Skip to content
Snippets Groups Projects
Commit 25024bc0 authored by Yoan VALLET's avatar Yoan VALLET
Browse files

feat(ci): use dependency check

parent d9cc6814
Branches
No related tags found
3 merge requests!530chore(release): 1.6.4,!512chore(release): 1.6.0,!506feat(ci): use dependency check
Hide whitespace changes
Inline Side-by-side
Showing
with 54 additions and 35 deletions
.gitlab-ci.yml
+ 54
35
View file @ 25024bc0
# You can override the included template(s) by including variable overrides default:
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/node:14.15.4-alpine
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings services:
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings - name: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/docker:20.10.9-dind
# Note that environment variables can be set in several places alias: docker
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
image: docker:git
services:
- docker:dind
variables: variables:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: '' DOCKER_TLS_CERTDIR: ''
DOCKER_HOST: tcp://docker:2375/
DOCKER_DRIVER: overlay2
DEPENDENCY_PROXY: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/
stages: stages:
- quality
- test - test
- build - build
- quality
- deploy - deploy
- publish - publish
# Sast analysis should be fixed
# sast:
# stage: test
# rules:
# - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "dev"'
# include:
# - template: Security/SAST.gitlab-ci.yml
test: test:
stage: test stage: test
image: node:14.18-alpine
before_script: before_script:
- apk add git - apk add git
script: script:
...@@ -39,7 +45,6 @@ test: ...@@ -39,7 +45,6 @@ test:
build-test: build-test:
stage: build stage: build
image: node:14.18-alpine
before_script: before_script:
- apk add git - apk add git
- apk add bash - apk add bash
...@@ -54,7 +59,6 @@ build-test: ...@@ -54,7 +59,6 @@ build-test:
build-dev: build-dev:
stage: build stage: build
image: node:14.18-alpine
before_script: before_script:
- apk add git - apk add git
- apk add bash - apk add bash
...@@ -73,7 +77,6 @@ build-dev: ...@@ -73,7 +77,6 @@ build-dev:
build: build:
stage: build stage: build
image: node:14.18-alpine
before_script: before_script:
- apk add git - apk add git
- apk add bash - apk add bash
...@@ -92,6 +95,8 @@ build: ...@@ -92,6 +95,8 @@ build:
build_stack: build_stack:
stage: build stage: build
before_script:
- docker login ${CI_DEPENDENCY_PROXY_SERVER} -u ${CI_DEPENDENCY_PROXY_USER} -p ${CI_DEPENDENCY_PROXY_PASSWORD}
script: script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
- docker build -t "$CI_REGISTRY_IMAGE/cozy-env:latest" ./docker/ - docker build -t "$CI_REGISTRY_IMAGE/cozy-env:latest" ./docker/
...@@ -102,7 +107,6 @@ build_stack: ...@@ -102,7 +107,6 @@ build_stack:
publish: publish:
stage: publish stage: publish
image: node:14.18-alpine
before_script: before_script:
- apk add git - apk add git
script: script:
...@@ -115,29 +119,49 @@ sonarqube: ...@@ -115,29 +119,49 @@ sonarqube:
stage: quality stage: quality
only: only:
- dev - dev
image: registry.forge.grandlyon.com/apoyen2/sonnar-scanner-gl:master when: manual
image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/skilldlabs/sonar-scanner:4.0.0
variables:
GIT_STRATEGY: clone
GIT_DEPTH: 0
before_script: before_script:
- export NODE_PATH=$NODE_PATH:`npm root -g` - npm install --save sonar-scanner
- npm install -g typescript
script: script:
- 'sonar-scanner -Dsonar.projectName="ecolyo" -Dsonar.projectVersion=1.0 -Dsonar.sourceEncoding=UTF-8 - >
-Dsonar.projectBaseDir=. -Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=${CI_PROJECT_PATH_SLUG} sonar-scanner
-Dsonar.login=${SONAR_TOKEN} -Dsonar.cpd.exclusions=tests/**,src/**/*.spec.ts* -Dsonar.projectName=ecolyo
-Dsonar.qualitygate.wait=true' -Dsonar.projectVersion=1.0
-Dsonar.sourceEncoding=UTF-8
-Dsonar.projectBaseDir=.
-Dsonar.host.url=${SONAR_URL}
-Dsonar.projectKey=ecolyo
-Dsonar.login=${SONAR_TOKEN}
-Dsonar.cpd.exclusions=tests/**,src/**/*.spec.ts*
-Dsonar.qualitygate.wait=true
sonarqube-mr: sonarqube-mr:
stage: quality stage: quality
only: only:
- merge_requests - merge_requests
image: registry.forge.grandlyon.com/apoyen2/sonnar-scanner-gl:master when: manual
image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/skilldlabs/sonar-scanner:4.0.0
variables:
GIT_STRATEGY: clone
GIT_DEPTH: 0
before_script: before_script:
- export NODE_PATH=$NODE_PATH:`npm root -g` - npm install --save sonar-scanner
- npm install -g typescript
script: script:
- 'sonar-scanner -Dsonar.projectName="ecolyo-mr" -Dsonar.projectVersion=1.0 -Dsonar.sourceEncoding=UTF-8 - >
-Dsonar.projectBaseDir=. -Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=ecolyo-mr sonar-scanner
-Dsonar.login=${SONAR_MR_TOKEN} -Dsonar.cpd.exclusions=tests/**,src/**/*.spec.ts* -Dsonar.projectName=ecolyo-mr
-Dsonar.qualitygate.wait=true' -Dsonar.projectVersion=1.0
-Dsonar.sourceEncoding=UTF-8
-Dsonar.projectBaseDir=.
-Dsonar.host.url=${SONAR_URL}
-Dsonar.projectKey=ecolyo-mr
-Dsonar.login=${SONAR_MR_TOKEN}
-Dsonar.cpd.exclusions=tests/**,src/**/*.spec.ts*
-Dsonar.qualitygate.wait=true
deploy_demo: deploy_demo:
stage: deploy stage: deploy
...@@ -158,8 +182,3 @@ deploy_alpha: ...@@ -158,8 +182,3 @@ deploy_alpha:
- './update_all_ecolyo_dev.sh' - './update_all_ecolyo_dev.sh'
only: only:
- tags - tags
sast:
stage: test
include:
- template: Security/SAST.gitlab-ci.yml
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment