This pipeline automatically creates a Merge Request with an update of the Shopware Security Plugin, based on a tag.
Requirements
- Gitlab
- Shopware 6 composer setup
Variables
- SSH_DEPLOY_PRIVATE_KEY
- Private Key of a created key pair needs to be stored in this variable
- Public Key needs to be entered under “Settings > Repository > Deploy Key”
- Do not forget to grant write permissions
- SSH_KNOWN_HOSTS
- Get those from the Gitlab Documentation
Code
stages:
- security
securityUpdate:
stage: security
rules:
- if: '$CI_COMMIT_TAG =~ /security-.*/'
image: "kellerkinder/pipeline-image:8.0"
before_script:
- eval $(ssh-agent -s)
- echo "${SSH_DEPLOY_PRIVATE_KEY}" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh && > ~/.ssh/known_hosts
- echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
- chmod 700 ~/.ssh
- git config user.name "security"
- git config user.email "ci@example"
- git remote remove origin || true
- git remote add origin "git@gitlab.com:path/repo.git"
script:
- cd ${CI_PROJECT_DIR} && composer install --no-interaction --optimize-autoloader
- composer update store.shopware.com/swagplatformsecurity
- git checkout -b feature/security-patch-$(date +%F)
- git add -A
- git commit -m "Security Update $(date +%F)" || echo "No changes to commit"; && exit 0
- git push --set-upstream origin feature/security-patch-$(date +%F)
Tag Example
security-YYMMDD