Skip to content
GitLab
Menu
Why GitLab
Pricing
Contact Sales
Explore
Why GitLab
Pricing
Contact Sales
Explore
Sign in
Get free trial
Primary navigation
Search or go to…
Project
T
TerraCI
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Privacy statement
Keyboard shortcuts
?
What's new
4
Snippets
Groups
Projects
Show more breadcrumbs
Hiba Awad
TerraCI
Commits
19b03eed
Commit
19b03eed
authored
5 months ago
by
Hiba AWAD
Browse files
Options
Downloads
Patches
Plain Diff
Delete .gitlab-ci.yml
parent
4ab3aaf0
No related branches found
Branches containing commit
No related tags found
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
.gitlab-ci.yml
+0
-147
0 additions, 147 deletions
.gitlab-ci.yml
with
0 additions
and
147 deletions
.gitlab-ci.yml
deleted
100644 → 0
+
0
−
147
View file @
4ab3aaf0
stages
:
-
build
-
test
-
deploy
Build
:
stage
:
build
services
:
-
docker:dind
image
:
docker:stable
script
:
######Commented just for testing########
#- docker build -t test_docker .
#- docker run test_docker
##############################################
-
echo "The file is already in the project"
TfLint
:
stage
:
test
environment
:
name
:
configurationSyntax
script
:
-
echo "Linting Terraform code..."
-
cd terraform
-
apk update
-
apk add curl bash
-
wget -q https://github.com/terraform-linters/tflint/releases/download/v0.48.0/tflint_linux_amd64.zip
-
unzip tflint_linux_amd64.zip
-
chmod +x tflint
-
mv tflint /usr/local/bin/
-
tflint --version
#########Put the results in a file#############
-
tflint > tflint_results.txt 2>&1 ||
true
-
num_issues=$(cat tflint_results.txt | awk 'NR==1 {print $1}')
-
echo "$num_issues is the number"
-
|
if [ "$num_issues" -gt $Nbissues ]; then
echo "The number of issues found is more than 9."
tflint
exit 1
else
echo "The linting conditions are within limits"
fi
# artifacts:
# paths:
# - tflint_results.txt
rules
:
-
when
:
on_success
-
needs
:
-
Build
-
changes
:
-
terraform/aws.tf
allow_failure
:
false
Tfsec
:
stage
:
test
environment
:
name
:
Security
script
:
-
echo "Running security tests..."
-
wget https://github.com/aquasecurity/trivy/releases/download/v0.46.1/trivy_0.46.1_Linux-64bit.tar.gz
-
tar zxvf trivy_0.46.1_Linux-64bit.tar.gz
-
mv trivy /usr/local/bin/trivy
-
chmod +x /usr/local/bin/trivy
-
trivy --version
-
trivy config ./terraform/aws.tf > trivy_report.txt
-
|
LOW_FAILURES=$(awk '/LOW: [0-9]+/ {print $NF}' trivy_report.txt)
MEDIUM_FAILURES=$(awk '/MEDIUM: [0-9]+/ {print $NF}' trivy_report.txt)
HIGH_FAILURES=$(awk '/HIGH: [0-9]+/ {print $NF}' trivy_report.txt)
CRITICAL_FAILURES=$(grep -o 'CRITICAL: [0-9]*' trivy_report.txt | cut -d ' ' -f 2 | grep -v '^$')
echo "Number of critical failures: $CRITICAL_FAILURES"
if [ "$LOW_FAILURES" -gt $low ] || [ "$MEDIUM_FAILURES" -gt $med ] || [ "$HIGH_FAILURES" -gt $high ] || [ "$CRITICAL_FAILURES" -gt $critical ]; then
echo "The failures conditions are not met."
trivy config ./terraform/aws.tf
exit 1
else
echo "All conditions are within limits"
fi
artifacts
:
paths
:
-
trivy_report.txt
rules
:
-
needs
:
-
TfLint
allow_failure
:
true
Infracost
:
stage
:
test
environment
:
name
:
Cost
script
:
-
echo "Cost estimation..."
#Infracost installation
-
wget https://github.com/infracost/infracost/releases/latest/download/infracost-linux-amd64.tar.gz
-
tar -xzf infracost-linux-amd64.tar.gz
-
chmod +x infracost-linux-amd64
-
mv infracost-linux-amd64 /usr/local/bin/infracost
-
infracost --version
-
export INFRACOST_API_KEY=$INFRACOST_API_KEY
#infracost test
-
infracost breakdown --path .
-
infracost breakdown --path . > infracost_results.txt
-
cost_with_unit=$(awk '/OVERALL TOTAL/ {print $NF}' infracost_results.txt)
-
echo $cost_with_unit
-
cost="${cost_with_unit#$}"
-
echo $cost
-
budget="$${BUDGET}"
-
|
budget="$BUDGET" # Retrieve the budget from the CI/CD settings
# Perform a floating-point comparison using bc
if [ "$(echo "$cost >= $budget" | bc -l)" -eq 1 ]; then
difference=$(echo "$cost - $budget" | bc -l)
echo "Cost exceeds budget by $difference"
# Cancel deployment
exit 1
else
echo "Cost is within the budget"
fi
artifacts
:
paths
:
-
infracost_results.txt
rules
:
-
needs
:
-
Tfsec
allow_failure
:
true
#n
Deploy
:
stage
:
deploy
script
:
-
echo "Deploying the model...This is a fake deploy in case of all test valid"
-
echo "Model successfully deployed."
# Replaced placeholders in s-part.yml and appended to generated_gitlabci.yml
# Restored the specific line for TfLint
# Replaced placeholders in l-part.yml and appended to generated_gitlabci.yml
# Replaced placeholders in i-part.yml and appended to generated_gitlabci.yml
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
