-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.pipeline-config.yaml
140 lines (118 loc) · 4.1 KB
/
.pipeline-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
version: '1'
setup:
image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.7@sha256:0444aa3cc5032ba4d7f7a59a4177dd43dc1126ad902f09079b0a66156bbe4bcf
script: |
#!/usr/bin/env bash
if [[ "$PIPELINE_DEBUG" == 1 ]]; then
trap env EXIT
env
set -x
fi
if [[ "$(get_env pipeline_namespace)" == *"pr"* || "$(get_env pipeline_namespace)" == *"ci"* ]]; then
source scripts/code_setup.sh
fi
test:
abort_on_failure: false
image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.7@sha256:0444aa3cc5032ba4d7f7a59a4177dd43dc1126ad902f09079b0a66156bbe4bcf
script: |
#!/usr/bin/env bash
cd ../"$(load_repo app-repo path)"
npm ci
# save exit code for old evidence collection
exit_code=0
npm test || exit_code=$?
# save status for new evidence collection
status="success"
if [ "$exit_code" != "0" ]; then
status="failure"
fi
collect-evidence \
--tool-type "jest" \
--status "$status" \
--evidence-type "com.ibm.unit_tests" \
--asset-type "repo" \
--asset-key "app-repo"
exit $exit_code
containerize:
dind: true
image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.7@sha256:0444aa3cc5032ba4d7f7a59a4177dd43dc1126ad902f09079b0a66156bbe4bcf
script: |
#!/usr/bin/env bash
if [[ "$PIPELINE_DEBUG" == 1 ]]; then
trap env EXIT
env
set -x
fi
source scripts/build_setup.sh
source scripts/build.sh
deploy:
image: icr.io/continuous-delivery/pipeline/pipeline-base-image:2.19@sha256:482d28e51d5acc65471b366bbdcabc97f69e49da933337a7c42f45907cd63173
script: |
#!/usr/bin/env bash
if [[ "$PIPELINE_DEBUG" == 1 ]]; then
trap env EXIT
env
set -x
fi
source scripts/deploy_setup.sh
source scripts/deploy.sh
acceptance-test:
abort_on_failure: false
image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.7@sha256:0444aa3cc5032ba4d7f7a59a4177dd43dc1126ad902f09079b0a66156bbe4bcf
script: |
#!/usr/bin/env bash
source /root/.nvm/nvm.sh
npm ci
export APP_URL=$(get_env app-url)
# save exit code for old evidence collection
exit_code=0
npm run acceptance-test || exit_code=$?
# save status for new evidence collection
status="success"
if [ "$exit_code" != "0" ]; then
status="failure"
fi
collect-evidence \
--tool-type "jest" \
--status "$status" \
--evidence-type "com.ibm.acceptance_tests" \
--asset-type "repo" \
--asset-key "app-repo"
exit $exit_code
release:
abort_on_failure: false
image: icr.io/continuous-delivery/pipeline/pipeline-base-image:2.19@sha256:482d28e51d5acc65471b366bbdcabc97f69e49da933337a7c42f45907cd63173
script: |
#!/usr/bin/env bash
if [[ "$PIPELINE_DEBUG" == 1 ]]; then
trap env EXIT
env
set -x
fi
source scripts/release.sh
dynamic-scan:
dind: true
abort_on_failure: false
image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.7@sha256:0444aa3cc5032ba4d7f7a59a4177dd43dc1126ad902f09079b0a66156bbe4bcf
script: |
#!/usr/bin/env bash
if [ -z "$(get_env opt-in-dynamic-scan "")" ]; then
echo "If you want to enable this stage, add 'opt-in-dynamic-scan' parameter to your pipeline with any value. Also, please add 'opt-in-dynamic-api-scan' to your pipeline with any value to have api scans running, and 'opt-in-dynamic-ui-scan' with any value to have ui scans running" >&2
else
if [[ "$(get_env pipeline_namespace)" == *"cc"* ]]; then
app_url=$(get_env app-url "")
if [[ -z "${app_url}" ]]; then
echo "Please provide the app-url as the running application url. Recommended to use stage/test environment to run the Dynamic scan." >&2
exit 1
fi
source scripts/zap/zap-cc-config
fi
source scripts/zap/trigger-async-zap
fi
owasp-zap:
dind: true
abort_on_failure: true
image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.7@sha256:0444aa3cc5032ba4d7f7a59a4177dd43dc1126ad902f09079b0a66156bbe4bcf
script: |
#!/usr/bin/env bash
source scripts/zap/trigger_zap_scans