Mathias STRASSER
c5e6c1d810
L'inscription Classeo se fait via invitation : un admin crée un compte, l'utilisateur reçoit un lien d'activation par email pour définir son mot de passe. Ce flow sécurisé évite les inscriptions non autorisées et garantit que seuls les utilisateurs légitimes accèdent au système. Points clés de l'implémentation : - Tokens d'activation à usage unique stockés en cache (Redis/filesystem) - Validation du consentement parental pour les mineurs < 15 ans (RGPD) - L'échec d'activation ne consume pas le token (retry possible) - Users dans un cache séparé sans TTL (pas d'expiration) - Hot reload en dev (FrankenPHP sans mode worker) Story: 1.3 - Inscription et activation de compte
254 lines
7.1 KiB
YAML
254 lines
7.1 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [main, develop]
|
|
pull_request:
|
|
branches: [main, develop]
|
|
|
|
jobs:
|
|
# =============================================================================
|
|
# Backend Tests - PHP 8.5, PHPStan, PHPUnit
|
|
# =============================================================================
|
|
test-backend:
|
|
name: Backend Tests
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: backend
|
|
|
|
services:
|
|
postgres:
|
|
image: postgres:18.1-alpine
|
|
env:
|
|
POSTGRES_DB: classeo_test
|
|
POSTGRES_USER: classeo
|
|
POSTGRES_PASSWORD: classeo
|
|
ports:
|
|
- 5432:5432
|
|
options: >-
|
|
--health-cmd pg_isready
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
|
|
redis:
|
|
image: redis:7.4-alpine
|
|
ports:
|
|
- 6379:6379
|
|
options: >-
|
|
--health-cmd "redis-cli ping"
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Setup PHP
|
|
uses: shivammathur/setup-php@v2
|
|
with:
|
|
php-version: '8.5'
|
|
extensions: intl, pdo_pgsql, amqp, redis, zip
|
|
coverage: xdebug
|
|
|
|
- name: Get Composer cache directory
|
|
id: composer-cache
|
|
run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
|
|
|
|
- name: Cache Composer dependencies
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ${{ steps.composer-cache.outputs.dir }}
|
|
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
|
|
restore-keys: ${{ runner.os }}-composer-
|
|
|
|
- name: Install dependencies
|
|
run: composer install --prefer-dist --no-progress
|
|
|
|
- name: Run PHP CS Fixer (check)
|
|
run: composer cs-check
|
|
|
|
- name: Run PHPStan
|
|
run: composer phpstan
|
|
|
|
- name: Run PHPUnit
|
|
run: composer test
|
|
env:
|
|
DATABASE_URL: postgresql://classeo:classeo@localhost:5432/classeo_test?serverVersion=18
|
|
REDIS_URL: redis://localhost:6379
|
|
|
|
- name: Run BC Isolation Check
|
|
working-directory: .
|
|
run: ./scripts/check-bc-isolation.sh
|
|
|
|
# =============================================================================
|
|
# Frontend Tests - Vitest, Playwright
|
|
# =============================================================================
|
|
test-frontend:
|
|
name: Frontend Tests
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: frontend
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '22'
|
|
|
|
- name: Setup pnpm
|
|
uses: pnpm/action-setup@v3
|
|
with:
|
|
version: 9
|
|
|
|
- name: Get pnpm store directory
|
|
id: pnpm-cache
|
|
run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
|
|
|
|
- name: Cache pnpm dependencies
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
|
|
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
|
|
restore-keys: ${{ runner.os }}-pnpm-store-
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Run linter
|
|
run: pnpm run lint
|
|
|
|
- name: Run TypeScript check
|
|
run: pnpm run check
|
|
|
|
- name: Run unit tests
|
|
run: pnpm run test
|
|
|
|
# =============================================================================
|
|
# E2E Tests - Playwright with Docker backend
|
|
# =============================================================================
|
|
test-e2e:
|
|
name: E2E Tests
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '22'
|
|
|
|
- name: Setup pnpm
|
|
uses: pnpm/action-setup@v3
|
|
with:
|
|
version: 9
|
|
|
|
- name: Get pnpm store directory
|
|
id: pnpm-cache
|
|
run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
|
|
|
|
- name: Cache pnpm dependencies
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
|
|
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
|
|
restore-keys: ${{ runner.os }}-pnpm-store-
|
|
|
|
- name: Install frontend dependencies
|
|
working-directory: frontend
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Install Playwright browsers
|
|
working-directory: frontend
|
|
run: pnpm exec playwright install --with-deps
|
|
|
|
- name: Build and start backend services
|
|
run: |
|
|
# Build images first (with Docker layer caching)
|
|
docker compose build php
|
|
# Start services (includes db, redis, rabbitmq dependencies)
|
|
docker compose up -d php
|
|
timeout-minutes: 10
|
|
|
|
- name: Wait for backend to be ready
|
|
run: |
|
|
echo "Waiting for backend to be ready (composer install + app startup)..."
|
|
# Wait up to 5 minutes for the backend to respond
|
|
timeout 300 bash -c 'until curl -sf http://localhost:18000/api > /dev/null 2>&1; do
|
|
echo "Waiting for backend..."
|
|
sleep 5
|
|
done'
|
|
echo "Backend is ready!"
|
|
|
|
- name: Show backend logs on failure
|
|
if: failure()
|
|
run: docker compose logs php
|
|
|
|
- name: Run E2E tests
|
|
working-directory: frontend
|
|
run: pnpm run test:e2e
|
|
env:
|
|
# Frontend serves on 4173 (preview mode), backend on 18000 (Docker)
|
|
PUBLIC_API_PORT: "18000"
|
|
PUBLIC_API_URL: http://localhost:18000/api
|
|
|
|
- name: Upload Playwright report
|
|
uses: actions/upload-artifact@v4
|
|
if: failure()
|
|
with:
|
|
name: playwright-report
|
|
path: frontend/playwright-report/
|
|
retention-days: 7
|
|
|
|
- name: Stop backend services
|
|
if: always()
|
|
run: docker compose down
|
|
|
|
# =============================================================================
|
|
# Naming Conventions Check
|
|
# =============================================================================
|
|
check-naming:
|
|
name: Naming Conventions
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Run Naming Check
|
|
run: ./scripts/check-naming.sh
|
|
|
|
# =============================================================================
|
|
# Build Check
|
|
# =============================================================================
|
|
build:
|
|
name: Build Check
|
|
runs-on: ubuntu-latest
|
|
needs: [test-backend, test-frontend, test-e2e]
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Build backend image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: ./backend
|
|
push: false
|
|
cache-from: type=gha
|
|
cache-to: type=gha,mode=max
|
|
|
|
- name: Build frontend image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: ./frontend
|
|
push: false
|
|
cache-from: type=gha
|
|
cache-to: type=gha,mode=max
|