language: php php: - 7.2 - 7.3 - 7.4 - nightly services: - redis sudo: required dist: bionic addons: mariadb: '10.2' hosts: - misp.local - localhost before_install: - git config --global user.name "TravisCI" - export PATH="$HOME/.local/bin:$PATH" install: - date - sudo apt-get -y update # Install haveged, because Travis lacks entropy. - sudo apt-get -y install haveged python3 python3-venv python3-pip python3-dev python3-nose python3-redis python3-lxml python3-dateutil python3-msgpack libxml2-dev libzmq3-dev zlib1g-dev apache2 curl php-mysql php-dev php-cli libapache2-mod-php libfuzzy-dev php-mbstring libonig4 php-json php-xml php-opcache php-readline php-redis php-gnupg php-gd - sudo pip3 install --upgrade pip setuptools requests pyzmq - sudo pip3 install --upgrade -r requirements.txt - pip3 install --user poetry - phpenv rehash - sudo mkdir $HOME/.composer ; sudo chown $USER:www-data $HOME/.composer - pushd app - sudo -H -u $USER php composer.phar install --no-progress - sudo phpenmod redis - sudo phpenmod gnupg - popd - cp -fa INSTALL/setup/config.php app/Plugin/CakeResque/Config/config.php # Set perms - sudo chown -R $USER:www-data `pwd` - sudo chmod -R 775 `pwd` - sudo chmod -R g+ws `pwd`/app/tmp - sudo chmod -R g+ws `pwd`/app/tmp/cache - sudo chmod -R g+ws `pwd`/app/tmp/cache/persistent - sudo chmod -R g+ws `pwd`/app/tmp/cache/models - sudo chmod -R g+ws `pwd`/app/tmp/logs - sudo chmod -R g+ws `pwd`/app/files - sudo chmod -R g+ws `pwd`/app/files/scripts/tmp - sudo chown -R $USER:www-data `pwd` # Resque perms - sudo chown -R $USER:www-data `pwd`/app/Plugin/CakeResque/tmp - sudo chmod -R 755 `pwd`/app/Plugin/CakeResque/tmp # install MySQL - sudo chmod -R 777 `pwd`/INSTALL - mysql -u root -e "SET GLOBAL sql_mode = 'STRICT_ALL_TABLES';" - mysql -u root -e 'create database misp;' - mysql -u root -e "grant usage on *.* to misp@localhost identified by 'blah'"; - mysql -u root -e "grant all privileges on misp.* to misp@localhost;" - mysql -u misp -pblah misp < INSTALL/MYSQL.sql # configure apache virtual hosts - sudo chmod -R 777 `pwd`/build - sudo mkdir -p /etc/apache2/sites-available - sudo cp -f build/travis-ci-apache /etc/apache2/sites-available/misp.local.conf - sudo sed -e "s?%TRAVIS_BUILD_DIR%?$(pwd)?g" --in-place /etc/apache2/sites-available/misp.local.conf - sudo a2dissite 000-default - sudo a2ensite misp.local.conf - sudo a2enmod rewrite - sudo service apache2 restart # MISP configuration - sudo chmod -R 777 `pwd`/travis - sudo cp app/Config/bootstrap.default.php app/Config/bootstrap.php - sudo cp travis/database.php app/Config/database.php - sudo cp app/Config/core.default.php app/Config/core.php - sudo cp app/Config/config.default.php app/Config/config.php - sudo cp travis/email.php app/Config/email.php # Ensure the perms - sudo chown -R $USER:www-data `pwd`/app/Config - sudo chmod -R 770 `pwd`/app/Config # GPG setup - sudo mkdir `pwd`/.gnupg # /!\ VERY INSECURE BUT FASTER ON THE BUILD ENV OF TRAVIS - sudo cp -a /dev/urandom /dev/random - sudo gpg --no-tty --no-permission-warning --pinentry-mode=loopback --passphrase "travistest" --homedir `pwd`/.gnupg --gen-key --batch `pwd`/travis/gpg - sudo gpg --list-secret-keys --homedir `pwd`/.gnupg # change perms - sudo chown -R $USER:www-data `pwd` - sudo chmod +x /home/travis/build - sudo chmod +x /home/travis - sudo chmod +x /home - sudo chmod -R 770 `pwd`/.gnupg # Get authkey - sudo usermod -a -G www-data $USER - sudo -E su $USER -c 'app/Console/cake Admin runUpdates' - sudo -E su $USER -c 'app/Console/cake userInit -q | sudo tee ./key.txt' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "Session.autoRegenerate" 0' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "Session.timeout" 600' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "Session.cookieTimeout" 3600' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.host_org_id" 1' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.email" "info@admin.test"' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.disable_emailing" false' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "debug" true' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "Plugin.CustomAuth_disable_logout" false' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.redis_host" "127.0.0.1"' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.redis_port" 6379' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.redis_database" 13' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.redis_password" ""' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "GnuPG.email" "info@admin.test"' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "GnuPG.homedir" "`pwd`/.gnupg"' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "GnuPG.password" "travistest"' - sudo -E su $USER -c 'app/Console/cake Admin updateGalaxies' - sudo -E su $USER -c 'app/Console/cake Admin updateTaxonomies' - sudo -E su $USER -c 'app/Console/cake Admin updateWarningLists' - sudo -E su $USER -c 'app/Console/cake Admin updateNoticeLists' - sudo -E su $USER -c 'app/Console/cake Admin updateObjectTemplates 1' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "Plugin.ZeroMQ_enable" true' - sudo -E su $USER -c 'app/Console/cake Live 1' - sudo chmod 777 ./key.txt - sudo chmod -R 777 ./tests # Start workers - sudo chmod +x app/Console/worker/start.sh - sudo -E su $USER -c 'app/Console/worker/start.sh &' - sleep 10 # Dirty install python stuff - virtualenv -p python3.6 ./venv - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.python_bin" "$TRAVIS_BUILD_DIR/venv/bin/python"' - . ./venv/bin/activate - pushd cti-python-stix2 - pip install . - popd - pushd PyMISP - pip install .[fileobjects] - popd - pip install stix zmq redis plyara - deactivate before_script: - curl http://misp.local - AUTH=`cat key.txt` - sudo chmod -R 777 PyMISP - pushd PyMISP - echo 'url = "http://misp.local"' >> tests/keys.py - echo 'key = "'${AUTH}'"' >> tests/keys.py - cat tests/keys.py - popd script: - ./app/Vendor/bin/parallel-lint --exclude app/Lib/cakephp/ --exclude app/Vendor/ --exclude app/Lib/random_compat/ -e php,ctp app/ - ./app/Vendor/bin/phpunit app/Test/ComplexTypeToolTest.php - ./app/Vendor/bin/phpunit app/Test/JSONConverterToolTest.php # Ensure the perms - sudo chown -R $USER:www-data `pwd`/app/Config - sudo chmod -R 770 `pwd`/app/Config - pushd tests - ./curl_tests.sh $AUTH - popd - pushd PyMISP - git submodule init - git submodule update - travis_retry poetry install -E fileobjects -E openioc -E virustotal -E docs -E pdfexport - poetry run python tests/testlive_comprehensive.py - poetry run python tests/test_mispevent.py - popd - cp PyMISP/tests/keys.py PyMISP/examples/events/ - pushd PyMISP/examples/events/ - poetry run python ./create_massive_dummy_events.py -l 5 -a 30 - popd - python3 tools/misp-feed/validate.py after_failure: - curl http://misp.local - cat /etc/apache2/sites-available/misp.local.conf - sudo tail -n +1 `pwd`/app/tmp/logs/* - sudo ls -l /var/log/apache2 - sudo cat /var/log/apache2/error.log - sudo cat /var/log/apache2/misp.local_error.log - sudo cat /var/log/apache2/misp.local_access.log - pwd notifications: webhooks: urls: - https://webhooks.gitter.im/e/05e30284086a8e948d31 on_success: change # options: [always|never|change] default: always on_failure: always # options: [always|never|change] default: always on_start: never # options: [always|never|change] default: always after_success: - sudo tail -n +1 `pwd`/app/tmp/logs/* - coveralls - coverage report - coverage xml - codecov