forked from veteransaffairscanada/vac-benefits-directory
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfig.yml
189 lines (174 loc) · 9.21 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
version: 2
jobs:
build_and_test:
docker:
- image: cypress/base:10
working_directory: ~/repo
steps:
# checkout branch
- checkout
# Download and cache dependencies
- restore_cache:
keys:
- v3-dependencies-{{ checksum "package.json" }}
# fallback to using the latest cache if no exact match is found
- v3-dependencies-
# install app
- run: yarn install
- save_cache:
paths:
- node_modules
- ~/.cache
- /home/circleci/.cache
key: v3-dependencies-{{ checksum "package.json" }}
# run tests!
- run:
name: "Jest tests"
command: yarn test -w2
- run:
name: "Linting"
command: yarn lint
- run:
name: "Cypress"
command: yarn cypress:ci
- run:
name: "Report failing master"
command: ~/repo/.circleci/notify_failure.sh
when: on_fail
deploy_dev:
docker:
- image: docker:17.12.1-ce-git
steps:
- checkout
- setup_remote_docker
# Build the image
- run:
command: |
docker build -t "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}" -t "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:latest" --build-arg CIRCLE_SHA1="${CIRCLE_SHA1}" --build-arg SENTRY_DSN="${SENTRY_DSN}" --build-arg GA_UA="${GA_UA}" --build-arg GA_UA_CDS="${GA_UA_CDS}" --build-arg CIRCLE_PROJECT_REPONAME="${CIRCLE_PROJECT_REPONAME}" --build-arg CIRCLE_BRANCH="${CIRCLE_BRANCH}" --build-arg CIRCLE_REPOSITORY_URL="${CIRCLE_REPOSITORY_URL}" --build-arg WEBHOOK_URL="${WEBHOOK_URL}" --build-arg AIRTABLE_READ_KEY="${AIRTABLE_READ_KEY}" .
name: "Build Image"
# Scan the image
- run:
command: |
docker run -p 5432:5432 -d --name db arminc/clair-db:latest
docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1
docker run -v /var/run/docker.sock:/var/run/docker.sock -d --name clair-scanner veteransaffairscanada/clair-scanner:latest tail -f /dev/null
clair_ip=`docker exec -it clair hostname -i | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'`
scanner_ip=`docker exec -it clair-scanner hostname -i | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'`
docker exec -it clair-scanner clair-scanner --ip ${scanner_ip} --clair=http://${clair_ip}:6060 -t High "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}"
name: "Scan image"
# Deploy the image if passes the scan
- run:
command: |
docker login -u "$DOCKER_USERNAME" -p "$DOCKER_PASSWORD"
docker push "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}"
docker push "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:latest"
name: "Push Docker Image"
- run:
command: apt-get install curl && ~/repo/.circleci/notify_failure.sh
name: "Report failing Development"
when: on_fail
working_directory: ~/repo
deploy_ua:
docker:
- image: docker:17.12.1-ce-git
steps:
- checkout
- setup_remote_docker
# Build the image
- run:
command: |
docker build -t "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}" -t "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:develop" --build-arg CIRCLE_SHA1="${CIRCLE_SHA1}" --build-arg SENTRY_DSN="${SENTRY_DSN}" --build-arg GA_UA="${GA_UA}" --build-arg GA_UA_CDS="${GA_UA_CDS}" --build-arg CIRCLE_PROJECT_REPONAME="${CIRCLE_PROJECT_REPONAME}" --build-arg CIRCLE_BRANCH="${CIRCLE_BRANCH}" --build-arg CIRCLE_REPOSITORY_URL="${CIRCLE_REPOSITORY_URL}" --build-arg WEBHOOK_URL="${WEBHOOK_URL}" --build-arg AIRTABLE_READ_KEY="${AIRTABLE_READ_KEY}" .
name: "Build Image"
# Scan the image
- run:
command: |
docker run -p 5432:5432 -d --name db arminc/clair-db:latest
docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1
docker run -v /var/run/docker.sock:/var/run/docker.sock -d --name clair-scanner veteransaffairscanada/clair-scanner:latest tail -f /dev/null
clair_ip=`docker exec -it clair hostname -i | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'`
scanner_ip=`docker exec -it clair-scanner hostname -i | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'`
docker exec -it clair-scanner clair-scanner --ip ${scanner_ip} --clair=http://${clair_ip}:6060 -t High "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}"
name: "Scan image"
# Deploy the image if passes the scan
- run:
name: "What branch am I on?"
command: echo ${CIRCLE_BRANCH}
- run:
command: |
if [ "${CIRCLE_BRANCH}" == "develop" ]; then
docker login -u "$DOCKER_USERNAME" -p "$DOCKER_PASSWORD"
docker push "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}"
docker push "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:develop"
fi
name: "Push Docker Image"
- run:
command: apt-get install curl && ~/repo/.circleci/notify_failure.sh
name: "Report failing UA branch"
when: on_fail
working_directory: ~/repo
release:
docker:
- image: docker:17.12.1-ce-git
steps:
- checkout:
path: ~/repo
- setup_remote_docker
# get version
#- run:
# name: "What is next release semvar version"
# command: echo export TAG=$(~/repo/.circleci/get-semvar.sh) >> $BASH_ENV
#- run:
# name: "Next version increment"
# command: echo ${TAG}
# Build the image
- run:
command: |
docker build -t "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}" -t "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:v1.0.0" --build-arg CIRCLE_SHA1="${CIRCLE_SHA1}" --build-arg SENTRY_DSN="${SENTRY_DSN}" --build-arg GA_UA="${GA_UA}" --build-arg GA_UA_CDS="${GA_UA_CDS}" --build-arg CIRCLE_PROJECT_REPONAME="${CIRCLE_PROJECT_REPONAME}" --build-arg CIRCLE_BRANCH="${CIRCLE_BRANCH}" --build-arg CIRCLE_REPOSITORY_URL="${CIRCLE_REPOSITORY_URL}" --build-arg WEBHOOK_URL="${WEBHOOK_URL}" --build-arg AIRTABLE_READ_KEY="${AIRTABLE_READ_KEY}" .
name: "Build Image"
# Scan the image
- run:
command: |
docker run -p 5432:5432 -d --name db arminc/clair-db:latest
docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1
docker run -v /var/run/docker.sock:/var/run/docker.sock -d --name clair-scanner veteransaffairscanada/clair-scanner:latest tail -f /dev/null
clair_ip=`docker exec -it clair hostname -i | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'`
scanner_ip=`docker exec -it clair-scanner hostname -i | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'`
docker exec -it clair-scanner clair-scanner --ip ${scanner_ip} --clair=http://${clair_ip}:6060 -t High "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}"
name: "Scan image"
# Deploy the image if passes the scan
- run:
command: |
if [ "${CIRCLE_BRANCH}" == "master" ]; then
docker login -u "$DOCKER_USERNAME" -p "$DOCKER_PASSWORD"
docker push "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_SHA1}"
docker push "${DOCKER_REGISTRY}/${NAMESPACE}/${CIRCLE_PROJECT_REPONAME}:v1.0.0"
fi
name: "Push Docker Image"
#- run: npx semantic-release
- run:
command: apt-get install curl && ~/repo/.circleci/notify_failure.sh
name: "Report failing Master"
when: on_fail
working_directory: ~/repo
workflows:
version: 2
build_test_deploy_release:
jobs:
- build_and_test
- deploy_dev:
requires:
- build_and_test
- deploy_ua:
requires:
- build_and_test
filters:
branches:
only: develop
- release:
requires:
- build_and_test
filters:
branches:
only: master
tags:
only: /(?<=^[Vv]|^)(?:(?<major>(?:0|[1-9](?:(?:0|[1-9])+)*))[.](?<minor>(?:0|[1-9](?:(?:0|[1-9])+)*))[.](?<patch>(?:0|[1-9](?:(?:0|[1-9])+)*))(?:-(?<prerelease>(?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:0|[1-9](?:(?:0|[1-9])+)*))(?:[.](?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:0|[1-9](?:(?:0|[1-9])+)*)))*))?(?:[+](?<build>(?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:(?:0|[1-9])+))(?:[.](?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:(?:0|[1-9])+)))*))?)$/