Skip to content

szepeviktor/byte-level-care

Repository files navigation

Byte-level care

theories Tweet

Note

Currently there are 14 GitHub Actions workflows in this repository.

How to live with zero problems through Total Control.

  • Analyze service providers before you choose one
  • Monitor your service providers
  • Collaborate closely with your service providers
  • Know every piece of software on your server and its author; uninstall anything that is not needed
  • Monitor every process on your server with functional tests, not just pings
  • Run QA tools on every byte of your git repositories
  • Know your dependencies (packages) and their authors
  • Deploy 100% automatically
  • Run production environments without human intervention
  • Be conservative with software versions when upgrading

See Special infrastructure for web applications

Support my work

Please consider supporting my work if you benefit from this knowledge.

Sponsor

Thank you!


Back-end Coverage Status License PHP Version Packagist stats Latest version PHPStan enabled

CI

How to design and implement continuous integration.

You find a complete CI workflow in this repository.

  • Run in a premade container or install OS packages
  • Display environment information
  • Set access credentials
  • Version control
    • Git committer
    • Commit message
    • PR title
  • Cache OS and programming language library packages
  • Check programming language and framework version compatibility
  • Check package management configuration (validate & normalize)
  • Check outdated packages and known security vulnerabilities
  • Build code
  • Configure application
  • 0️⃣ Byte-level
    • Check execute file mode bit
    • Look for non-ASCII characters (non-English alphabets, whitespace characters, control characters)
  • 1️⃣ Syntax errors
    • Check source code for syntax errors
    • Check template files for syntax errors
  • 2️⃣ Run unit and functional tests
  • 3️⃣ Static Analysis
    • Run static analysis: PHPStan
    • Magic Number Detector
    • Copy-Paste Detector
  • 4️⃣ Coding Standards
    • Check coding style
    • Adhere to EditorConfig
  • Measure code coverage
  • Check route methods (controllers of routes)
  • Check list of distributed files
  • Check spelling: Typos
  • Custom checks and warnings
  • Display logs in CI output or upload logs as artifacts
  • Start CD by SSH-ing to own server (restrict,command in authorized_keys and DenyUsers in sshd.conf)
  • Wipe sensitive data

CD

How to design and implement continuous delivery.

  • Possible constrains:
    • successful tests
    • do not run on PR-s
    • our repo
    • specific branch
    • tag in commit message [deploy:prod]
    • deploy head commit only
    • optional manual start (GitLab manual actions)
  • Do not run as root user
  • Keep deploy configuration in a file
  • Log every output to a file, log start and finish to syslog
  • Limit execution time of time-consuming steps (timeout)
  • Optionally back up project files before starting to deploy
  • Create a bot user on the server for git access with SSH key (@companybot)
  • List changes in current project files
  • Check for maintenance mode, Turn on maintenance mode php artisan down covering static resource, page, AJAX and API requests
  • Clear caches (configuration, routes, application, template etc.)
  • Wait for to finish and disable cron jobs and background workers after clearing caches (email piped to a program)
  • Identify git repository and branch
  • Checkout by commit hash (not by branch HEAD)
  • At least lint the source code
  • Don't deploy testing packages
  • Enable production optimizations in package manager
  • Build code
  • Run database migrations
  • Turn off maintenance mode
  • Populate caches (application, OPcache, wp rewrite flush)
  • Run at least 1 basic functional or unit test (e.g. log in or display dashboard)
  • Check HTML output
  • Special sudo configuration for reloading PHP-FPM or Cachetool
  • Alert on failure
  • "Was down for X seconds"
  • Send email, Slack, Trello or Google Hangouts notification

Static analysis with PHPStan

  • Extensions
  • phpstan/phpstan-strict-rules
  • phpstan/phpstan-deprecation-rules
  • dave-liddament/sarb
  • ekino/phpstan-banned-code
  • tomasvotruba/type-coverage
  • pepakriz/phpstan-exception-rules
  • canvural/larastan-strict-rules
  • schlndh/maria-stan
  • Starred repositories