This repository has been archived by the owner on Oct 3, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 73
/
.cirrus.yml
141 lines (131 loc) · 4.22 KB
/
.cirrus.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
env:
CIRRUS_VAULT_URL: https://vault.sonar.build:8200
CIRRUS_VAULT_AUTH_PATH: jwt-cirrusci
CIRRUS_VAULT_ROLE: cirrusci-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}
SONAR_TOKEN: VAULT[development/kv/data/sonarcloud data.token]
ARTIFACTORY_URL: https://repox.jfrog.io/
ARTIFACTORY_DEPLOY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token]
ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token]
# Use bash (instead of sh on linux or cmd.exe on windows)
CIRRUS_SHELL: bash
only_sonarsource_qa: &ONLY_SONARSOURCE_QA
only_if: $CIRRUS_USER_COLLABORATOR == 'true' && $CIRRUS_TAG == "" && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "dogfood-on-.*")
container_definition: &CONTAINER_DEFINITION
dockerfile: .cirrus/nodejs.Dockerfile
cluster_name: ${CIRRUS_CLUSTER_NAME}
builder_role: cirrus-builder
builder_image: docker-builder-v*
builder_instance_type: t3.small
builder_subnet_id: ${CIRRUS_AWS_SUBNET}
region: eu-central-1
namespace: default
use_in_memory_disk: true
build_body: &BUILD_BODY
<<: *ONLY_SONARSOURCE_QA
eks_container:
<<: *CONTAINER_DEFINITION
docker_arguments:
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
cpu: 1
memory: 8G
env:
SONARSOURCE_QA: true
node_version_script:
- node --version
script:
- if [ -n "${CIRRUS_BASE_BRANCH}" ]; then git fetch origin "${CIRRUS_BASE_BRANCH}"; fi
- jfrog config add repox --url $ARTIFACTORY_URL --access-token $ARTIFACTORY_DEPLOY_ACCESS_TOKEN
- jfrog rt npm-config --repo-resolve npm --repo-deploy sonarsource-npm-public-qa
- jfrog rt npm-ci
- npm run check-format
- npm run build
build_task:
<<: *BUILD_BODY
test_and_analyze_task:
depends_on:
- build
<<: *BUILD_BODY
test_script:
- ./scripts/test-ci.sh
publish_task:
depends_on:
- build
<<: *BUILD_BODY
publish_script:
- ./scripts/publish.sh
qa_eslint8_task:
depends_on:
- build
eks_container:
matrix:
- docker_arguments:
NODE_VERSION: 16
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
- docker_arguments:
NODE_VERSION: 18
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
- docker_arguments:
NODE_VERSION: 20
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
<<: *CONTAINER_DEFINITION
cpu: 3
memory: 8G
env:
SONARSOURCE_QA: true
node_version_script:
- node --version
script:
- jfrog config add repox --url $ARTIFACTORY_URL --access-token $ARTIFACTORY_DEPLOY_ACCESS_TOKEN
- jfrog rt npm-config --repo-resolve npm --repo-deploy sonarsource-npm-public-qa
- git submodule update --init --depth 1 -r
- jfrog rt npm-ci
- npm install eslint-ruling@npm:[email protected]
- npm run build
- npm run ruling
qa_eslint9_task:
depends_on:
- build
eks_container:
matrix:
- docker_arguments:
NODE_VERSION: 18
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
- docker_arguments:
NODE_VERSION: 20
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
<<: *CONTAINER_DEFINITION
cpu: 3
memory: 8G
env:
SONARSOURCE_QA: true
node_version_script:
- node --version
script:
- jfrog config add repox --url $ARTIFACTORY_URL --access-token $ARTIFACTORY_DEPLOY_ACCESS_TOKEN
- jfrog rt npm-config --repo-resolve npm --repo-deploy sonarsource-npm-public-qa
- git submodule update --init --depth 1 -r
- jfrog rt npm-ci
- npm install eslint-ruling@npm:[email protected]
- npm run build
- npm run ruling
ws_scan_task:
depends_on:
- build
eks_container:
<<: *CONTAINER_DEFINITION
docker_arguments:
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
cpu: 2
memory: 2G
# run only on master and long-term branches
only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*")
env:
WS_APIKEY: VAULT[development/kv/data/mend data.apikey]
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
whitesource_script:
- ./scripts/run_ws_scan.sh
allow_failures: 'true'
always:
ws_artifacts:
path: 'whitesource/**/*'