Update .gitlab-ci.yml file
This commit is contained in:
@@ -1,31 +1,61 @@
|
|||||||
# You can override the included template(s) by including variable overrides
|
stages: [install, build, deploy]
|
||||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
|
||||||
# Secret Detection customization: https://docs.gitlab.com/user/application_security/secret_detection/pipeline/configure
|
|
||||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
|
||||||
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
|
|
||||||
# Note that environment variables can be set in several places
|
|
||||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
|
||||||
stages:
|
|
||||||
- build
|
|
||||||
- test
|
|
||||||
- deploy
|
|
||||||
- review
|
|
||||||
- dast
|
|
||||||
- staging
|
|
||||||
- canary
|
|
||||||
- production
|
|
||||||
- incremental rollout 10%
|
|
||||||
- incremental rollout 25%
|
|
||||||
- incremental rollout 50%
|
|
||||||
- incremental rollout 100%
|
|
||||||
- performance
|
|
||||||
- cleanup
|
|
||||||
- secret-detection
|
|
||||||
sast:
|
|
||||||
stage: test
|
|
||||||
include:
|
|
||||||
- template: Auto-DevOps.gitlab-ci.yml
|
|
||||||
variables:
|
variables:
|
||||||
SECRET_DETECTION_ENABLED: 'true'
|
NODE_ENV: production
|
||||||
secret_detection:
|
|
||||||
stage: secret-detection
|
cache:
|
||||||
|
paths:
|
||||||
|
- node_modules/
|
||||||
|
|
||||||
|
install:
|
||||||
|
stage: install
|
||||||
|
image: node:20-alpine
|
||||||
|
script:
|
||||||
|
- corepack enable
|
||||||
|
- pnpm install --frozen-lockfile
|
||||||
|
artifacts:
|
||||||
|
paths:
|
||||||
|
- node_modules/
|
||||||
|
|
||||||
|
build:
|
||||||
|
stage: build
|
||||||
|
image: node:20-alpine
|
||||||
|
script:
|
||||||
|
- pnpm build
|
||||||
|
artifacts:
|
||||||
|
paths:
|
||||||
|
- dist/
|
||||||
|
|
||||||
|
.deploy_template: &deploy
|
||||||
|
stage: deploy
|
||||||
|
image: alpine:3.20
|
||||||
|
before_script:
|
||||||
|
- apk add --no-cache openssh-client rsync
|
||||||
|
- mkdir -p ~/.ssh
|
||||||
|
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519
|
||||||
|
- chmod 600 ~/.ssh/id_ed25519
|
||||||
|
script:
|
||||||
|
- rsync -az --delete dist/ "$DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH"
|
||||||
|
only: []
|
||||||
|
|
||||||
|
deploy:staging:
|
||||||
|
<<: *deploy
|
||||||
|
variables:
|
||||||
|
DEPLOY_PATH: $DEPLOY_PATH_STAGING
|
||||||
|
environment:
|
||||||
|
name: staging
|
||||||
|
url: https://staging.usbcheck.it
|
||||||
|
only:
|
||||||
|
- develop
|
||||||
|
- merge_requests
|
||||||
|
|
||||||
|
deploy:production:
|
||||||
|
<<: *deploy
|
||||||
|
variables:
|
||||||
|
DEPLOY_PATH: $DEPLOY_PATH_PROD
|
||||||
|
environment:
|
||||||
|
name: production
|
||||||
|
url: https://usbcheck.it
|
||||||
|
only:
|
||||||
|
- main
|
||||||
|
when: manual
|
||||||
|
|||||||
Reference in New Issue
Block a user