forked from awslabs/service-workbench-on-aws
-
Notifications
You must be signed in to change notification settings - Fork 3
/
.gitlab-ci.yml
130 lines (115 loc) · 2.25 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# Include all default templates from https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/
include:
- template: Jobs/SAST.latest.gitlab-ci.yml
- template: Jobs/Secret-Detection.latest.gitlab-ci.yml
- template: Jobs/Dependency-Scanning.latest.gitlab-ci.yml
- template: DAST.gitlab-ci.yml
# Include default tags
default:
tags:
- aim-ahead
- docker
# Set PATH
variables:
PATH: '/bin:/usr/bin:/usr/local/bin'
# cache node modules
cache:
paths:
- node_modules/
- addons/*/packages/*/node_modules/
- main/solution/*/node_modules/
- main/cicd/*/node_modules/
- main/integration-tests/node_modules/
- main/packages/*/node_modules
# Run different stages
stages:
- test
- dast
- build
- assume_role
- deploy
#######################
###### Templates ######
#######################
.assume_role:
stage: assume_role
inherit:
default: false
tags:
- aim-ahead
- shell
script:
- sh assume-role.sh > creds.env
artifacts:
reports:
dotenv: creds.env
.build:
stage: build
inherit:
default: false
tags:
- aim-ahead
- shell
script:
- echo "Installing dependencies"
- ./scripts/install.sh
- echo "Building packages"
- ./scripts/build-all-packages.sh
.deploy:
stage: deploy
inherit:
default: false
tags:
- aim-ahead
- shell
when: manual
script:
- ./scripts/environment-deploy.sh
#####################
####### Dev #########
#####################
build_dev:
environment: Development
extends: .build
only:
- srce-dev
assume_role_dev:
extends: .assume_role
environment: Development
only:
- srce-dev
deploy_dev:
environment: Development
extends: .deploy
needs:
- build_dev
- assume_role_dev
only:
- srce-dev
dast_dev:
stage: dast
only:
- srce-dev
environment: "Development"
script: "echo running DAST on ${DAST_WEBSITE}"
#####################
####### Prod ########
#####################
build_prod:
environment: Production
extends: .build
only:
- srce-prod
assume_role_prod:
extends: .assume_role
environment: Production
only:
- srce-prod
deploy_prod:
environment: Production
extends: .deploy
needs:
- build_prod
- assume_role_prod
only:
- srce-prod