@catladder/pipeline 3.40.1 โ 3.42.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/build/base/index.js +2 -4
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/deploy/base/deploy.js +1 -6
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunStopScripts.js +2 -3
- package/dist/deploy/custom/deployJob.js +2 -3
- package/dist/deploy/kubernetes/deployJob.js +2 -3
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/examples/__snapshots__/automatic-releases.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-execute-script-on-deploy.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check-defaults.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check-only-startup.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-n8n.test.ts.snap +940 -0
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-session-affinity.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-agents.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-gpu.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-sql-legacy-jobs.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-sql-multiple-dbs.test.ts.snap +0 -336
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +0 -224
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-build-job.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-deploy.test.ts.snap +0 -106
- package/examples/__snapshots__/custom-docker-file.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-envs.test.ts.snap +0 -132
- package/examples/__snapshots__/custom-verify-job.test.ts.snap +0 -112
- package/examples/__snapshots__/git-submodule.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +0 -224
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +0 -112
- package/examples/__snapshots__/local-dot-env.test.ts.snap +0 -112
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +0 -112
- package/examples/__snapshots__/modify-generated-files.test.ts.snap +0 -88
- package/examples/__snapshots__/modify-generated-yaml.test.ts.snap +0 -88
- package/examples/__snapshots__/multiline-var.test.ts.snap +0 -336
- package/examples/__snapshots__/native-app.test.ts.snap +0 -216
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +0 -112
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +0 -112
- package/examples/__snapshots__/override-secrets.test.ts.snap +0 -112
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +0 -112
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +0 -112
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +0 -336
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +0 -208
- package/examples/__snapshots__/workspace-api-www-turbo-cache.test.ts.snap +0 -224
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +0 -224
- package/examples/{custom-sbom-java.test.ts โ cloud-run-n8n.test.ts} +2 -2
- package/examples/cloud-run-n8n.ts +62 -0
- package/package.json +1 -1
- package/src/build/base/index.ts +0 -4
- package/src/build/types.ts +0 -13
- package/src/deploy/base/deploy.ts +0 -5
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +0 -2
- package/src/deploy/cloudRun/createJobs/getCloudRunStopScripts.ts +0 -2
- package/src/deploy/custom/deployJob.ts +2 -9
- package/src/deploy/kubernetes/deployJob.ts +3 -10
- package/dist/build/sbom.d.ts +0 -5
- package/dist/build/sbom.js +0 -35
- package/dist/deploy/sbom.d.ts +0 -4
- package/dist/deploy/sbom.js +0 -21
- package/examples/custom-sbom-java.ts +0 -38
- package/src/build/sbom.ts +0 -53
- package/src/deploy/sbom.ts +0 -34
|
@@ -336,28 +336,6 @@ before_script:
|
|
|
336
336
|
- 'api ๐จ app | dev '
|
|
337
337
|
retry: *a1
|
|
338
338
|
interruptible: true
|
|
339
|
-
'api ๐งพ sbom | dev ':
|
|
340
|
-
stage: build
|
|
341
|
-
image:
|
|
342
|
-
name: aquasec/trivy:0.58.2
|
|
343
|
-
entrypoint:
|
|
344
|
-
- ''
|
|
345
|
-
variables: {}
|
|
346
|
-
script:
|
|
347
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
348
|
-
- collapseable_section_end "injectvars"
|
|
349
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
350
|
-
artifacts:
|
|
351
|
-
paths:
|
|
352
|
-
- __sbom.json
|
|
353
|
-
rules:
|
|
354
|
-
- when: never
|
|
355
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
356
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
357
|
-
needs: []
|
|
358
|
-
retry: *a1
|
|
359
|
-
interruptible: true
|
|
360
|
-
allow_failure: true
|
|
361
339
|
'api ๐ Deploy | dev ':
|
|
362
340
|
stage: deploy dev
|
|
363
341
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -470,8 +448,6 @@ before_script:
|
|
|
470
448
|
- collapseable_section_end "writeallvalues"
|
|
471
449
|
- kubernetesCreateSecret
|
|
472
450
|
- kubernetesDeploy
|
|
473
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
474
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
475
451
|
- echo deployment successful ๐ป
|
|
476
452
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
477
453
|
environment:
|
|
@@ -496,8 +472,6 @@ before_script:
|
|
|
496
472
|
artifacts: false
|
|
497
473
|
- job: 'api ๐งช test | dev '
|
|
498
474
|
artifacts: false
|
|
499
|
-
- job: 'api ๐งพ sbom | dev '
|
|
500
|
-
artifacts: true
|
|
501
475
|
- job: 'api ๐ก audit | dev '
|
|
502
476
|
artifacts: false
|
|
503
477
|
retry: *a1
|
|
@@ -541,8 +515,6 @@ before_script:
|
|
|
541
515
|
- kubectl config set-context "kube-pan-test-app-dev-api" --cluster="kube-pan-test-app-dev-api" --user="kube-pan-test-app-dev-api" --namespace="pan-test-app-dev"
|
|
542
516
|
- kubectl config use-context "kube-pan-test-app-dev-api"
|
|
543
517
|
- kubernetesDelete
|
|
544
|
-
- echo 'Disabling component in Dependency Track'
|
|
545
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "$CI_ENVIRONMENT_URL" || true
|
|
546
518
|
environment:
|
|
547
519
|
name: dev/api
|
|
548
520
|
action: stop
|
|
@@ -851,28 +823,6 @@ before_script:
|
|
|
851
823
|
- 'api ๐จ app | review '
|
|
852
824
|
retry: *a1
|
|
853
825
|
interruptible: true
|
|
854
|
-
'api ๐งพ sbom | review ':
|
|
855
|
-
stage: build
|
|
856
|
-
image:
|
|
857
|
-
name: aquasec/trivy:0.58.2
|
|
858
|
-
entrypoint:
|
|
859
|
-
- ''
|
|
860
|
-
variables: {}
|
|
861
|
-
script:
|
|
862
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
863
|
-
- collapseable_section_end "injectvars"
|
|
864
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
865
|
-
artifacts:
|
|
866
|
-
paths:
|
|
867
|
-
- __sbom.json
|
|
868
|
-
rules:
|
|
869
|
-
- when: never
|
|
870
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
871
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
872
|
-
needs: []
|
|
873
|
-
retry: *a1
|
|
874
|
-
interruptible: true
|
|
875
|
-
allow_failure: true
|
|
876
826
|
'api ๐ Deploy | review ':
|
|
877
827
|
stage: deploy review
|
|
878
828
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -986,8 +936,6 @@ before_script:
|
|
|
986
936
|
- collapseable_section_end "writeallvalues"
|
|
987
937
|
- kubernetesCreateSecret
|
|
988
938
|
- kubernetesDeploy
|
|
989
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
990
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
991
939
|
- echo deployment successful ๐ป
|
|
992
940
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
993
941
|
environment:
|
|
@@ -1012,8 +960,6 @@ before_script:
|
|
|
1012
960
|
artifacts: false
|
|
1013
961
|
- job: 'api ๐งช test | review '
|
|
1014
962
|
artifacts: false
|
|
1015
|
-
- job: 'api ๐งพ sbom | review '
|
|
1016
|
-
artifacts: true
|
|
1017
963
|
- job: 'api ๐ก audit | review '
|
|
1018
964
|
artifacts: false
|
|
1019
965
|
retry: *a1
|
|
@@ -1057,8 +1003,6 @@ before_script:
|
|
|
1057
1003
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --namespace="pan-test-app-review"
|
|
1058
1004
|
- kubectl config use-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
1059
1005
|
- kubernetesDelete
|
|
1060
|
-
- echo 'Disabling component in Dependency Track'
|
|
1061
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "$CI_ENVIRONMENT_URL" || true
|
|
1062
1006
|
environment:
|
|
1063
1007
|
name: review/$CI_COMMIT_REF_NAME/api
|
|
1064
1008
|
action: stop
|
|
@@ -1250,28 +1194,6 @@ before_script:
|
|
|
1250
1194
|
- 'api ๐จ app | stage '
|
|
1251
1195
|
retry: *a1
|
|
1252
1196
|
interruptible: true
|
|
1253
|
-
'api ๐งพ sbom | stage ':
|
|
1254
|
-
stage: build
|
|
1255
|
-
image:
|
|
1256
|
-
name: aquasec/trivy:0.58.2
|
|
1257
|
-
entrypoint:
|
|
1258
|
-
- ''
|
|
1259
|
-
variables: {}
|
|
1260
|
-
script:
|
|
1261
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1262
|
-
- collapseable_section_end "injectvars"
|
|
1263
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1264
|
-
artifacts:
|
|
1265
|
-
paths:
|
|
1266
|
-
- __sbom.json
|
|
1267
|
-
rules:
|
|
1268
|
-
- when: never
|
|
1269
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1270
|
-
- if: $CI_COMMIT_TAG
|
|
1271
|
-
needs: []
|
|
1272
|
-
retry: *a1
|
|
1273
|
-
interruptible: true
|
|
1274
|
-
allow_failure: true
|
|
1275
1197
|
'api ๐ Deploy | stage ':
|
|
1276
1198
|
stage: deploy stage
|
|
1277
1199
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -1384,8 +1306,6 @@ before_script:
|
|
|
1384
1306
|
- collapseable_section_end "writeallvalues"
|
|
1385
1307
|
- kubernetesCreateSecret
|
|
1386
1308
|
- kubernetesDeploy
|
|
1387
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1388
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1389
1309
|
- echo deployment successful ๐ป
|
|
1390
1310
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1391
1311
|
environment:
|
|
@@ -1405,8 +1325,6 @@ before_script:
|
|
|
1405
1325
|
artifacts: false
|
|
1406
1326
|
- job: 'api ๐จ docker | stage '
|
|
1407
1327
|
artifacts: false
|
|
1408
|
-
- job: 'api ๐งพ sbom | stage '
|
|
1409
|
-
artifacts: true
|
|
1410
1328
|
retry: *a1
|
|
1411
1329
|
interruptible: true
|
|
1412
1330
|
allow_failure: false
|
|
@@ -1448,8 +1366,6 @@ before_script:
|
|
|
1448
1366
|
- kubectl config set-context "kube-pan-test-app-stage-api" --cluster="kube-pan-test-app-stage-api" --user="kube-pan-test-app-stage-api" --namespace="pan-test-app-stage"
|
|
1449
1367
|
- kubectl config use-context "kube-pan-test-app-stage-api"
|
|
1450
1368
|
- kubernetesDelete
|
|
1451
|
-
- echo 'Disabling component in Dependency Track'
|
|
1452
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "$CI_ENVIRONMENT_URL" || true
|
|
1453
1369
|
environment:
|
|
1454
1370
|
name: stage/api
|
|
1455
1371
|
action: stop
|
|
@@ -1641,28 +1557,6 @@ before_script:
|
|
|
1641
1557
|
- 'api ๐จ app | prod '
|
|
1642
1558
|
retry: *a1
|
|
1643
1559
|
interruptible: true
|
|
1644
|
-
'api ๐งพ sbom | prod ':
|
|
1645
|
-
stage: build
|
|
1646
|
-
image:
|
|
1647
|
-
name: aquasec/trivy:0.58.2
|
|
1648
|
-
entrypoint:
|
|
1649
|
-
- ''
|
|
1650
|
-
variables: {}
|
|
1651
|
-
script:
|
|
1652
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1653
|
-
- collapseable_section_end "injectvars"
|
|
1654
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1655
|
-
artifacts:
|
|
1656
|
-
paths:
|
|
1657
|
-
- __sbom.json
|
|
1658
|
-
rules:
|
|
1659
|
-
- when: never
|
|
1660
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1661
|
-
- if: $CI_COMMIT_TAG
|
|
1662
|
-
needs: []
|
|
1663
|
-
retry: *a1
|
|
1664
|
-
interruptible: true
|
|
1665
|
-
allow_failure: true
|
|
1666
1560
|
'api ๐ Deploy | prod ':
|
|
1667
1561
|
stage: deploy prod
|
|
1668
1562
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -1775,8 +1669,6 @@ before_script:
|
|
|
1775
1669
|
- collapseable_section_end "writeallvalues"
|
|
1776
1670
|
- kubernetesCreateSecret
|
|
1777
1671
|
- kubernetesDeploy
|
|
1778
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1779
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1780
1672
|
- echo deployment successful ๐ป
|
|
1781
1673
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1782
1674
|
environment:
|
|
@@ -1796,8 +1688,6 @@ before_script:
|
|
|
1796
1688
|
artifacts: false
|
|
1797
1689
|
- job: 'api ๐จ docker | prod '
|
|
1798
1690
|
artifacts: false
|
|
1799
|
-
- job: 'api ๐งพ sbom | prod '
|
|
1800
|
-
artifacts: true
|
|
1801
1691
|
retry: *a1
|
|
1802
1692
|
interruptible: true
|
|
1803
1693
|
allow_failure: true
|
|
@@ -1839,8 +1729,6 @@ before_script:
|
|
|
1839
1729
|
- kubectl config set-context "kube-pan-test-app-prod-api" --cluster="kube-pan-test-app-prod-api" --user="kube-pan-test-app-prod-api" --namespace="pan-test-app-prod"
|
|
1840
1730
|
- kubectl config use-context "kube-pan-test-app-prod-api"
|
|
1841
1731
|
- kubernetesDelete
|
|
1842
|
-
- echo 'Disabling component in Dependency Track'
|
|
1843
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "$CI_ENVIRONMENT_URL" || true
|
|
1844
1732
|
environment:
|
|
1845
1733
|
name: prod/api
|
|
1846
1734
|
action: stop
|
|
@@ -334,28 +334,6 @@ before_script:
|
|
|
334
334
|
- 'api ๐จ app | dev '
|
|
335
335
|
retry: *a1
|
|
336
336
|
interruptible: true
|
|
337
|
-
'api ๐งพ sbom | dev ':
|
|
338
|
-
stage: build
|
|
339
|
-
image:
|
|
340
|
-
name: aquasec/trivy:0.58.2
|
|
341
|
-
entrypoint:
|
|
342
|
-
- ''
|
|
343
|
-
variables: {}
|
|
344
|
-
script:
|
|
345
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
346
|
-
- collapseable_section_end "injectvars"
|
|
347
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
348
|
-
artifacts:
|
|
349
|
-
paths:
|
|
350
|
-
- __sbom.json
|
|
351
|
-
rules:
|
|
352
|
-
- when: never
|
|
353
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
354
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
355
|
-
needs: []
|
|
356
|
-
retry: *a1
|
|
357
|
-
interruptible: true
|
|
358
|
-
allow_failure: true
|
|
359
337
|
'api ๐ Deploy | dev ':
|
|
360
338
|
stage: deploy dev
|
|
361
339
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -460,8 +438,6 @@ before_script:
|
|
|
460
438
|
- collapseable_section_end "writeallvalues"
|
|
461
439
|
- kubernetesCreateSecret
|
|
462
440
|
- kubernetesDeploy
|
|
463
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
464
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
465
441
|
- echo deployment successful ๐ป
|
|
466
442
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
467
443
|
environment:
|
|
@@ -486,8 +462,6 @@ before_script:
|
|
|
486
462
|
artifacts: false
|
|
487
463
|
- job: 'api ๐งช test | dev '
|
|
488
464
|
artifacts: false
|
|
489
|
-
- job: 'api ๐งพ sbom | dev '
|
|
490
|
-
artifacts: true
|
|
491
465
|
- job: 'api ๐ก audit | dev '
|
|
492
466
|
artifacts: false
|
|
493
467
|
retry: *a1
|
|
@@ -529,8 +503,6 @@ before_script:
|
|
|
529
503
|
- kubectl config set-context "kube-pan-test-app-dev-api" --cluster="kube-pan-test-app-dev-api" --user="kube-pan-test-app-dev-api" --namespace="pan-test-app-dev"
|
|
530
504
|
- kubectl config use-context "kube-pan-test-app-dev-api"
|
|
531
505
|
- kubernetesDelete
|
|
532
|
-
- echo 'Disabling component in Dependency Track'
|
|
533
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "$CI_ENVIRONMENT_URL" || true
|
|
534
506
|
environment:
|
|
535
507
|
name: dev/api
|
|
536
508
|
action: stop
|
|
@@ -835,28 +807,6 @@ before_script:
|
|
|
835
807
|
- 'api ๐จ app | review '
|
|
836
808
|
retry: *a1
|
|
837
809
|
interruptible: true
|
|
838
|
-
'api ๐งพ sbom | review ':
|
|
839
|
-
stage: build
|
|
840
|
-
image:
|
|
841
|
-
name: aquasec/trivy:0.58.2
|
|
842
|
-
entrypoint:
|
|
843
|
-
- ''
|
|
844
|
-
variables: {}
|
|
845
|
-
script:
|
|
846
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
847
|
-
- collapseable_section_end "injectvars"
|
|
848
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
849
|
-
artifacts:
|
|
850
|
-
paths:
|
|
851
|
-
- __sbom.json
|
|
852
|
-
rules:
|
|
853
|
-
- when: never
|
|
854
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
855
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
856
|
-
needs: []
|
|
857
|
-
retry: *a1
|
|
858
|
-
interruptible: true
|
|
859
|
-
allow_failure: true
|
|
860
810
|
'api ๐ Deploy | review ':
|
|
861
811
|
stage: deploy review
|
|
862
812
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -957,8 +907,6 @@ before_script:
|
|
|
957
907
|
- collapseable_section_end "writeallvalues"
|
|
958
908
|
- kubernetesCreateSecret
|
|
959
909
|
- kubernetesDeploy
|
|
960
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
961
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
962
910
|
- echo deployment successful ๐ป
|
|
963
911
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
964
912
|
environment:
|
|
@@ -983,8 +931,6 @@ before_script:
|
|
|
983
931
|
artifacts: false
|
|
984
932
|
- job: 'api ๐งช test | review '
|
|
985
933
|
artifacts: false
|
|
986
|
-
- job: 'api ๐งพ sbom | review '
|
|
987
|
-
artifacts: true
|
|
988
934
|
- job: 'api ๐ก audit | review '
|
|
989
935
|
artifacts: false
|
|
990
936
|
retry: *a1
|
|
@@ -1026,8 +972,6 @@ before_script:
|
|
|
1026
972
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --namespace="pan-test-app-review"
|
|
1027
973
|
- kubectl config use-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
1028
974
|
- kubernetesDelete
|
|
1029
|
-
- echo 'Disabling component in Dependency Track'
|
|
1030
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "$CI_ENVIRONMENT_URL" || true
|
|
1031
975
|
environment:
|
|
1032
976
|
name: review/$CI_COMMIT_REF_NAME/api
|
|
1033
977
|
action: stop
|
|
@@ -1215,28 +1159,6 @@ before_script:
|
|
|
1215
1159
|
- 'api ๐จ app | stage '
|
|
1216
1160
|
retry: *a1
|
|
1217
1161
|
interruptible: true
|
|
1218
|
-
'api ๐งพ sbom | stage ':
|
|
1219
|
-
stage: build
|
|
1220
|
-
image:
|
|
1221
|
-
name: aquasec/trivy:0.58.2
|
|
1222
|
-
entrypoint:
|
|
1223
|
-
- ''
|
|
1224
|
-
variables: {}
|
|
1225
|
-
script:
|
|
1226
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1227
|
-
- collapseable_section_end "injectvars"
|
|
1228
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1229
|
-
artifacts:
|
|
1230
|
-
paths:
|
|
1231
|
-
- __sbom.json
|
|
1232
|
-
rules:
|
|
1233
|
-
- when: never
|
|
1234
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1235
|
-
- if: $CI_COMMIT_TAG
|
|
1236
|
-
needs: []
|
|
1237
|
-
retry: *a1
|
|
1238
|
-
interruptible: true
|
|
1239
|
-
allow_failure: true
|
|
1240
1162
|
'api ๐ Deploy | stage ':
|
|
1241
1163
|
stage: deploy stage
|
|
1242
1164
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -1341,8 +1263,6 @@ before_script:
|
|
|
1341
1263
|
- collapseable_section_end "writeallvalues"
|
|
1342
1264
|
- kubernetesCreateSecret
|
|
1343
1265
|
- kubernetesDeploy
|
|
1344
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1345
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1346
1266
|
- echo deployment successful ๐ป
|
|
1347
1267
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1348
1268
|
environment:
|
|
@@ -1362,8 +1282,6 @@ before_script:
|
|
|
1362
1282
|
artifacts: false
|
|
1363
1283
|
- job: 'api ๐จ docker | stage '
|
|
1364
1284
|
artifacts: false
|
|
1365
|
-
- job: 'api ๐งพ sbom | stage '
|
|
1366
|
-
artifacts: true
|
|
1367
1285
|
retry: *a1
|
|
1368
1286
|
interruptible: true
|
|
1369
1287
|
allow_failure: false
|
|
@@ -1403,8 +1321,6 @@ before_script:
|
|
|
1403
1321
|
- kubectl config set-context "kube-pan-test-app-stage-api" --cluster="kube-pan-test-app-stage-api" --user="kube-pan-test-app-stage-api" --namespace="pan-test-app-stage"
|
|
1404
1322
|
- kubectl config use-context "kube-pan-test-app-stage-api"
|
|
1405
1323
|
- kubernetesDelete
|
|
1406
|
-
- echo 'Disabling component in Dependency Track'
|
|
1407
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "$CI_ENVIRONMENT_URL" || true
|
|
1408
1324
|
environment:
|
|
1409
1325
|
name: stage/api
|
|
1410
1326
|
action: stop
|
|
@@ -1592,28 +1508,6 @@ before_script:
|
|
|
1592
1508
|
- 'api ๐จ app | prod '
|
|
1593
1509
|
retry: *a1
|
|
1594
1510
|
interruptible: true
|
|
1595
|
-
'api ๐งพ sbom | prod ':
|
|
1596
|
-
stage: build
|
|
1597
|
-
image:
|
|
1598
|
-
name: aquasec/trivy:0.58.2
|
|
1599
|
-
entrypoint:
|
|
1600
|
-
- ''
|
|
1601
|
-
variables: {}
|
|
1602
|
-
script:
|
|
1603
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1604
|
-
- collapseable_section_end "injectvars"
|
|
1605
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1606
|
-
artifacts:
|
|
1607
|
-
paths:
|
|
1608
|
-
- __sbom.json
|
|
1609
|
-
rules:
|
|
1610
|
-
- when: never
|
|
1611
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1612
|
-
- if: $CI_COMMIT_TAG
|
|
1613
|
-
needs: []
|
|
1614
|
-
retry: *a1
|
|
1615
|
-
interruptible: true
|
|
1616
|
-
allow_failure: true
|
|
1617
1511
|
'api ๐ Deploy | prod ':
|
|
1618
1512
|
stage: deploy prod
|
|
1619
1513
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -1718,8 +1612,6 @@ before_script:
|
|
|
1718
1612
|
- collapseable_section_end "writeallvalues"
|
|
1719
1613
|
- kubernetesCreateSecret
|
|
1720
1614
|
- kubernetesDeploy
|
|
1721
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1722
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1723
1615
|
- echo deployment successful ๐ป
|
|
1724
1616
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1725
1617
|
environment:
|
|
@@ -1739,8 +1631,6 @@ before_script:
|
|
|
1739
1631
|
artifacts: false
|
|
1740
1632
|
- job: 'api ๐จ docker | prod '
|
|
1741
1633
|
artifacts: false
|
|
1742
|
-
- job: 'api ๐งพ sbom | prod '
|
|
1743
|
-
artifacts: true
|
|
1744
1634
|
retry: *a1
|
|
1745
1635
|
interruptible: true
|
|
1746
1636
|
allow_failure: true
|
|
@@ -1780,8 +1670,6 @@ before_script:
|
|
|
1780
1670
|
- kubectl config set-context "kube-pan-test-app-prod-api" --cluster="kube-pan-test-app-prod-api" --user="kube-pan-test-app-prod-api" --namespace="pan-test-app-prod"
|
|
1781
1671
|
- kubectl config use-context "kube-pan-test-app-prod-api"
|
|
1782
1672
|
- kubernetesDelete
|
|
1783
|
-
- echo 'Disabling component in Dependency Track'
|
|
1784
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "$CI_ENVIRONMENT_URL" || true
|
|
1785
1673
|
environment:
|
|
1786
1674
|
name: prod/api
|
|
1787
1675
|
action: stop
|
|
@@ -2089,28 +1977,6 @@ before_script:
|
|
|
2089
1977
|
- 'www ๐จ app | dev '
|
|
2090
1978
|
retry: *a1
|
|
2091
1979
|
interruptible: true
|
|
2092
|
-
'www ๐งพ sbom | dev ':
|
|
2093
|
-
stage: build
|
|
2094
|
-
image:
|
|
2095
|
-
name: aquasec/trivy:0.58.2
|
|
2096
|
-
entrypoint:
|
|
2097
|
-
- ''
|
|
2098
|
-
variables: {}
|
|
2099
|
-
script:
|
|
2100
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
2101
|
-
- collapseable_section_end "injectvars"
|
|
2102
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
2103
|
-
artifacts:
|
|
2104
|
-
paths:
|
|
2105
|
-
- __sbom.json
|
|
2106
|
-
rules:
|
|
2107
|
-
- when: never
|
|
2108
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
2109
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
2110
|
-
needs: []
|
|
2111
|
-
retry: *a1
|
|
2112
|
-
interruptible: true
|
|
2113
|
-
allow_failure: true
|
|
2114
1980
|
'www ๐ Deploy | dev ':
|
|
2115
1981
|
stage: deploy dev
|
|
2116
1982
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -2205,8 +2071,6 @@ before_script:
|
|
|
2205
2071
|
- collapseable_section_end "writeallvalues"
|
|
2206
2072
|
- kubernetesCreateSecret
|
|
2207
2073
|
- kubernetesDeploy
|
|
2208
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
2209
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
2210
2074
|
- echo deployment successful ๐ป
|
|
2211
2075
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
2212
2076
|
environment:
|
|
@@ -2231,8 +2095,6 @@ before_script:
|
|
|
2231
2095
|
artifacts: false
|
|
2232
2096
|
- job: 'www ๐งช test | dev '
|
|
2233
2097
|
artifacts: false
|
|
2234
|
-
- job: 'www ๐งพ sbom | dev '
|
|
2235
|
-
artifacts: true
|
|
2236
2098
|
- job: 'www ๐ก audit | dev '
|
|
2237
2099
|
artifacts: false
|
|
2238
2100
|
retry: *a1
|
|
@@ -2274,8 +2136,6 @@ before_script:
|
|
|
2274
2136
|
- kubectl config set-context "kube-pan-test-app-dev-www" --cluster="kube-pan-test-app-dev-www" --user="kube-pan-test-app-dev-www" --namespace="pan-test-app-dev"
|
|
2275
2137
|
- kubectl config use-context "kube-pan-test-app-dev-www"
|
|
2276
2138
|
- kubernetesDelete
|
|
2277
|
-
- echo 'Disabling component in Dependency Track'
|
|
2278
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
2279
2139
|
environment:
|
|
2280
2140
|
name: dev/www
|
|
2281
2141
|
action: stop
|
|
@@ -2597,28 +2457,6 @@ before_script:
|
|
|
2597
2457
|
- 'www ๐จ app | review '
|
|
2598
2458
|
retry: *a1
|
|
2599
2459
|
interruptible: true
|
|
2600
|
-
'www ๐งพ sbom | review ':
|
|
2601
|
-
stage: build
|
|
2602
|
-
image:
|
|
2603
|
-
name: aquasec/trivy:0.58.2
|
|
2604
|
-
entrypoint:
|
|
2605
|
-
- ''
|
|
2606
|
-
variables: {}
|
|
2607
|
-
script:
|
|
2608
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
2609
|
-
- collapseable_section_end "injectvars"
|
|
2610
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
2611
|
-
artifacts:
|
|
2612
|
-
paths:
|
|
2613
|
-
- __sbom.json
|
|
2614
|
-
rules:
|
|
2615
|
-
- when: never
|
|
2616
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
2617
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
2618
|
-
needs: []
|
|
2619
|
-
retry: *a1
|
|
2620
|
-
interruptible: true
|
|
2621
|
-
allow_failure: true
|
|
2622
2460
|
'www ๐ Deploy | review ':
|
|
2623
2461
|
stage: deploy review
|
|
2624
2462
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -2714,8 +2552,6 @@ before_script:
|
|
|
2714
2552
|
- collapseable_section_end "writeallvalues"
|
|
2715
2553
|
- kubernetesCreateSecret
|
|
2716
2554
|
- kubernetesDeploy
|
|
2717
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
2718
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
2719
2555
|
- echo deployment successful ๐ป
|
|
2720
2556
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
2721
2557
|
environment:
|
|
@@ -2740,8 +2576,6 @@ before_script:
|
|
|
2740
2576
|
artifacts: false
|
|
2741
2577
|
- job: 'www ๐งช test | review '
|
|
2742
2578
|
artifacts: false
|
|
2743
|
-
- job: 'www ๐งพ sbom | review '
|
|
2744
|
-
artifacts: true
|
|
2745
2579
|
- job: 'www ๐ก audit | review '
|
|
2746
2580
|
artifacts: false
|
|
2747
2581
|
retry: *a1
|
|
@@ -2783,8 +2617,6 @@ before_script:
|
|
|
2783
2617
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" --namespace="pan-test-app-review"
|
|
2784
2618
|
- kubectl config use-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www"
|
|
2785
2619
|
- kubernetesDelete
|
|
2786
|
-
- echo 'Disabling component in Dependency Track'
|
|
2787
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
2788
2620
|
environment:
|
|
2789
2621
|
name: review/$CI_COMMIT_REF_NAME/www
|
|
2790
2622
|
action: stop
|
|
@@ -2989,28 +2821,6 @@ before_script:
|
|
|
2989
2821
|
- 'www ๐จ app | stage '
|
|
2990
2822
|
retry: *a1
|
|
2991
2823
|
interruptible: true
|
|
2992
|
-
'www ๐งพ sbom | stage ':
|
|
2993
|
-
stage: build
|
|
2994
|
-
image:
|
|
2995
|
-
name: aquasec/trivy:0.58.2
|
|
2996
|
-
entrypoint:
|
|
2997
|
-
- ''
|
|
2998
|
-
variables: {}
|
|
2999
|
-
script:
|
|
3000
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
3001
|
-
- collapseable_section_end "injectvars"
|
|
3002
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
3003
|
-
artifacts:
|
|
3004
|
-
paths:
|
|
3005
|
-
- __sbom.json
|
|
3006
|
-
rules:
|
|
3007
|
-
- when: never
|
|
3008
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
3009
|
-
- if: $CI_COMMIT_TAG
|
|
3010
|
-
needs: []
|
|
3011
|
-
retry: *a1
|
|
3012
|
-
interruptible: true
|
|
3013
|
-
allow_failure: true
|
|
3014
2824
|
'www ๐ Deploy | stage ':
|
|
3015
2825
|
stage: deploy stage
|
|
3016
2826
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -3105,8 +2915,6 @@ before_script:
|
|
|
3105
2915
|
- collapseable_section_end "writeallvalues"
|
|
3106
2916
|
- kubernetesCreateSecret
|
|
3107
2917
|
- kubernetesDeploy
|
|
3108
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
3109
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
3110
2918
|
- echo deployment successful ๐ป
|
|
3111
2919
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
3112
2920
|
environment:
|
|
@@ -3126,8 +2934,6 @@ before_script:
|
|
|
3126
2934
|
artifacts: false
|
|
3127
2935
|
- job: 'www ๐จ docker | stage '
|
|
3128
2936
|
artifacts: false
|
|
3129
|
-
- job: 'www ๐งพ sbom | stage '
|
|
3130
|
-
artifacts: true
|
|
3131
2937
|
retry: *a1
|
|
3132
2938
|
interruptible: true
|
|
3133
2939
|
allow_failure: false
|
|
@@ -3167,8 +2973,6 @@ before_script:
|
|
|
3167
2973
|
- kubectl config set-context "kube-pan-test-app-stage-www" --cluster="kube-pan-test-app-stage-www" --user="kube-pan-test-app-stage-www" --namespace="pan-test-app-stage"
|
|
3168
2974
|
- kubectl config use-context "kube-pan-test-app-stage-www"
|
|
3169
2975
|
- kubernetesDelete
|
|
3170
|
-
- echo 'Disabling component in Dependency Track'
|
|
3171
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
3172
2976
|
environment:
|
|
3173
2977
|
name: stage/www
|
|
3174
2978
|
action: stop
|
|
@@ -3373,28 +3177,6 @@ before_script:
|
|
|
3373
3177
|
- 'www ๐จ app | prod '
|
|
3374
3178
|
retry: *a1
|
|
3375
3179
|
interruptible: true
|
|
3376
|
-
'www ๐งพ sbom | prod ':
|
|
3377
|
-
stage: build
|
|
3378
|
-
image:
|
|
3379
|
-
name: aquasec/trivy:0.58.2
|
|
3380
|
-
entrypoint:
|
|
3381
|
-
- ''
|
|
3382
|
-
variables: {}
|
|
3383
|
-
script:
|
|
3384
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
3385
|
-
- collapseable_section_end "injectvars"
|
|
3386
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
3387
|
-
artifacts:
|
|
3388
|
-
paths:
|
|
3389
|
-
- __sbom.json
|
|
3390
|
-
rules:
|
|
3391
|
-
- when: never
|
|
3392
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
3393
|
-
- if: $CI_COMMIT_TAG
|
|
3394
|
-
needs: []
|
|
3395
|
-
retry: *a1
|
|
3396
|
-
interruptible: true
|
|
3397
|
-
allow_failure: true
|
|
3398
3180
|
'www ๐ Deploy | prod ':
|
|
3399
3181
|
stage: deploy prod
|
|
3400
3182
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -3489,8 +3271,6 @@ before_script:
|
|
|
3489
3271
|
- collapseable_section_end "writeallvalues"
|
|
3490
3272
|
- kubernetesCreateSecret
|
|
3491
3273
|
- kubernetesDeploy
|
|
3492
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
3493
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
3494
3274
|
- echo deployment successful ๐ป
|
|
3495
3275
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
3496
3276
|
environment:
|
|
@@ -3510,8 +3290,6 @@ before_script:
|
|
|
3510
3290
|
artifacts: false
|
|
3511
3291
|
- job: 'www ๐จ docker | prod '
|
|
3512
3292
|
artifacts: false
|
|
3513
|
-
- job: 'www ๐งพ sbom | prod '
|
|
3514
|
-
artifacts: true
|
|
3515
3293
|
retry: *a1
|
|
3516
3294
|
interruptible: true
|
|
3517
3295
|
allow_failure: true
|
|
@@ -3551,8 +3329,6 @@ before_script:
|
|
|
3551
3329
|
- kubectl config set-context "kube-pan-test-app-prod-www" --cluster="kube-pan-test-app-prod-www" --user="kube-pan-test-app-prod-www" --namespace="pan-test-app-prod"
|
|
3552
3330
|
- kubectl config use-context "kube-pan-test-app-prod-www"
|
|
3553
3331
|
- kubernetesDelete
|
|
3554
|
-
- echo 'Disabling component in Dependency Track'
|
|
3555
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
3556
3332
|
environment:
|
|
3557
3333
|
name: prod/www
|
|
3558
3334
|
action: stop
|