Commit 83bbec51 authored by Vincent's avatar Vincent

Merge branch '157-use-ci-templates-for-gitlab-checks' into 'master'

Resolve "Use CI templates for GitLab checks"

Closes #157

See merge request !132
parents 7c770763 7995789f
Pipeline #65551324 (#1433) passed with stages
in 27 minutes and 18 seconds
......@@ -89,7 +89,7 @@ provision:
- terraform plan -out .tfplan -input=false | cleanup
- terraform apply -input=false .tfplan | cleanup
- terraform output heroku_git_url > heroku_git_url
- terraform output live_url > app_url
- terraform output live_url > environment_url.txt
- LIVE_URL=`terraform output live_url`
- echo -e "View app at\n$LIVE_URL"
environment:
......@@ -104,7 +104,7 @@ provision:
expire_in: 1 hour
paths:
- heroku_git_url
- app_url
- environment_url.txt
stop_terraform:
stage: provision
image:
......@@ -180,7 +180,7 @@ deploy:
- git add .yarnrc
- git commit -m "Increase Yarn download timeout to account for a large package (material-design-icons)"
- git push --force heroku heroku_deployment:master
- export APP_URL=`cat app_url`
- export APP_URL=`cat environment_url.txt`
- echo -e "View app at\n$APP_URL"
build_extension:
stage: deploy
......@@ -194,7 +194,7 @@ build_extension:
except:
- schedules
script:
- export APP_URL=`cat app_url`
- export APP_URL=`cat environment_url.txt`
- cd extension
- yarn
- if [[ $CI_COMMIT_REF_NAME != "master" ]]; then node tag_prerelease_version.js; fi;
......@@ -227,7 +227,7 @@ e2e:firefox:
- provision
script:
- wipCommits=`git log --grep=^WIP`; if [ -n "$wipCommits" ] && [ "$CI_COMMIT_REF_NAME" != "master" ]; then echo "WIP commits detected; skipping tests."; exit 0; fi
- export APP_URL=`cat app_url`
- export APP_URL=`cat environment_url.txt`
- cd e2e-tests
- yarn install --frozen-lockfile
- yarn run test --host=selenium
......@@ -250,7 +250,7 @@ e2e:chrome:
- provision
script:
- wipCommits=`git log --grep=^WIP`; if [ -n "$wipCommits" ] && [ "$CI_COMMIT_REF_NAME" != "master" ]; then echo "WIP commits detected; skipping tests."; exit 0; fi
- export APP_URL=`cat app_url`
- export APP_URL=`cat environment_url.txt`
- cd e2e-tests
- yarn install --frozen-lockfile
- yarn run test --host=selenium
......@@ -275,7 +275,7 @@ visual-regression-test:
- schedules
script:
- wipCommits=`git log --grep=^WIP`; if [ -n "$wipCommits" ] && [ "$CI_COMMIT_REF_NAME" != "master" ]; then echo "WIP commits detected; skipping tests."; exit 0; fi
- export APP_URL=`cat app_url`
- export APP_URL=`cat environment_url.txt`
- echo "Going to run visual regression tests. If it fails, view the report in this job's artifacts, where it will display what changed. If the changes look OK, download the new versions of the screenshots and check them in in the /visual-regression-tests/snapshots/ directory."
- cd visual-regression-tests
- yarn install --frozen-lockfile
......@@ -289,44 +289,25 @@ visual-regression-test:
expire_in: 1 week
when: always
include:
# See https://gitlab.com/help/user/project/merge_requests/sast.md
- template: SAST.gitlab-ci.yml
# See https://gitlab.com/help/user/project/merge_requests/dast.md
- template: DAST.gitlab-ci.yml
# See https://gitlab.com/help/user/project/merge_requests/sast.md
sast:
stage: confidenceCheck
image: docker:stable
variables:
DOCKER_DRIVER: overlay2
allow_failure: true
services:
- docker:stable-dind
except:
- schedules
script:
- export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
- docker run
--env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
--volume "$PWD:/code"
--volume /var/run/docker.sock:/var/run/docker.sock
"registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
artifacts:
reports:
sast: gl-sast-report.json
# See https://gitlab.com/help/user/project/merge_requests/dast.md
dast:
stage: confidenceCheck
dependencies:
- provision
image: registry.gitlab.com/gitlab-org/security-products/zaproxy
allow_failure: true
except:
- schedules
script:
- mkdir /zap/wrk/
- /zap/zap-baseline.py -J gl-dast-report.json -t `cat app_url` || true
- cp /zap/wrk/gl-dast-report.json .
artifacts:
reports:
dast: gl-dast-report.json
# See https://gitlab.com/help/user/project/merge_requests/code_quality.md
code_quality:
......@@ -361,7 +342,7 @@ performance:
except:
- schedules
script:
- export CI_ENVIRONMENT_URL=$(cat app_url)
- export CI_ENVIRONMENT_URL=$(cat environment_url.txt)
- mkdir gitlab-exporter
- wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
- mkdir sitespeed-results
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment