Skip to content

StartUpNationLabs/php-sec-ci

Repository files navigation

PHP Security CI Example

Quality Gate Status Security Rating Reliability Rating Maintainability Rating Coverage

This project demonstrates a complete CI/CD pipeline for a PHP application with robust security measures and best practices.

🛠️ Technical Stack

  • PHP 8.2 & Composer
  • Docker

🚀 Getting Started

Pull and Run the docker image

docker run -p 8080:80 ghcr.io/startupnationlabs/php-sec-ci:main

Then navigate to http://localhost:8080 in your browser.

🐳 Build Locally your version

Build the image:

docker build -f docker/Dockerfile -t php-sec-ci .

Run the container:

docker run -p 8080:80 php-sec-ci

🔄 CI/CD Pipeline

The project includes a comprehensive CircleCI pipeline that builds, tests and deploys the application.

To learn more about the pipeline, refer to the docs/REPORT.md file.

🚀 Deployment

The project is deployed on 2 different environment depending on the branch that is updated :

  • A self-hosted machine if the target branch is dev
  • An AWS-EC2 instance if the target branch is main

For more information about the deployment and the setup of these machine, please refer to the docs/DEPLOYMENT.md file.

📊 Quality Metrics

Code is scanned for quality and security issues using SonarQube. Coverage is also measured and reported.

SonaQube is available at https://sonarqube.devops-tools.apoorva64.com.

🔒 Security

We use grype to scan the container image for vulnerabilities. The results are published in the CircleCI pipeline. You can find more details about our security analysis in the docs/REPORT.md file, there is a part dedicated to it.

📄 License

This project is proprietary and all rights are reserved.

👥 Contributing

Please refer to the project's style and contribution guidelines for submitting patches and additions. In general, follow the "fork-and-pull" Git workflow.

📞 Support

For support, please open an issue in the repository's issue tracker.

About

No description, website, or topics provided.

Resources

Contributing

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors 3

  •  
  •  
  •