ci(git): Copy generic CI/CD files

jissereitsma · jissereitsma · commit 8b2b8d0d898d · 2026-03-02T09:34:03.000+01:00
diff --git a/.github/workflows/compile.yml b/.github/workflows/compile.yml
@@ -19,6 +19,9 @@ jobs:
         run: |
           test -n "${{ secrets.GITLAB_TOKEN }}" || exit 0
           cd /tmp/magento
+          ls ${GITHUB_WORKSPACE}
+          test -f ${GITHUB_WORKSPACE}/.github/workflows/composer-additional.sh && source ${GITHUB_WORKSPACE}/.github/workflows/composer-additional.sh
+          test -f ${GITHUB_WORKSPACE}/.github/workflows/composer-${{ matrix.magento_version }}.sh && source ${GITHUB_WORKSPACE}/.github/workflows/composer-${{ matrix.magento_version }}.sh
           composer config gitlab-domains gitlab.yireo.com
           composer config --global --auth http-basic.gitlab.yireo.com yireo "${{ secrets.GITLAB_TOKEN }}"
           composer config repositories.loki-third-party composer https://gitlab.yireo.com/api/v4/group/loki-third-party/-/packages/composer/packages.json
diff --git a/.github/workflows/composer-2.4.5-p14.sh b/.github/workflows/composer-2.4.5-p14.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+cp composer.json composer-old.json
+curl https://raw.githubusercontent.com/LokiCheckout/magento-2.4.5-patches/refs/heads/main/modules/patches.json -o loki-checkout-patches.json
+jq -s add composer-old.json loki-checkout-patches.json > composer.json
+
diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml
@@ -40,6 +40,8 @@ jobs:
         run: |
           test -n "${{ secrets.GITLAB_TOKEN }}" || exit 0
           cd /tmp/magento
+          test -f $GITHUB_WORKSPACE/.github/workflows/composer-additional.sh && source $GITHUB_WORKSPACE/.github/workflows/composer-additional.sh
+          test -f $GITHUB_WORKSPACE/.github/workflows/composer-${MAGENTO_VERSION}.sh && source $GITHUB_WORKSPACE/.github/workflows/composer-${MAGENTO_VERSION}.sh
           composer config --auth gitlab-token.gitlab.yireo.com ${{ secrets.GITLAB_TOKEN }}
           composer config repositories.loki-checkout composer https://gitlab.yireo.com/api/v4/group/loki-checkout/-/packages/composer/packages.json
 
diff --git a/.github/workflows/static-tests.yml b/.github/workflows/static-tests.yml
@@ -33,6 +33,8 @@ jobs:
         run: |
           test -n "${{ secrets.GITLAB_TOKEN }}" || exit 0
           cd /tmp/magento
+          test -f $GITHUB_WORKSPACE/.github/workflows/composer-additional.sh && source $GITHUB_WORKSPACE/.github/workflows/composer-additional.sh
+          test -f $GITHUB_WORKSPACE/.github/workflows/composer-${MAGENTO_VERSION}.sh && source $GITHUB_WORKSPACE/.github/workflows/composer-${MAGENTO_VERSION}.sh
           composer config gitlab-domains gitlab.yireo.com
           composer config --auth gitlab-token.gitlab.yireo.com ${{ secrets.GITLAB_TOKEN }}
           composer config repositories.loki-checkout composer https://gitlab.yireo.com/api/v4/group/loki-checkout/-/packages/composer/packages.json
diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml
@@ -16,6 +16,8 @@ jobs:
         run: |
           test -n "${{ secrets.GITLAB_TOKEN }}" || exit 0
           cd /tmp/magento
+          test -f $GITHUB_WORKSPACE/.github/workflows/composer-additional.sh && source $GITHUB_WORKSPACE/.github/workflows/composer-additional.sh
+          test -f $GITHUB_WORKSPACE/.github/workflows/composer-${MAGENTO_VERSION}.sh && source $GITHUB_WORKSPACE/.github/workflows/composer-${MAGENTO_VERSION}.sh
           composer config --auth gitlab-token.gitlab.yireo.com ${{ secrets.GITLAB_TOKEN }}
           composer config repositories.loki-checkout composer https://gitlab.yireo.com/api/v4/group/loki-checkout/-/packages/composer/packages.json
 
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,37 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you believe you've found a security vulnerability in this project, we encourage you to let us know.
+
+Please report it by emailing us at [security@yireo.com](mailto:security@yireo.com).
+We take security seriously and will respond as quickly as possible.
+
+## Bug Bounty Program
+
+Please note that we do not have a paid bug bounty program at this time. However, we appreciate your efforts in helping us keep our project secure.
+
+## Guidelines for Reporting
+
+When reporting a vulnerability, please include the following information:
+- A clear description of the vulnerability.
+- Steps to reproduce the issue.
+- Any relevant screenshots or logs.
+- Your contact information (optional) for follow-up questions.
+
+## Response Timeline
+
+We aim to acknowledge your report within 10 business days. Please note that complexity may affect the time it takes to fix the issue, and there is no fixed deadline for resolutions.
+
+## Disclosure Policy
+
+We will determine public disclosure timelines on a case-by-case basis once an issue has been resolved. Our goal is to balance transparency with user safety.
+
+## Our Commitment
+
+We commit to:
+- Acknowledging your report promptly.
+- Investigating all reported vulnerabilities thoroughly.
+- Keeping you updated on our progress towards fixing the issue.
+
+Thank you for helping us maintain the security of our project!
