Update .gitlab-ci.yml file
This commit is contained in:
@@ -1,31 +1,61 @@
|
||||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/user/application_security/secret_detection/pipeline/configure
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
- build
|
||||
- test
|
||||
- deploy
|
||||
- review
|
||||
- dast
|
||||
- staging
|
||||
- canary
|
||||
- production
|
||||
- incremental rollout 10%
|
||||
- incremental rollout 25%
|
||||
- incremental rollout 50%
|
||||
- incremental rollout 100%
|
||||
- performance
|
||||
- cleanup
|
||||
- secret-detection
|
||||
sast:
|
||||
stage: test
|
||||
include:
|
||||
- template: Auto-DevOps.gitlab-ci.yml
|
||||
stages: [install, build, deploy]
|
||||
|
||||
variables:
|
||||
SECRET_DETECTION_ENABLED: 'true'
|
||||
secret_detection:
|
||||
stage: secret-detection
|
||||
NODE_ENV: production
|
||||
|
||||
cache:
|
||||
paths:
|
||||
- node_modules/
|
||||
|
||||
install:
|
||||
stage: install
|
||||
image: node:20-alpine
|
||||
script:
|
||||
- corepack enable
|
||||
- pnpm install --frozen-lockfile
|
||||
artifacts:
|
||||
paths:
|
||||
- node_modules/
|
||||
|
||||
build:
|
||||
stage: build
|
||||
image: node:20-alpine
|
||||
script:
|
||||
- pnpm build
|
||||
artifacts:
|
||||
paths:
|
||||
- dist/
|
||||
|
||||
.deploy_template: &deploy
|
||||
stage: deploy
|
||||
image: alpine:3.20
|
||||
before_script:
|
||||
- apk add --no-cache openssh-client rsync
|
||||
- mkdir -p ~/.ssh
|
||||
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519
|
||||
- chmod 600 ~/.ssh/id_ed25519
|
||||
script:
|
||||
- rsync -az --delete dist/ "$DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH"
|
||||
only: []
|
||||
|
||||
deploy:staging:
|
||||
<<: *deploy
|
||||
variables:
|
||||
DEPLOY_PATH: $DEPLOY_PATH_STAGING
|
||||
environment:
|
||||
name: staging
|
||||
url: https://staging.usbcheck.it
|
||||
only:
|
||||
- develop
|
||||
- merge_requests
|
||||
|
||||
deploy:production:
|
||||
<<: *deploy
|
||||
variables:
|
||||
DEPLOY_PATH: $DEPLOY_PATH_PROD
|
||||
environment:
|
||||
name: production
|
||||
url: https://usbcheck.it
|
||||
only:
|
||||
- main
|
||||
when: manual
|
||||
|
||||
Reference in New Issue
Block a user