-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
109 lines (97 loc) · 2.63 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
image: docker:latest
services:
- docker:dind
stages:
- build
- test
- deploy
variables:
SECURE_LOG_LEVEL: info
DS_JAVA_VERSION: 11
DOCKER_DRIVER: overlay
CONTAINER_IMAGE: smartcommunitylab/playngo-hsc:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA
CONTAINER_IMAGE_LATEST: smartcommunitylab/playngo-hsc:$CI_COMMIT_REF_NAME-latest
CONTAINER_CACHE_IMAGE: smartcommunitylab/playngo-hsc:cache
SAST_JAVA_VERSION: 11
include:
- template: Security/Container-Scanning.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
update-backend-cache-image:
stage: build
variables:
BUILDKIT_PROGRESS: plain
DOCKER_BUILDKIT: 1
script:
- docker login -u $DHUB_USER -p $DHUB_PASS
- docker build -f Dockerfile-cache -t $CONTAINER_CACHE_IMAGE .
- docker push $CONTAINER_CACHE_IMAGE
rules:
- changes:
- pom.xml
maven-build:
image: maven:3-openjdk-11
stage: build
script:
- mvn -DskipTests=true clean package
only:
- main
gemnasium-maven-dependency_scanning:
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
semgrep-sast:
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
container_scanning:
stage: test
dependencies:
- backend-container-build
variables:
DOCKER_IMAGE: smartcommunitylab/playngo-hsc:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA
DOCKERFILE_PATH: "Dockerfile"
GIT_STRATEGY: fetch
DOCKER_USER: ""
DOCKER_PASSWORD: ""
CS_IMAGE: smartcommunitylab/playngo-hsc:$CI_COMMIT_REF_NAME-latest
rules:
- if: '$CI_COMMIT_REF_NAME == "main"'
backend-container-build:
stage: build
variables:
BUILDKIT_PROGRESS: plain
DOCKER_BUILDKIT: 1
script:
- docker login -u $DHUB_USER -p $DHUB_PASS
- docker build -f Dockerfile --build-arg VER=1.0 -t $CONTAINER_IMAGE -t $CONTAINER_IMAGE_LATEST .
- docker push $CONTAINER_IMAGE
- docker push $CONTAINER_IMAGE_LATEST
only:
- dev
- prod
- main
deploy-dev:
stage: deploy
image:
name: bitnami/kubectl:latest
entrypoint: ['']
environment:
name: dslab
script:
- echo "deploy backend"
- kubectl -n playngo-dev set image deployments/playngo-hsc playngo-hsc=$CONTAINER_IMAGE --record=true
- kubectl -n playngo-dev rollout status deployment playngo-hsc
only:
- dev
deploy-prod:
stage: deploy
image:
name: bitnami/kubectl:latest
entrypoint: ['']
environment:
name: dslab
script:
- echo "deploy backend"
- kubectl -n playngo-prod set image deployments/playngo-hsc playngo-hsc=$CONTAINER_IMAGE --record=true
- kubectl -n playngo-prod rollout status deployment playngo-hsc
only:
- prod