-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
156 lines (143 loc) · 2.74 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
image: node:14
stages:
- Prepare
- Lint
- Test
- Merge coverage
- Build
- Security
- Deploy
cache: &global_cache
key:
files:
- package-lock.json
paths:
- node_modules
policy: pull
prepare:
stage: Prepare
cache:
# inherit global_cache properties, override policy
<<: *global_cache
policy: pull-push
before_script:
- node --version
- npm --version
script:
- npm install
dependencies: []
lint:
except:
- schedules
stage: Lint
before_script:
- npm install
script:
- npm run lint:ci
- npm run format:ci
dependencies: []
test_unit:
except:
- schedules
stage: Test
script:
- COV_OUTPUT=false npm run test:unit:cov
artifacts:
paths:
- cov-unit/
expire_in: 1 day
dependencies: []
test_e2e:
except:
- schedules
variables:
POSTGRES_DB: "$PG_DATABASE"
POSTGRES_USER: "$PG_USER"
POSTGRES_PASSWORD: "$PG_PASSWORD"
services:
- name: postgres:13.1-alpine
stage: Test
before_script:
- npm run migrate
script:
- COV_OUTPUT=false npm run test:e2e:cov
artifacts:
paths:
- cov-e2e/
expire_in: 1 day
dependencies: []
merge_coverage:
except:
- schedules
stage: Merge coverage
script:
- npm run merge-coverage
artifacts:
reports:
cobertura: cov/cobertura-coverage.xml
dependencies:
- test_unit
- test_e2e
build:
except:
- schedules
stage: Build
script:
- npm run build
artifacts:
paths:
- dist/
dependencies: []
audit:
except:
- schedules
stage: Security
script:
- npm audit
dependencies: []
lockfile_lint:
except:
- schedules
stage: Security
script:
- npm run lockfile-lint
dependencies: []
snyk_test:
only:
refs:
- schedules
variables:
- $IS_WEEKLY_RUN != "true"
stage: Security
before_script:
- npm run snyk:auth "$SNYK_TOKEN"
script:
- npm run snyk:test
snyk_monitor:
only:
refs:
- schedules
variables:
- $IS_WEEKLY_RUN == "true"
stage: Security
before_script:
- npm run snyk:auth "$SNYK_TOKEN"
script:
- npm run snyk:monitor
deploy:
only:
- tags
stage: Deploy
before_script:
- 'which ssh-agent || (apt-get update -y && apt-get install openssh-client -y)'
- eval $(ssh-agent -s)
- ssh-add <(echo "$SERVER_SSH_PRIVATE_KEY_ENCODED" | base64 --decode)
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- ssh-keyscan "$SERVER_URL" >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
- scp -r dist package.json package-lock.json "$SERVER_USER"@"$SERVER_URL":/home/$SERVER_USER/air-monitoring-backend
- ssh "$SERVER_USER"@"$SERVER_URL" "/home/$SERVER_USER/air-monitoring-backend/redeploy.sh"
dependencies:
- build