMENT = ""

app/composer.json

@@ -2,6 +2,7 @@
   "require": {
     "ramsey/uuid": "^4.0",
     "vlucas/phpdotenv": "^5.0",
-        "jumbojett/openid-connect-php": "^0.9.0"
+    "jumbojett/openid-connect-php": "^0.9.0",
+    "sentry/sdk": "^3.0"
   }
 }

app/includes/app_functions.php

@@ -6,6 +6,25 @@
       return $version;
   }
 
+  function oidc_set_vars($sub, $uid, $fname, $lname, $email)
+  {
+      $_SESSION['uuid'] = $sub;
+      $_SESSION['username'] = $uid;
+      $_SESSION['given_name'] = $fname;
+      $_SESSION['family_name'] = $lname;
+      $_SESSION['full_name'] = $fname . " " . $lname;
+      $_SESSION['email'] = $email;
+  }
+
+  function is_signed_in()
+  {
+      if (isset($_SESSION['is_signed_in'])) {
+          return true;
+      } else {
+          return false;
+      }
+  }
+
   function user_exists($db, $uuid)
   {
       try {
@@ -15,7 +34,7 @@
           $sql->setFetchMode(PDO::FETCH_ASSOC);
           $result = $sql->fetchAll();
       } catch (PDOException $e) {
-          $alert = array("danger", "Error during check for user record: " . $e->getMessage());
+          throw new Exception("Error in user_exists(): " . $e->getMessage());
           die();
       }
       if (empty($result)) {
@@ -34,7 +53,8 @@
           $sql->setFetchMode(PDO::FETCH_ASSOC);
           $result = $sql->fetchAll();
       } catch (PDOException $e) {
-          echo("Error: " . $e->getMessage());
+          throw new Exception("Error in get_all_users(): " . $e->getMessage());
+          die();
       }
       return $result;
   }
@@ -50,7 +70,8 @@
           $result = $sql->fetchAll();
           $usr = $result[0]['given_name'] . " " . $result[0]['family_name'];
       } catch (PDOException $e) {
-          echo("Error: " . $e->getMessage());
+          throw new Exception("Error in get_user_name(): " . $e->getMessage());
+          die();
       }
       return $usr;
   }

app/includes/footer.php

@@ -1,9 +1,10 @@
+</main>
 <footer class="footer mt-auto py-3">
   <div class="text-center text-muted">
     <?php
-      echo($_ENV['APP_NAME'] . " " . get_version() . "<br>");
+      echo($_ENV['APP_NAME'] . " " . get_version());
       if ($_ENV['APP_NAME'] != "FHeD") {
-          echo("Powered by FHeD.");
+          echo("| Powered by FHeD");
       };
     ?><br>
     <?php if (is_signed_in()) {

app/includes/header.php

@@ -10,7 +10,7 @@
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
     <meta name="theme-color" content="#563d7c">
     <link rel="icon" type="image/png" href="/favicon.png">
-    <title><?php echo( $PAGE_TITLE ); ?></title>
+    <title><?php echo($PAGE_TITLE); ?></title>
 
     <!-- Bootstrap core CSS -->
     <link rel="stylesheet" href="/css/bootstrap.min.css">
@@ -19,6 +19,8 @@
   </head>
 
   <body class="d-flex flex-column h-100">
+    <!-- Begin page content -->
+    <main role="main" class="flex-shrink-0">
     <header>
     <!-- Fixed navbar -->
     <nav class="navbar navbar-expand-md navbar-dark fixed-top bg-dark">
@@ -32,10 +34,14 @@
                 <a class="nav-link" href="/">Home</a>
                 </li>
                 <li class="nav-item">
-                <a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/new">New request</a>
+                <a class="nav-link <?php if (!is_signed_in()) {
+    echo(' disabled');
+} ?>" href="/new">New request</a>
                 </li>
                 <li class="nav-item">
-                <a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/existing">Existing requests</a>
+                <a class="nav-link <?php if (!is_signed_in()) {
+    echo(' disabled');
+} ?>" href="/existing">Existing requests</a>
                 </li>
             </ul>
         <div class="mt-2 mt-md-0">

app/includes/prereqs.php

@@ -7,17 +7,27 @@ require_once __DIR__ . "/../vendor/autoload.php";
 $dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . "/..");
 $dotenv->load();
 
+// Custom functions
+require_once __DIR__ . "/app_functions.php";
+
+// Sentry
+Sentry\init([
+  'dsn' => 'https://7c4607ed5e804d08926cc0bbc0d3fbe9@app.glitchtip.com/59',
+  'release' => get_version(),
+]);
+
 // Database auto-generation
 if (file_exists("/../includes/install.php")) {
     return;
     add_action('run_db_populate');
 }
 
-function run_db_populate() {
+function run_db_populate()
+{
     // all my glorious one-time-magic.
-    include( "/../includes/install.php" );
+    include("/../includes/install.php");
     // after all execution rename your file;
-   rename( "/../includes/install.php", "/../includes/install-backup.php");
+    rename("/../includes/install.php", "/../includes/install-backup.php");
 }
 
 // Session
@@ -29,30 +39,9 @@ $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 
 // OpenID Connect
 use Jumbojett\OpenIDConnectClient;
+
 $oidc = new OpenIDConnectClient($_ENV['OIDC_HOST'], $_ENV['OIDC_CLIENT_ID'], $_ENV['OIDC_CLIENT_SECRET']);
 if ($_ENV['OIDC_DISABLE_SSL'] == "true") {
     $oidc->setVerifyHost(false);
     $oidc->setVerifyPeer(false);
 }
-
-
-// Custom functions
-
-require_once __DIR__ . "/app_functions.php";
-
-function oidc_set_vars($sub, $uid, $fname, $lname, $email) {
-  $_SESSION['uuid'] = $sub;
-  $_SESSION['username'] = $uid;
-  $_SESSION['given_name'] = $fname;
-  $_SESSION['family_name'] = $lname;
-  $_SESSION['full_name'] = $fname . " " . $lname;
-  $_SESSION['email'] = $email;
-}
-
-function is_signed_in() {
-  if (isset($_SESSION['is_signed_in'])) {
-    return true;
-  } else {
-    return false;
-  }
-}

app/public/index.php

@@ -10,13 +10,9 @@
 ?>
 
 
-
-<!-- Begin page content -->
-<main role="main" class="flex-shrink-0">
-
   <section>
     <?php
-      if(isset($alert)) {
+      if (isset($alert)) {
           echo("
         <div class='container'>
           <div class='alert alert-" . $alert[0] . " alert-dismissible fade show' role='alert'>
@@ -37,7 +33,11 @@
       <h1>Welcome to <?php echo($_ENV['APP_NAME']); ?></h1>
       <p class="lead text-muted">
         <?php
-          if ($_ENV['APP_NAME'] == "FHeD") {echo("The Free HelpDesk");} else {echo($_ENV['APP_NAME']);};
+          if ($_ENV['APP_NAME'] == "FHeD") {
+              echo("The Free HelpDesk");
+          } else {
+              echo($_ENV['APP_NAME']);
+          };
         ?>
         is the one-stop shop for all of your IT-related needs. Let us know how we can help you by opening a request.
       </p>
@@ -65,7 +65,7 @@
                 if (count($requests) == 0) {
                     echo("<center><b>No open tickets</b></center>");
                 } else {
-                  foreach($requests as $tkt) {
+                    foreach ($requests as $tkt) {
                         ?>
               <li class="list-group-item">
                 <div class="container">
@@ -80,7 +80,9 @@
                   </div>
                 </div>
               </li>
-              <?php } } ?>
+              <?php
+                    }
+                } ?>
             </ul>
           </div>
         </div>
@@ -95,7 +97,7 @@
                 if (count($subscriptions) == 0) {
                     echo("<center><b>No subscribed tickets</b></center>");
                 } else {
-                  foreach($subscriptions as $sub) { ?>
+                    foreach ($subscriptions as $sub) { ?>
               <li class="list-group-item">
                 <div class="container">
                   <div class="row">
@@ -109,7 +111,8 @@
                   </div>
                 </div>
               </li>
-              <?php } } ?>
+              <?php }
+                } ?>
             </ul>
           </div>
         </section>
@@ -118,8 +121,6 @@
     </div>
   <?php } ?>
 
-</main>
-
 <?php
     require_once __DIR__ . "/../includes/footer.php";
 ?>

app/public/update.php

@@ -6,6 +6,8 @@
     $updates = get_updates($db, $request);
     $authorised_users = get_subscribers($db, $request);
     $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
+
+    $rid = htmlspecialchars($_GET['rid'])
 ?>
 
 
@@ -131,7 +133,7 @@
                     <div class="form-group" style="margin: 2%;">
                       <textarea type="text" class="form-control" id="msg" name="msg" rows="3"></textarea>
                       <button type="submit" class="btn btn-primary" style="margin-top: 2%;">Submit</button>
-                      <a href="/view?rid=<?php echo($_GET['rid']); ?>" class="btn btn-danger" style="margin-top: 2%;">Cancel</a>
+                      <a href="/view?rid=<?php echo($rid); ?>" class="btn btn-danger" style="margin-top: 2%;">Cancel</a>
                     </div>
                   </form>
               </div>

app/public/upload.php

@@ -6,6 +6,8 @@
     $updates = get_updates($db, $request);
     $authorised_users = get_subscribers($db, $request);
     $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
+
+    $rid = htmlspecialchars($_GET['rid']);
 ?>
 
 
@@ -131,7 +133,7 @@
                     <div class="form-group" style="margin: 2%;">
                       <input type="file" class="form-control-file" id="file" name="file">
                       <button type="submit" class="btn btn-primary" style="margin-top: 2%;">Submit</button>
-                      <a href="/view?rid=<?php echo($_GET['rid']); ?>" class="btn btn-danger" style="margin-top: 2%;">Cancel</a>
+                      <a href="/view?rid=<?php echo($rid); ?>" class="btn btn-danger" style="margin-top: 2%;">Cancel</a>
                     </div>
                   </form>
               </div>

sonar-project.properties

@@ -0,0 +1,12 @@
+sonar.projectKey=luketainton_FHeD
+sonar.organization=luketainton
+
+# This is the name and version displayed in the SonarCloud UI.
+#sonar.projectName=FHeD
+#sonar.projectVersion=1.0
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+#sonar.sources=.
+
+# Encoding of the source code. Default is default system encoding
+#sonar.sourceEncoding=UTF-8