@catladder/pipeline 3.40.0 โ 3.41.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/build/base/index.js +2 -4
- package/dist/build/rails/build.js +1 -1
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/deploy/base/deploy.js +1 -6
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunStopScripts.js +2 -3
- package/dist/deploy/custom/deployJob.js +2 -3
- package/dist/deploy/kubernetes/deployJob.js +2 -3
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/examples/__snapshots__/automatic-releases.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-execute-script-on-deploy.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check-defaults.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check-only-startup.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-n8n.test.ts.snap +940 -0
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-session-affinity.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-agents.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-gpu.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-sql-legacy-jobs.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-sql-multiple-dbs.test.ts.snap +0 -336
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +0 -224
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-build-job.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-deploy.test.ts.snap +0 -106
- package/examples/__snapshots__/custom-docker-file.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-envs.test.ts.snap +0 -132
- package/examples/__snapshots__/custom-verify-job.test.ts.snap +0 -112
- package/examples/__snapshots__/git-submodule.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +0 -224
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +0 -112
- package/examples/__snapshots__/local-dot-env.test.ts.snap +0 -112
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +0 -112
- package/examples/__snapshots__/modify-generated-files.test.ts.snap +0 -88
- package/examples/__snapshots__/modify-generated-yaml.test.ts.snap +0 -88
- package/examples/__snapshots__/multiline-var.test.ts.snap +0 -336
- package/examples/__snapshots__/native-app.test.ts.snap +0 -216
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +0 -112
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +0 -112
- package/examples/__snapshots__/override-secrets.test.ts.snap +0 -112
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +0 -112
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +4 -112
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +0 -336
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +0 -208
- package/examples/__snapshots__/workspace-api-www-turbo-cache.test.ts.snap +0 -224
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +0 -224
- package/examples/{custom-sbom-java.test.ts โ cloud-run-n8n.test.ts} +2 -2
- package/examples/cloud-run-n8n.ts +62 -0
- package/package.json +1 -1
- package/src/build/base/index.ts +0 -4
- package/src/build/rails/build.ts +1 -0
- package/src/build/types.ts +0 -13
- package/src/deploy/base/deploy.ts +0 -5
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +0 -2
- package/src/deploy/cloudRun/createJobs/getCloudRunStopScripts.ts +0 -2
- package/src/deploy/custom/deployJob.ts +2 -9
- package/src/deploy/kubernetes/deployJob.ts +3 -10
- package/dist/build/sbom.d.ts +0 -5
- package/dist/build/sbom.js +0 -35
- package/dist/deploy/sbom.d.ts +0 -4
- package/dist/deploy/sbom.js +0 -21
- package/examples/custom-sbom-java.ts +0 -38
- package/src/build/sbom.ts +0 -53
- package/src/deploy/sbom.ts +0 -34
|
@@ -353,28 +353,6 @@ before_script:
|
|
|
353
353
|
- 'www ๐จ app | dev '
|
|
354
354
|
retry: *a1
|
|
355
355
|
interruptible: true
|
|
356
|
-
'www ๐งพ sbom | dev ':
|
|
357
|
-
stage: build
|
|
358
|
-
image:
|
|
359
|
-
name: aquasec/trivy:0.58.2
|
|
360
|
-
entrypoint:
|
|
361
|
-
- ''
|
|
362
|
-
variables: {}
|
|
363
|
-
script:
|
|
364
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
365
|
-
- collapseable_section_end "injectvars"
|
|
366
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
367
|
-
artifacts:
|
|
368
|
-
paths:
|
|
369
|
-
- __sbom.json
|
|
370
|
-
rules:
|
|
371
|
-
- when: never
|
|
372
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
373
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
374
|
-
needs: []
|
|
375
|
-
retry: *a1
|
|
376
|
-
interruptible: true
|
|
377
|
-
allow_failure: true
|
|
378
356
|
'www ๐ Deploy | dev ':
|
|
379
357
|
stage: deploy dev
|
|
380
358
|
image: path/to/docker/gcloud:the-version
|
|
@@ -454,8 +432,6 @@ before_script:
|
|
|
454
432
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
455
433
|
- set -e
|
|
456
434
|
- collapseable_section_end "cleanup"
|
|
457
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
458
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
459
435
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
460
436
|
environment:
|
|
461
437
|
name: dev/www
|
|
@@ -479,8 +455,6 @@ before_script:
|
|
|
479
455
|
artifacts: false
|
|
480
456
|
- job: 'www ๐งช test | dev '
|
|
481
457
|
artifacts: false
|
|
482
|
-
- job: 'www ๐งพ sbom | dev '
|
|
483
|
-
artifacts: true
|
|
484
458
|
- job: 'www ๐ก audit | dev '
|
|
485
459
|
artifacts: false
|
|
486
460
|
retry: *a1
|
|
@@ -503,8 +477,6 @@ before_script:
|
|
|
503
477
|
- gcloud run services delete pan-test-app-dev-www --project=google-project-id --region=europe-west6
|
|
504
478
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www --quiet --delete-tags
|
|
505
479
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
506
|
-
- echo 'Disabling component in Dependency Track'
|
|
507
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
508
480
|
- set -e
|
|
509
481
|
environment:
|
|
510
482
|
name: dev/www
|
|
@@ -781,28 +753,6 @@ before_script:
|
|
|
781
753
|
- 'www ๐จ app | review '
|
|
782
754
|
retry: *a1
|
|
783
755
|
interruptible: true
|
|
784
|
-
'www ๐งพ sbom | review ':
|
|
785
|
-
stage: build
|
|
786
|
-
image:
|
|
787
|
-
name: aquasec/trivy:0.58.2
|
|
788
|
-
entrypoint:
|
|
789
|
-
- ''
|
|
790
|
-
variables: {}
|
|
791
|
-
script:
|
|
792
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
793
|
-
- collapseable_section_end "injectvars"
|
|
794
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
795
|
-
artifacts:
|
|
796
|
-
paths:
|
|
797
|
-
- __sbom.json
|
|
798
|
-
rules:
|
|
799
|
-
- when: never
|
|
800
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
801
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
802
|
-
needs: []
|
|
803
|
-
retry: *a1
|
|
804
|
-
interruptible: true
|
|
805
|
-
allow_failure: true
|
|
806
756
|
'www ๐ Deploy | review ':
|
|
807
757
|
stage: deploy review
|
|
808
758
|
image: path/to/docker/gcloud:the-version
|
|
@@ -885,8 +835,6 @@ before_script:
|
|
|
885
835
|
- set -e
|
|
886
836
|
- set -e
|
|
887
837
|
- collapseable_section_end "cleanup"
|
|
888
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
889
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
890
838
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
891
839
|
environment:
|
|
892
840
|
name: review/$CI_COMMIT_REF_NAME/www
|
|
@@ -910,8 +858,6 @@ before_script:
|
|
|
910
858
|
artifacts: false
|
|
911
859
|
- job: 'www ๐งช test | review '
|
|
912
860
|
artifacts: false
|
|
913
|
-
- job: 'www ๐งพ sbom | review '
|
|
914
|
-
artifacts: true
|
|
915
861
|
- job: 'www ๐ก audit | review '
|
|
916
862
|
artifacts: false
|
|
917
863
|
retry: *a1
|
|
@@ -937,8 +883,6 @@ before_script:
|
|
|
937
883
|
- set +e
|
|
938
884
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www --quiet --delete-tags
|
|
939
885
|
- set -e
|
|
940
|
-
- echo 'Disabling component in Dependency Track'
|
|
941
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
942
886
|
- set -e
|
|
943
887
|
environment:
|
|
944
888
|
name: review/$CI_COMMIT_REF_NAME/www
|
|
@@ -1098,28 +1042,6 @@ before_script:
|
|
|
1098
1042
|
- 'www ๐จ app | stage '
|
|
1099
1043
|
retry: *a1
|
|
1100
1044
|
interruptible: true
|
|
1101
|
-
'www ๐งพ sbom | stage ':
|
|
1102
|
-
stage: build
|
|
1103
|
-
image:
|
|
1104
|
-
name: aquasec/trivy:0.58.2
|
|
1105
|
-
entrypoint:
|
|
1106
|
-
- ''
|
|
1107
|
-
variables: {}
|
|
1108
|
-
script:
|
|
1109
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1110
|
-
- collapseable_section_end "injectvars"
|
|
1111
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1112
|
-
artifacts:
|
|
1113
|
-
paths:
|
|
1114
|
-
- __sbom.json
|
|
1115
|
-
rules:
|
|
1116
|
-
- when: never
|
|
1117
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1118
|
-
- if: $CI_COMMIT_TAG
|
|
1119
|
-
needs: []
|
|
1120
|
-
retry: *a1
|
|
1121
|
-
interruptible: true
|
|
1122
|
-
allow_failure: true
|
|
1123
1045
|
'www ๐ Deploy | stage ':
|
|
1124
1046
|
stage: deploy stage
|
|
1125
1047
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1199,8 +1121,6 @@ before_script:
|
|
|
1199
1121
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1200
1122
|
- set -e
|
|
1201
1123
|
- collapseable_section_end "cleanup"
|
|
1202
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1203
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1204
1124
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1205
1125
|
environment:
|
|
1206
1126
|
name: stage/www
|
|
@@ -1219,8 +1139,6 @@ before_script:
|
|
|
1219
1139
|
artifacts: false
|
|
1220
1140
|
- job: 'www ๐จ docker | stage '
|
|
1221
1141
|
artifacts: false
|
|
1222
|
-
- job: 'www ๐งพ sbom | stage '
|
|
1223
|
-
artifacts: true
|
|
1224
1142
|
retry: *a1
|
|
1225
1143
|
interruptible: true
|
|
1226
1144
|
allow_failure: false
|
|
@@ -1241,8 +1159,6 @@ before_script:
|
|
|
1241
1159
|
- gcloud run services delete pan-test-app-stage-www --project=google-project-id --region=europe-west6
|
|
1242
1160
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www --quiet --delete-tags
|
|
1243
1161
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1244
|
-
- echo 'Disabling component in Dependency Track'
|
|
1245
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
1246
1162
|
- set -e
|
|
1247
1163
|
environment:
|
|
1248
1164
|
name: stage/www
|
|
@@ -1402,28 +1318,6 @@ before_script:
|
|
|
1402
1318
|
- 'www ๐จ app | prod '
|
|
1403
1319
|
retry: *a1
|
|
1404
1320
|
interruptible: true
|
|
1405
|
-
'www ๐งพ sbom | prod ':
|
|
1406
|
-
stage: build
|
|
1407
|
-
image:
|
|
1408
|
-
name: aquasec/trivy:0.58.2
|
|
1409
|
-
entrypoint:
|
|
1410
|
-
- ''
|
|
1411
|
-
variables: {}
|
|
1412
|
-
script:
|
|
1413
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1414
|
-
- collapseable_section_end "injectvars"
|
|
1415
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1416
|
-
artifacts:
|
|
1417
|
-
paths:
|
|
1418
|
-
- __sbom.json
|
|
1419
|
-
rules:
|
|
1420
|
-
- when: never
|
|
1421
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1422
|
-
- if: $CI_COMMIT_TAG
|
|
1423
|
-
needs: []
|
|
1424
|
-
retry: *a1
|
|
1425
|
-
interruptible: true
|
|
1426
|
-
allow_failure: true
|
|
1427
1321
|
'www ๐ Deploy | prod ':
|
|
1428
1322
|
stage: deploy prod
|
|
1429
1323
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1503,8 +1397,6 @@ before_script:
|
|
|
1503
1397
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1504
1398
|
- set -e
|
|
1505
1399
|
- collapseable_section_end "cleanup"
|
|
1506
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1507
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1508
1400
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1509
1401
|
environment:
|
|
1510
1402
|
name: prod/www
|
|
@@ -1523,8 +1415,6 @@ before_script:
|
|
|
1523
1415
|
artifacts: false
|
|
1524
1416
|
- job: 'www ๐จ docker | prod '
|
|
1525
1417
|
artifacts: false
|
|
1526
|
-
- job: 'www ๐งพ sbom | prod '
|
|
1527
|
-
artifacts: true
|
|
1528
1418
|
retry: *a1
|
|
1529
1419
|
interruptible: true
|
|
1530
1420
|
allow_failure: true
|
|
@@ -1545,8 +1435,6 @@ before_script:
|
|
|
1545
1435
|
- gcloud run services delete pan-test-app-prod-www --project=google-project-id --region=europe-west6
|
|
1546
1436
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www --quiet --delete-tags
|
|
1547
1437
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1548
|
-
- echo 'Disabling component in Dependency Track'
|
|
1549
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
1550
1438
|
- set -e
|
|
1551
1439
|
environment:
|
|
1552
1440
|
name: prod/www
|
|
@@ -353,28 +353,6 @@ before_script:
|
|
|
353
353
|
- 'app ๐จ app | dev '
|
|
354
354
|
retry: *a1
|
|
355
355
|
interruptible: true
|
|
356
|
-
'app ๐งพ sbom | dev ':
|
|
357
|
-
stage: build
|
|
358
|
-
image:
|
|
359
|
-
name: aquasec/trivy:0.58.2
|
|
360
|
-
entrypoint:
|
|
361
|
-
- ''
|
|
362
|
-
variables: {}
|
|
363
|
-
script:
|
|
364
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
365
|
-
- collapseable_section_end "injectvars"
|
|
366
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
367
|
-
artifacts:
|
|
368
|
-
paths:
|
|
369
|
-
- __sbom.json
|
|
370
|
-
rules:
|
|
371
|
-
- when: never
|
|
372
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
373
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
374
|
-
needs: []
|
|
375
|
-
retry: *a1
|
|
376
|
-
interruptible: true
|
|
377
|
-
allow_failure: true
|
|
378
356
|
'app ๐ Deploy | dev ':
|
|
379
357
|
stage: deploy dev
|
|
380
358
|
image: path/to/docker/gcloud:the-version
|
|
@@ -456,8 +434,6 @@ before_script:
|
|
|
456
434
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
457
435
|
- set -e
|
|
458
436
|
- collapseable_section_end "cleanup"
|
|
459
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
460
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
461
437
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
462
438
|
environment:
|
|
463
439
|
name: dev/app
|
|
@@ -481,8 +457,6 @@ before_script:
|
|
|
481
457
|
artifacts: false
|
|
482
458
|
- job: 'app ๐งช test | dev '
|
|
483
459
|
artifacts: false
|
|
484
|
-
- job: 'app ๐งพ sbom | dev '
|
|
485
|
-
artifacts: true
|
|
486
460
|
- job: 'app ๐ก audit | dev '
|
|
487
461
|
artifacts: false
|
|
488
462
|
retry: *a1
|
|
@@ -507,8 +481,6 @@ before_script:
|
|
|
507
481
|
- echo 'stopped'
|
|
508
482
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/app --quiet --delete-tags
|
|
509
483
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
510
|
-
- echo 'Disabling component in Dependency Track'
|
|
511
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/app" "$CI_ENVIRONMENT_URL" || true
|
|
512
484
|
- set -e
|
|
513
485
|
environment:
|
|
514
486
|
name: dev/app
|
|
@@ -785,28 +757,6 @@ before_script:
|
|
|
785
757
|
- 'app ๐จ app | review '
|
|
786
758
|
retry: *a1
|
|
787
759
|
interruptible: true
|
|
788
|
-
'app ๐งพ sbom | review ':
|
|
789
|
-
stage: build
|
|
790
|
-
image:
|
|
791
|
-
name: aquasec/trivy:0.58.2
|
|
792
|
-
entrypoint:
|
|
793
|
-
- ''
|
|
794
|
-
variables: {}
|
|
795
|
-
script:
|
|
796
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
797
|
-
- collapseable_section_end "injectvars"
|
|
798
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
799
|
-
artifacts:
|
|
800
|
-
paths:
|
|
801
|
-
- __sbom.json
|
|
802
|
-
rules:
|
|
803
|
-
- when: never
|
|
804
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
805
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
806
|
-
needs: []
|
|
807
|
-
retry: *a1
|
|
808
|
-
interruptible: true
|
|
809
|
-
allow_failure: true
|
|
810
760
|
'app ๐ Deploy | review ':
|
|
811
761
|
stage: deploy review
|
|
812
762
|
image: path/to/docker/gcloud:the-version
|
|
@@ -891,8 +841,6 @@ before_script:
|
|
|
891
841
|
- set -e
|
|
892
842
|
- set -e
|
|
893
843
|
- collapseable_section_end "cleanup"
|
|
894
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
895
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
896
844
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
897
845
|
environment:
|
|
898
846
|
name: review/$CI_COMMIT_REF_NAME/app
|
|
@@ -916,8 +864,6 @@ before_script:
|
|
|
916
864
|
artifacts: false
|
|
917
865
|
- job: 'app ๐งช test | review '
|
|
918
866
|
artifacts: false
|
|
919
|
-
- job: 'app ๐งพ sbom | review '
|
|
920
|
-
artifacts: true
|
|
921
867
|
- job: 'app ๐ก audit | review '
|
|
922
868
|
artifacts: false
|
|
923
869
|
retry: *a1
|
|
@@ -945,8 +891,6 @@ before_script:
|
|
|
945
891
|
- set +e
|
|
946
892
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/app --quiet --delete-tags
|
|
947
893
|
- set -e
|
|
948
|
-
- echo 'Disabling component in Dependency Track'
|
|
949
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/app" "$CI_ENVIRONMENT_URL" || true
|
|
950
894
|
- set -e
|
|
951
895
|
environment:
|
|
952
896
|
name: review/$CI_COMMIT_REF_NAME/app
|
|
@@ -1106,28 +1050,6 @@ before_script:
|
|
|
1106
1050
|
- 'app ๐จ app | stage '
|
|
1107
1051
|
retry: *a1
|
|
1108
1052
|
interruptible: true
|
|
1109
|
-
'app ๐งพ sbom | stage ':
|
|
1110
|
-
stage: build
|
|
1111
|
-
image:
|
|
1112
|
-
name: aquasec/trivy:0.58.2
|
|
1113
|
-
entrypoint:
|
|
1114
|
-
- ''
|
|
1115
|
-
variables: {}
|
|
1116
|
-
script:
|
|
1117
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1118
|
-
- collapseable_section_end "injectvars"
|
|
1119
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
1120
|
-
artifacts:
|
|
1121
|
-
paths:
|
|
1122
|
-
- __sbom.json
|
|
1123
|
-
rules:
|
|
1124
|
-
- when: never
|
|
1125
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1126
|
-
- if: $CI_COMMIT_TAG
|
|
1127
|
-
needs: []
|
|
1128
|
-
retry: *a1
|
|
1129
|
-
interruptible: true
|
|
1130
|
-
allow_failure: true
|
|
1131
1053
|
'app ๐ Deploy | stage ':
|
|
1132
1054
|
stage: deploy stage
|
|
1133
1055
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1209,8 +1131,6 @@ before_script:
|
|
|
1209
1131
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
1210
1132
|
- set -e
|
|
1211
1133
|
- collapseable_section_end "cleanup"
|
|
1212
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1213
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1214
1134
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1215
1135
|
environment:
|
|
1216
1136
|
name: stage/app
|
|
@@ -1229,8 +1149,6 @@ before_script:
|
|
|
1229
1149
|
artifacts: false
|
|
1230
1150
|
- job: 'app ๐จ docker | stage '
|
|
1231
1151
|
artifacts: false
|
|
1232
|
-
- job: 'app ๐งพ sbom | stage '
|
|
1233
|
-
artifacts: true
|
|
1234
1152
|
retry: *a1
|
|
1235
1153
|
interruptible: true
|
|
1236
1154
|
allow_failure: false
|
|
@@ -1253,8 +1171,6 @@ before_script:
|
|
|
1253
1171
|
- echo 'stopped'
|
|
1254
1172
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/app --quiet --delete-tags
|
|
1255
1173
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
1256
|
-
- echo 'Disabling component in Dependency Track'
|
|
1257
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/app" "$CI_ENVIRONMENT_URL" || true
|
|
1258
1174
|
- set -e
|
|
1259
1175
|
environment:
|
|
1260
1176
|
name: stage/app
|
|
@@ -1414,28 +1330,6 @@ before_script:
|
|
|
1414
1330
|
- 'app ๐จ app | prod '
|
|
1415
1331
|
retry: *a1
|
|
1416
1332
|
interruptible: true
|
|
1417
|
-
'app ๐งพ sbom | prod ':
|
|
1418
|
-
stage: build
|
|
1419
|
-
image:
|
|
1420
|
-
name: aquasec/trivy:0.58.2
|
|
1421
|
-
entrypoint:
|
|
1422
|
-
- ''
|
|
1423
|
-
variables: {}
|
|
1424
|
-
script:
|
|
1425
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1426
|
-
- collapseable_section_end "injectvars"
|
|
1427
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
1428
|
-
artifacts:
|
|
1429
|
-
paths:
|
|
1430
|
-
- __sbom.json
|
|
1431
|
-
rules:
|
|
1432
|
-
- when: never
|
|
1433
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1434
|
-
- if: $CI_COMMIT_TAG
|
|
1435
|
-
needs: []
|
|
1436
|
-
retry: *a1
|
|
1437
|
-
interruptible: true
|
|
1438
|
-
allow_failure: true
|
|
1439
1333
|
'app ๐ Deploy | prod ':
|
|
1440
1334
|
stage: deploy prod
|
|
1441
1335
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1517,8 +1411,6 @@ before_script:
|
|
|
1517
1411
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
1518
1412
|
- set -e
|
|
1519
1413
|
- collapseable_section_end "cleanup"
|
|
1520
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1521
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1522
1414
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1523
1415
|
environment:
|
|
1524
1416
|
name: prod/app
|
|
@@ -1537,8 +1429,6 @@ before_script:
|
|
|
1537
1429
|
artifacts: false
|
|
1538
1430
|
- job: 'app ๐จ docker | prod '
|
|
1539
1431
|
artifacts: false
|
|
1540
|
-
- job: 'app ๐งพ sbom | prod '
|
|
1541
|
-
artifacts: true
|
|
1542
1432
|
retry: *a1
|
|
1543
1433
|
interruptible: true
|
|
1544
1434
|
allow_failure: true
|
|
@@ -1561,8 +1451,6 @@ before_script:
|
|
|
1561
1451
|
- echo 'stopped'
|
|
1562
1452
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/app --quiet --delete-tags
|
|
1563
1453
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
1564
|
-
- echo 'Disabling component in Dependency Track'
|
|
1565
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/app" "$CI_ENVIRONMENT_URL" || true
|
|
1566
1454
|
- set -e
|
|
1567
1455
|
environment:
|
|
1568
1456
|
name: prod/app
|
|
@@ -353,28 +353,6 @@ before_script:
|
|
|
353
353
|
- 'www ๐จ app | dev '
|
|
354
354
|
retry: *a1
|
|
355
355
|
interruptible: true
|
|
356
|
-
'www ๐งพ sbom | dev ':
|
|
357
|
-
stage: build
|
|
358
|
-
image:
|
|
359
|
-
name: aquasec/trivy:0.58.2
|
|
360
|
-
entrypoint:
|
|
361
|
-
- ''
|
|
362
|
-
variables: {}
|
|
363
|
-
script:
|
|
364
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
365
|
-
- collapseable_section_end "injectvars"
|
|
366
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
367
|
-
artifacts:
|
|
368
|
-
paths:
|
|
369
|
-
- __sbom.json
|
|
370
|
-
rules:
|
|
371
|
-
- when: never
|
|
372
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
373
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
374
|
-
needs: []
|
|
375
|
-
retry: *a1
|
|
376
|
-
interruptible: true
|
|
377
|
-
allow_failure: true
|
|
378
356
|
'www ๐ Deploy | dev ':
|
|
379
357
|
stage: deploy dev
|
|
380
358
|
image: path/to/docker/gcloud:the-version
|
|
@@ -454,8 +432,6 @@ before_script:
|
|
|
454
432
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
455
433
|
- set -e
|
|
456
434
|
- collapseable_section_end "cleanup"
|
|
457
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
458
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
459
435
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
460
436
|
environment:
|
|
461
437
|
name: dev/www
|
|
@@ -479,8 +455,6 @@ before_script:
|
|
|
479
455
|
artifacts: false
|
|
480
456
|
- job: 'www ๐งช test | dev '
|
|
481
457
|
artifacts: false
|
|
482
|
-
- job: 'www ๐งพ sbom | dev '
|
|
483
|
-
artifacts: true
|
|
484
458
|
- job: 'www ๐ก audit | dev '
|
|
485
459
|
artifacts: false
|
|
486
460
|
retry: *a1
|
|
@@ -503,8 +477,6 @@ before_script:
|
|
|
503
477
|
- gcloud run services delete pan-test-app-dev-www --project=google-project-id --region=europe-west6
|
|
504
478
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www --quiet --delete-tags
|
|
505
479
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
506
|
-
- echo 'Disabling component in Dependency Track'
|
|
507
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
508
480
|
- set -e
|
|
509
481
|
environment:
|
|
510
482
|
name: dev/www
|
|
@@ -781,28 +753,6 @@ before_script:
|
|
|
781
753
|
- 'www ๐จ app | review '
|
|
782
754
|
retry: *a1
|
|
783
755
|
interruptible: true
|
|
784
|
-
'www ๐งพ sbom | review ':
|
|
785
|
-
stage: build
|
|
786
|
-
image:
|
|
787
|
-
name: aquasec/trivy:0.58.2
|
|
788
|
-
entrypoint:
|
|
789
|
-
- ''
|
|
790
|
-
variables: {}
|
|
791
|
-
script:
|
|
792
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
793
|
-
- collapseable_section_end "injectvars"
|
|
794
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
795
|
-
artifacts:
|
|
796
|
-
paths:
|
|
797
|
-
- __sbom.json
|
|
798
|
-
rules:
|
|
799
|
-
- when: never
|
|
800
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
801
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
802
|
-
needs: []
|
|
803
|
-
retry: *a1
|
|
804
|
-
interruptible: true
|
|
805
|
-
allow_failure: true
|
|
806
756
|
'www ๐ Deploy | review ':
|
|
807
757
|
stage: deploy review
|
|
808
758
|
image: path/to/docker/gcloud:the-version
|
|
@@ -885,8 +835,6 @@ before_script:
|
|
|
885
835
|
- set -e
|
|
886
836
|
- set -e
|
|
887
837
|
- collapseable_section_end "cleanup"
|
|
888
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
889
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
890
838
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
891
839
|
environment:
|
|
892
840
|
name: review/$CI_COMMIT_REF_NAME/www
|
|
@@ -910,8 +858,6 @@ before_script:
|
|
|
910
858
|
artifacts: false
|
|
911
859
|
- job: 'www ๐งช test | review '
|
|
912
860
|
artifacts: false
|
|
913
|
-
- job: 'www ๐งพ sbom | review '
|
|
914
|
-
artifacts: true
|
|
915
861
|
- job: 'www ๐ก audit | review '
|
|
916
862
|
artifacts: false
|
|
917
863
|
retry: *a1
|
|
@@ -937,8 +883,6 @@ before_script:
|
|
|
937
883
|
- set +e
|
|
938
884
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www --quiet --delete-tags
|
|
939
885
|
- set -e
|
|
940
|
-
- echo 'Disabling component in Dependency Track'
|
|
941
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
942
886
|
- set -e
|
|
943
887
|
environment:
|
|
944
888
|
name: review/$CI_COMMIT_REF_NAME/www
|
|
@@ -1098,28 +1042,6 @@ before_script:
|
|
|
1098
1042
|
- 'www ๐จ app | stage '
|
|
1099
1043
|
retry: *a1
|
|
1100
1044
|
interruptible: true
|
|
1101
|
-
'www ๐งพ sbom | stage ':
|
|
1102
|
-
stage: build
|
|
1103
|
-
image:
|
|
1104
|
-
name: aquasec/trivy:0.58.2
|
|
1105
|
-
entrypoint:
|
|
1106
|
-
- ''
|
|
1107
|
-
variables: {}
|
|
1108
|
-
script:
|
|
1109
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1110
|
-
- collapseable_section_end "injectvars"
|
|
1111
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1112
|
-
artifacts:
|
|
1113
|
-
paths:
|
|
1114
|
-
- __sbom.json
|
|
1115
|
-
rules:
|
|
1116
|
-
- when: never
|
|
1117
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1118
|
-
- if: $CI_COMMIT_TAG
|
|
1119
|
-
needs: []
|
|
1120
|
-
retry: *a1
|
|
1121
|
-
interruptible: true
|
|
1122
|
-
allow_failure: true
|
|
1123
1045
|
'www ๐ Deploy | stage ':
|
|
1124
1046
|
stage: deploy stage
|
|
1125
1047
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1199,8 +1121,6 @@ before_script:
|
|
|
1199
1121
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1200
1122
|
- set -e
|
|
1201
1123
|
- collapseable_section_end "cleanup"
|
|
1202
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1203
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1204
1124
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1205
1125
|
environment:
|
|
1206
1126
|
name: stage/www
|
|
@@ -1219,8 +1139,6 @@ before_script:
|
|
|
1219
1139
|
artifacts: false
|
|
1220
1140
|
- job: 'www ๐จ docker | stage '
|
|
1221
1141
|
artifacts: false
|
|
1222
|
-
- job: 'www ๐งพ sbom | stage '
|
|
1223
|
-
artifacts: true
|
|
1224
1142
|
retry: *a1
|
|
1225
1143
|
interruptible: true
|
|
1226
1144
|
allow_failure: false
|
|
@@ -1241,8 +1159,6 @@ before_script:
|
|
|
1241
1159
|
- gcloud run services delete pan-test-app-stage-www --project=google-project-id --region=europe-west6
|
|
1242
1160
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www --quiet --delete-tags
|
|
1243
1161
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1244
|
-
- echo 'Disabling component in Dependency Track'
|
|
1245
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
1246
1162
|
- set -e
|
|
1247
1163
|
environment:
|
|
1248
1164
|
name: stage/www
|
|
@@ -1402,28 +1318,6 @@ before_script:
|
|
|
1402
1318
|
- 'www ๐จ app | prod '
|
|
1403
1319
|
retry: *a1
|
|
1404
1320
|
interruptible: true
|
|
1405
|
-
'www ๐งพ sbom | prod ':
|
|
1406
|
-
stage: build
|
|
1407
|
-
image:
|
|
1408
|
-
name: aquasec/trivy:0.58.2
|
|
1409
|
-
entrypoint:
|
|
1410
|
-
- ''
|
|
1411
|
-
variables: {}
|
|
1412
|
-
script:
|
|
1413
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1414
|
-
- collapseable_section_end "injectvars"
|
|
1415
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1416
|
-
artifacts:
|
|
1417
|
-
paths:
|
|
1418
|
-
- __sbom.json
|
|
1419
|
-
rules:
|
|
1420
|
-
- when: never
|
|
1421
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1422
|
-
- if: $CI_COMMIT_TAG
|
|
1423
|
-
needs: []
|
|
1424
|
-
retry: *a1
|
|
1425
|
-
interruptible: true
|
|
1426
|
-
allow_failure: true
|
|
1427
1321
|
'www ๐ Deploy | prod ':
|
|
1428
1322
|
stage: deploy prod
|
|
1429
1323
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1503,8 +1397,6 @@ before_script:
|
|
|
1503
1397
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1504
1398
|
- set -e
|
|
1505
1399
|
- collapseable_section_end "cleanup"
|
|
1506
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1507
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1508
1400
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1509
1401
|
environment:
|
|
1510
1402
|
name: prod/www
|
|
@@ -1523,8 +1415,6 @@ before_script:
|
|
|
1523
1415
|
artifacts: false
|
|
1524
1416
|
- job: 'www ๐จ docker | prod '
|
|
1525
1417
|
artifacts: false
|
|
1526
|
-
- job: 'www ๐งพ sbom | prod '
|
|
1527
|
-
artifacts: true
|
|
1528
1418
|
retry: *a1
|
|
1529
1419
|
interruptible: true
|
|
1530
1420
|
allow_failure: true
|
|
@@ -1545,8 +1435,6 @@ before_script:
|
|
|
1545
1435
|
- gcloud run services delete pan-test-app-prod-www --project=google-project-id --region=europe-west6
|
|
1546
1436
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www --quiet --delete-tags
|
|
1547
1437
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1548
|
-
- echo 'Disabling component in Dependency Track'
|
|
1549
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
1550
1438
|
- set -e
|
|
1551
1439
|
environment:
|
|
1552
1440
|
name: prod/www
|