This project demonstrates a complete CI/CD pipeline for a PHP application with robust security measures and best practices.
- PHP 8.2 & Composer
- Docker
Pull and Run the docker image
docker run -p 8080:80 ghcr.io/startupnationlabs/php-sec-ci:mainThen navigate to http://localhost:8080 in your browser.
Build the image:
docker build -f docker/Dockerfile -t php-sec-ci .Run the container:
docker run -p 8080:80 php-sec-ciThe project includes a comprehensive CircleCI pipeline that builds, tests and deploys the application.
To learn more about the pipeline, refer to the docs/REPORT.md file.
The project is deployed on 2 different environment depending on the branch that is updated :
- A self-hosted machine if the target branch is dev
- An AWS-EC2 instance if the target branch is main
For more information about the deployment and the setup of these machine, please refer to the docs/DEPLOYMENT.md file.
Code is scanned for quality and security issues using SonarQube. Coverage is also measured and reported.
SonaQube is available at https://sonarqube.devops-tools.apoorva64.com.
We use grype to scan the container image for vulnerabilities. The results are published in the CircleCI pipeline.
You can find more details about our security analysis in the docs/REPORT.md file, there is a part dedicated to it.
This project is proprietary and all rights are reserved.
Please refer to the project's style and contribution guidelines for submitting patches and additions. In general, follow the "fork-and-pull" Git workflow.
For support, please open an issue in the repository's issue tracker.