-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.gitlab-ci.yml
107 lines (92 loc) · 2.8 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
image: docker:latest
services:
- docker:dind
stages:
- build
- test
- deploy
include:
- template: Security/Container-Scanning.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
variables:
DOCKER_DRIVER: overlay
DS_JAVA_VERSION: 11
SAST_JAVA_VERSION: 11
CONTAINER_BACKEND_IMAGE: smartcommunitylab/pgaziendale-backend:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA
CONTAINER_BACKEND_IMAGE_LATEST: smartcommunitylab/pgaziendale-backend:$CI_COMMIT_REF_NAME-latest
CONTAINER_CACHE_IMAGE: smartcommunitylab/pgaziendale-backend:cache
update-backend-cache-image:
stage: build
variables:
BUILDKIT_PROGRESS: plain
DOCKER_BUILDKIT: 1
script:
- cd backend
- docker login -u $DHUB_USER -p $DHUB_PASS
- docker build -f Dockerfile-cache -t $CONTAINER_CACHE_IMAGE .
- docker push $CONTAINER_CACHE_IMAGE
rules:
- changes:
- backend/pom.xml
backend-container-build:
stage: build
script:
- cd backend
- docker login -u $DHUB_USER -p $DHUB_PASS
- DOCKER_BUILDKIT=1 docker build -f Dockerfile -t $CONTAINER_BACKEND_IMAGE -t $CONTAINER_BACKEND_IMAGE_LATEST .
- docker push $CONTAINER_BACKEND_IMAGE
- docker push $CONTAINER_BACKEND_IMAGE_LATEST
only:
- dev-backend
- prod-backend
- main
spotbugs-sast:
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
semgrep-sast:
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
nodejs-scan-sast:
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
gemnasium-maven-dependency_scanning:
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
gemnasium-dependency_scanning:
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
container_scanning:
stage: test
variables:
DOCKER_IMAGE: smartcommunitylab/pgaziendale-backend:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA
DOCKERFILE_PATH: "backend/Dockerfile"
GIT_STRATEGY: fetch
DOCKER_USER: ""
DOCKER_PASSWORD: ""
dependencies:
- backend-container-build
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
deploy_backend_prod:
stage: deploy
image: smartcommunitylab/kubectl-alpine:latest
environment:
name: dslab
script:
- echo "deploy"
- kubectl -n pgaziendale-prod set image deployments/pgaziendale-backend-prod pgaziendale-backend-prod=$CONTAINER_BACKEND_IMAGE --record=true
- kubectl -n pgaziendale-prod rollout status deployment pgaziendale-backend-prod
only:
- prod-backend
deploy_backend_dev:
stage: deploy
image: smartcommunitylab/kubectl-alpine:latest
environment:
name: dslab
script:
- echo "deploy"
- kubectl -n pgaziendale-dev set image deployments/pgaziendale-backend-dev pgaziendale-backend-dev=$CONTAINER_BACKEND_IMAGE --record=true
- kubectl -n pgaziendale-dev rollout status deployment pgaziendale-backend-dev
only:
- dev-backend