-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy path.gitlab-ci.yml
135 lines (118 loc) · 3.24 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
image: docker:latest
services:
- docker:dind
stages:
- build
- test
- deploy
include:
- template: Security/Container-Scanning.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
variables:
SECURE_LOG_LEVEL: info
DS_JAVA_VERSION: 17
DOCKER_DRIVER: overlay
CONTAINER_IMAGE: smartcommunitylab/aac:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA
CONTAINER_IMAGE_LATEST: smartcommunitylab/aac:$CI_COMMIT_REF_NAME-latest
CONTAINER_CACHE_IMAGE: smartcommunitylab/aac:cache
# MAVEN_CLI_OPTS: -DskipTests --batch-mode
SAST_JAVA_VERSION: 17
update-backend-cache-image:
stage: build
variables:
BUILDKIT_PROGRESS: plain
DOCKER_BUILDKIT: 1
script:
- docker login -u $DHUB_USER -p $DHUB_PASS
- docker build -f Dockerfile-cache -t $CONTAINER_CACHE_IMAGE .
- docker push $CONTAINER_CACHE_IMAGE
rules:
- if: $CI_COMMIT_REF_NAME == "5.x"
changes:
- pom.xml
- user-console/yarn.lock
- user-console/package.json
maven-build:
image: maven:3-openjdk-17
stage: build
script:
- mvn -DskipTests=true clean package
only:
- master
backend-container-build:
stage: build
environment:
name: $CI_COMMIT_REF_NAME
script:
- docker login -u $DHUB_USER -p $DHUB_PASS
- DOCKER_BUILDKIT=1 docker build -f Dockerfile -t $CONTAINER_IMAGE -t $CONTAINER_IMAGE_LATEST .
- docker push $CONTAINER_IMAGE
- docker push $CONTAINER_IMAGE_LATEST
only:
- 5.x
- 4.x-platform
- master
spotbugs-sast:
rules:
- if: '$CI_COMMIT_REF_NAME == "master"'
semgrep-sast:
rules:
- if: '$CI_COMMIT_REF_NAME == "master"'
nodejs-scan-sast:
rules:
- if: '$CI_COMMIT_REF_NAME == "master"'
gemnasium-maven-dependency_scanning:
rules:
- if: '$CI_COMMIT_REF_NAME == "master"'
gemnasium-dependency_scanning:
rules:
- if: '$CI_COMMIT_REF_NAME == "master"'
gemnasium-python-dependency_scanning:
rules:
- if: '$CI_COMMIT_REF_NAME == "master"'
container_scanning:
stage: test
variables:
DOCKER_IMAGE: smartcommunitylab/aac:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA
DOCKERFILE_PATH: "Dockerfile"
GIT_STRATEGY: fetch
DOCKER_USER: ""
DOCKER_PASSWORD: ""
dependencies:
- backend-container-build
rules:
- if: '$CI_COMMIT_REF_NAME == "master"'
deploy-dev:
stage: deploy
image: smartcommunitylab/kubectl-alpine:latest
environment:
name: dslab
script:
- echo "deploy backend"
- kubectl -n aac-dev set image deployments/aac-dev aac=$CONTAINER_IMAGE --record=true
- kubectl -n aac-dev rollout status deployment aac-dev
only:
- 5.x
deploy-dslab:
stage: deploy
image: smartcommunitylab/kubectl-alpine:latest
environment:
name: platform-new
script:
- echo "deploy backend"
- kubectl -n global set image deployments/aac aac=$CONTAINER_IMAGE --record=true
- kubectl -n global rollout status deployment aac
only:
- 4.x-platform
deploy-coinnovatiolab:
stage: deploy
image: smartcommunitylab/kubectl-alpine:latest
environment:
name: coinnovationlab
script:
- echo "deploy backend"
- kubectl -n global set image deployments/aac aac=$CONTAINER_IMAGE --record=true
- kubectl -n global rollout status deployment aac
only:
- 4.x-platform