@catladder/pipeline 3.40.1 โ 3.42.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/build/base/index.js +2 -4
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/deploy/base/deploy.js +1 -6
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunStopScripts.js +2 -3
- package/dist/deploy/custom/deployJob.js +2 -3
- package/dist/deploy/kubernetes/deployJob.js +2 -3
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/examples/__snapshots__/automatic-releases.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-execute-script-on-deploy.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check-defaults.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check-only-startup.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-health-check.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-n8n.test.ts.snap +940 -0
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-session-affinity.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-agents.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-gpu.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-sql-legacy-jobs.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-sql-multiple-dbs.test.ts.snap +0 -336
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +0 -224
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +0 -112
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-build-job.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-deploy.test.ts.snap +0 -106
- package/examples/__snapshots__/custom-docker-file.test.ts.snap +0 -112
- package/examples/__snapshots__/custom-envs.test.ts.snap +0 -132
- package/examples/__snapshots__/custom-verify-job.test.ts.snap +0 -112
- package/examples/__snapshots__/git-submodule.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +0 -112
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +0 -224
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +0 -112
- package/examples/__snapshots__/local-dot-env.test.ts.snap +0 -112
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +0 -112
- package/examples/__snapshots__/modify-generated-files.test.ts.snap +0 -88
- package/examples/__snapshots__/modify-generated-yaml.test.ts.snap +0 -88
- package/examples/__snapshots__/multiline-var.test.ts.snap +0 -336
- package/examples/__snapshots__/native-app.test.ts.snap +0 -216
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +0 -112
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +0 -112
- package/examples/__snapshots__/override-secrets.test.ts.snap +0 -112
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +0 -112
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +0 -112
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +0 -336
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +0 -208
- package/examples/__snapshots__/workspace-api-www-turbo-cache.test.ts.snap +0 -224
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +0 -224
- package/examples/{custom-sbom-java.test.ts โ cloud-run-n8n.test.ts} +2 -2
- package/examples/cloud-run-n8n.ts +62 -0
- package/package.json +1 -1
- package/src/build/base/index.ts +0 -4
- package/src/build/types.ts +0 -13
- package/src/deploy/base/deploy.ts +0 -5
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +0 -2
- package/src/deploy/cloudRun/createJobs/getCloudRunStopScripts.ts +0 -2
- package/src/deploy/custom/deployJob.ts +2 -9
- package/src/deploy/kubernetes/deployJob.ts +3 -10
- package/dist/build/sbom.d.ts +0 -5
- package/dist/build/sbom.js +0 -35
- package/dist/deploy/sbom.d.ts +0 -4
- package/dist/deploy/sbom.js +0 -21
- package/examples/custom-sbom-java.ts +0 -38
- package/src/build/sbom.ts +0 -53
- package/src/deploy/sbom.ts +0 -34
|
@@ -355,28 +355,6 @@ before_script:
|
|
|
355
355
|
- 'www ๐จ app | dev '
|
|
356
356
|
retry: *a1
|
|
357
357
|
interruptible: true
|
|
358
|
-
'www ๐งพ sbom | dev ':
|
|
359
|
-
stage: build
|
|
360
|
-
image:
|
|
361
|
-
name: aquasec/trivy:0.58.2
|
|
362
|
-
entrypoint:
|
|
363
|
-
- ''
|
|
364
|
-
variables: {}
|
|
365
|
-
script:
|
|
366
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
367
|
-
- collapseable_section_end "injectvars"
|
|
368
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
369
|
-
artifacts:
|
|
370
|
-
paths:
|
|
371
|
-
- __sbom.json
|
|
372
|
-
rules:
|
|
373
|
-
- when: never
|
|
374
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
375
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
376
|
-
needs: []
|
|
377
|
-
retry: *a1
|
|
378
|
-
interruptible: true
|
|
379
|
-
allow_failure: true
|
|
380
358
|
'www ๐ Deploy | dev ':
|
|
381
359
|
stage: deploy dev
|
|
382
360
|
image: path/to/docker/gcloud:the-version
|
|
@@ -456,8 +434,6 @@ before_script:
|
|
|
456
434
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
457
435
|
- set -e
|
|
458
436
|
- collapseable_section_end "cleanup"
|
|
459
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
460
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
461
437
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
462
438
|
environment:
|
|
463
439
|
name: dev/www
|
|
@@ -481,8 +457,6 @@ before_script:
|
|
|
481
457
|
artifacts: false
|
|
482
458
|
- job: 'www ๐งช test | dev '
|
|
483
459
|
artifacts: false
|
|
484
|
-
- job: 'www ๐งพ sbom | dev '
|
|
485
|
-
artifacts: true
|
|
486
460
|
- job: 'www ๐ก audit | dev '
|
|
487
461
|
artifacts: false
|
|
488
462
|
retry: *a1
|
|
@@ -505,8 +479,6 @@ before_script:
|
|
|
505
479
|
- gcloud run services delete pan-test-app-dev-www --project=asdf --region=asia-east1
|
|
506
480
|
- gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www --quiet --delete-tags
|
|
507
481
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
508
|
-
- echo 'Disabling component in Dependency Track'
|
|
509
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
510
482
|
- set -e
|
|
511
483
|
environment:
|
|
512
484
|
name: dev/www
|
|
@@ -785,28 +757,6 @@ before_script:
|
|
|
785
757
|
- 'www ๐จ app | review '
|
|
786
758
|
retry: *a1
|
|
787
759
|
interruptible: true
|
|
788
|
-
'www ๐งพ sbom | review ':
|
|
789
|
-
stage: build
|
|
790
|
-
image:
|
|
791
|
-
name: aquasec/trivy:0.58.2
|
|
792
|
-
entrypoint:
|
|
793
|
-
- ''
|
|
794
|
-
variables: {}
|
|
795
|
-
script:
|
|
796
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
797
|
-
- collapseable_section_end "injectvars"
|
|
798
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
799
|
-
artifacts:
|
|
800
|
-
paths:
|
|
801
|
-
- __sbom.json
|
|
802
|
-
rules:
|
|
803
|
-
- when: never
|
|
804
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
805
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
806
|
-
needs: []
|
|
807
|
-
retry: *a1
|
|
808
|
-
interruptible: true
|
|
809
|
-
allow_failure: true
|
|
810
760
|
'www ๐ Deploy | review ':
|
|
811
761
|
stage: deploy review
|
|
812
762
|
image: path/to/docker/gcloud:the-version
|
|
@@ -889,8 +839,6 @@ before_script:
|
|
|
889
839
|
- set -e
|
|
890
840
|
- set -e
|
|
891
841
|
- collapseable_section_end "cleanup"
|
|
892
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
893
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
894
842
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
895
843
|
environment:
|
|
896
844
|
name: review/$CI_COMMIT_REF_NAME/www
|
|
@@ -914,8 +862,6 @@ before_script:
|
|
|
914
862
|
artifacts: false
|
|
915
863
|
- job: 'www ๐งช test | review '
|
|
916
864
|
artifacts: false
|
|
917
|
-
- job: 'www ๐งพ sbom | review '
|
|
918
|
-
artifacts: true
|
|
919
865
|
- job: 'www ๐ก audit | review '
|
|
920
866
|
artifacts: false
|
|
921
867
|
retry: *a1
|
|
@@ -941,8 +887,6 @@ before_script:
|
|
|
941
887
|
- set +e
|
|
942
888
|
- gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www --quiet --delete-tags
|
|
943
889
|
- set -e
|
|
944
|
-
- echo 'Disabling component in Dependency Track'
|
|
945
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
946
890
|
- set -e
|
|
947
891
|
environment:
|
|
948
892
|
name: review/$CI_COMMIT_REF_NAME/www
|
|
@@ -1104,28 +1048,6 @@ before_script:
|
|
|
1104
1048
|
- 'www ๐จ app | stage '
|
|
1105
1049
|
retry: *a1
|
|
1106
1050
|
interruptible: true
|
|
1107
|
-
'www ๐งพ sbom | stage ':
|
|
1108
|
-
stage: build
|
|
1109
|
-
image:
|
|
1110
|
-
name: aquasec/trivy:0.58.2
|
|
1111
|
-
entrypoint:
|
|
1112
|
-
- ''
|
|
1113
|
-
variables: {}
|
|
1114
|
-
script:
|
|
1115
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1116
|
-
- collapseable_section_end "injectvars"
|
|
1117
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1118
|
-
artifacts:
|
|
1119
|
-
paths:
|
|
1120
|
-
- __sbom.json
|
|
1121
|
-
rules:
|
|
1122
|
-
- when: never
|
|
1123
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1124
|
-
- if: $CI_COMMIT_TAG
|
|
1125
|
-
needs: []
|
|
1126
|
-
retry: *a1
|
|
1127
|
-
interruptible: true
|
|
1128
|
-
allow_failure: true
|
|
1129
1051
|
'www ๐ Deploy | stage ':
|
|
1130
1052
|
stage: deploy stage
|
|
1131
1053
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1205,8 +1127,6 @@ before_script:
|
|
|
1205
1127
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1206
1128
|
- set -e
|
|
1207
1129
|
- collapseable_section_end "cleanup"
|
|
1208
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1209
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1210
1130
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1211
1131
|
environment:
|
|
1212
1132
|
name: stage/www
|
|
@@ -1225,8 +1145,6 @@ before_script:
|
|
|
1225
1145
|
artifacts: false
|
|
1226
1146
|
- job: 'www ๐จ docker | stage '
|
|
1227
1147
|
artifacts: false
|
|
1228
|
-
- job: 'www ๐งพ sbom | stage '
|
|
1229
|
-
artifacts: true
|
|
1230
1148
|
retry: *a1
|
|
1231
1149
|
interruptible: true
|
|
1232
1150
|
allow_failure: false
|
|
@@ -1247,8 +1165,6 @@ before_script:
|
|
|
1247
1165
|
- gcloud run services delete pan-test-app-stage-www --project=asdf --region=asia-east1
|
|
1248
1166
|
- gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www --quiet --delete-tags
|
|
1249
1167
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1250
|
-
- echo 'Disabling component in Dependency Track'
|
|
1251
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
1252
1168
|
- set -e
|
|
1253
1169
|
environment:
|
|
1254
1170
|
name: stage/www
|
|
@@ -1410,28 +1326,6 @@ before_script:
|
|
|
1410
1326
|
- 'www ๐จ app | prod '
|
|
1411
1327
|
retry: *a1
|
|
1412
1328
|
interruptible: true
|
|
1413
|
-
'www ๐งพ sbom | prod ':
|
|
1414
|
-
stage: build
|
|
1415
|
-
image:
|
|
1416
|
-
name: aquasec/trivy:0.58.2
|
|
1417
|
-
entrypoint:
|
|
1418
|
-
- ''
|
|
1419
|
-
variables: {}
|
|
1420
|
-
script:
|
|
1421
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1422
|
-
- collapseable_section_end "injectvars"
|
|
1423
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1424
|
-
artifacts:
|
|
1425
|
-
paths:
|
|
1426
|
-
- __sbom.json
|
|
1427
|
-
rules:
|
|
1428
|
-
- when: never
|
|
1429
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1430
|
-
- if: $CI_COMMIT_TAG
|
|
1431
|
-
needs: []
|
|
1432
|
-
retry: *a1
|
|
1433
|
-
interruptible: true
|
|
1434
|
-
allow_failure: true
|
|
1435
1329
|
'www ๐ Deploy | prod ':
|
|
1436
1330
|
stage: deploy prod
|
|
1437
1331
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1511,8 +1405,6 @@ before_script:
|
|
|
1511
1405
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1512
1406
|
- set -e
|
|
1513
1407
|
- collapseable_section_end "cleanup"
|
|
1514
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1515
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1516
1408
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1517
1409
|
environment:
|
|
1518
1410
|
name: prod/www
|
|
@@ -1531,8 +1423,6 @@ before_script:
|
|
|
1531
1423
|
artifacts: false
|
|
1532
1424
|
- job: 'www ๐จ docker | prod '
|
|
1533
1425
|
artifacts: false
|
|
1534
|
-
- job: 'www ๐งพ sbom | prod '
|
|
1535
|
-
artifacts: true
|
|
1536
1426
|
retry: *a1
|
|
1537
1427
|
interruptible: true
|
|
1538
1428
|
allow_failure: true
|
|
@@ -1553,8 +1443,6 @@ before_script:
|
|
|
1553
1443
|
- gcloud run services delete pan-test-app-prod-www --project=asdf --region=asia-east1
|
|
1554
1444
|
- gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www --quiet --delete-tags
|
|
1555
1445
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1556
|
-
- echo 'Disabling component in Dependency Track'
|
|
1557
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "$CI_ENVIRONMENT_URL" || true
|
|
1558
1446
|
- set -e
|
|
1559
1447
|
environment:
|
|
1560
1448
|
name: prod/www
|
|
@@ -355,28 +355,6 @@ before_script:
|
|
|
355
355
|
- 'my-app ๐จ app | dev '
|
|
356
356
|
retry: *a1
|
|
357
357
|
interruptible: true
|
|
358
|
-
'my-app ๐งพ sbom | dev ':
|
|
359
|
-
stage: build
|
|
360
|
-
image:
|
|
361
|
-
name: aquasec/trivy:0.58.2
|
|
362
|
-
entrypoint:
|
|
363
|
-
- ''
|
|
364
|
-
variables: {}
|
|
365
|
-
script:
|
|
366
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
367
|
-
- collapseable_section_end "injectvars"
|
|
368
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
369
|
-
artifacts:
|
|
370
|
-
paths:
|
|
371
|
-
- __sbom.json
|
|
372
|
-
rules:
|
|
373
|
-
- when: never
|
|
374
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
375
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
376
|
-
needs: []
|
|
377
|
-
retry: *a1
|
|
378
|
-
interruptible: true
|
|
379
|
-
allow_failure: true
|
|
380
358
|
'my-app ๐ Deploy | dev ':
|
|
381
359
|
stage: deploy dev
|
|
382
360
|
image: path/to/docker/gcloud:the-version
|
|
@@ -459,8 +437,6 @@ before_script:
|
|
|
459
437
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app@$version --quiet --delete-tags; done
|
|
460
438
|
- set -e
|
|
461
439
|
- collapseable_section_end "cleanup"
|
|
462
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
463
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/my-app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
464
440
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
465
441
|
environment:
|
|
466
442
|
name: dev/my-app
|
|
@@ -484,8 +460,6 @@ before_script:
|
|
|
484
460
|
artifacts: false
|
|
485
461
|
- job: 'my-app ๐งช test | dev '
|
|
486
462
|
artifacts: false
|
|
487
|
-
- job: 'my-app ๐งพ sbom | dev '
|
|
488
|
-
artifacts: true
|
|
489
463
|
- job: 'my-app ๐ก audit | dev '
|
|
490
464
|
artifacts: false
|
|
491
465
|
retry: *a1
|
|
@@ -508,8 +482,6 @@ before_script:
|
|
|
508
482
|
- gcloud run services delete pan-test-app-dev-my-app --project=my-project-id --region=europe-west6
|
|
509
483
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/dev/my-app --quiet --delete-tags
|
|
510
484
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app@$version --quiet --delete-tags; done
|
|
511
|
-
- echo 'Disabling component in Dependency Track'
|
|
512
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/my-app" "$CI_ENVIRONMENT_URL" || true
|
|
513
485
|
- set -e
|
|
514
486
|
environment:
|
|
515
487
|
name: dev/my-app
|
|
@@ -790,28 +762,6 @@ before_script:
|
|
|
790
762
|
- 'my-app ๐จ app | review '
|
|
791
763
|
retry: *a1
|
|
792
764
|
interruptible: true
|
|
793
|
-
'my-app ๐งพ sbom | review ':
|
|
794
|
-
stage: build
|
|
795
|
-
image:
|
|
796
|
-
name: aquasec/trivy:0.58.2
|
|
797
|
-
entrypoint:
|
|
798
|
-
- ''
|
|
799
|
-
variables: {}
|
|
800
|
-
script:
|
|
801
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
802
|
-
- collapseable_section_end "injectvars"
|
|
803
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
804
|
-
artifacts:
|
|
805
|
-
paths:
|
|
806
|
-
- __sbom.json
|
|
807
|
-
rules:
|
|
808
|
-
- when: never
|
|
809
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
810
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
811
|
-
needs: []
|
|
812
|
-
retry: *a1
|
|
813
|
-
interruptible: true
|
|
814
|
-
allow_failure: true
|
|
815
765
|
'my-app ๐ Deploy | review ':
|
|
816
766
|
stage: deploy review
|
|
817
767
|
image: path/to/docker/gcloud:the-version
|
|
@@ -900,8 +850,6 @@ before_script:
|
|
|
900
850
|
- set -e
|
|
901
851
|
- set -e
|
|
902
852
|
- collapseable_section_end "cleanup"
|
|
903
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
904
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/my-app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
905
853
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
906
854
|
environment:
|
|
907
855
|
name: review/$CI_COMMIT_REF_NAME/my-app
|
|
@@ -925,8 +873,6 @@ before_script:
|
|
|
925
873
|
artifacts: false
|
|
926
874
|
- job: 'my-app ๐งช test | review '
|
|
927
875
|
artifacts: false
|
|
928
|
-
- job: 'my-app ๐งพ sbom | review '
|
|
929
|
-
artifacts: true
|
|
930
876
|
- job: 'my-app ๐ก audit | review '
|
|
931
877
|
artifacts: false
|
|
932
878
|
retry: *a1
|
|
@@ -952,8 +898,6 @@ before_script:
|
|
|
952
898
|
- set +e
|
|
953
899
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/review/my-app --quiet --delete-tags
|
|
954
900
|
- set -e
|
|
955
|
-
- echo 'Disabling component in Dependency Track'
|
|
956
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/my-app" "$CI_ENVIRONMENT_URL" || true
|
|
957
901
|
- set -e
|
|
958
902
|
environment:
|
|
959
903
|
name: review/$CI_COMMIT_REF_NAME/my-app
|
|
@@ -1115,28 +1059,6 @@ before_script:
|
|
|
1115
1059
|
- 'my-app ๐จ app | stage '
|
|
1116
1060
|
retry: *a1
|
|
1117
1061
|
interruptible: true
|
|
1118
|
-
'my-app ๐งพ sbom | stage ':
|
|
1119
|
-
stage: build
|
|
1120
|
-
image:
|
|
1121
|
-
name: aquasec/trivy:0.58.2
|
|
1122
|
-
entrypoint:
|
|
1123
|
-
- ''
|
|
1124
|
-
variables: {}
|
|
1125
|
-
script:
|
|
1126
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1127
|
-
- collapseable_section_end "injectvars"
|
|
1128
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
1129
|
-
artifacts:
|
|
1130
|
-
paths:
|
|
1131
|
-
- __sbom.json
|
|
1132
|
-
rules:
|
|
1133
|
-
- when: never
|
|
1134
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1135
|
-
- if: $CI_COMMIT_TAG
|
|
1136
|
-
needs: []
|
|
1137
|
-
retry: *a1
|
|
1138
|
-
interruptible: true
|
|
1139
|
-
allow_failure: true
|
|
1140
1062
|
'my-app ๐ Deploy | stage ':
|
|
1141
1063
|
stage: deploy stage
|
|
1142
1064
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1219,8 +1141,6 @@ before_script:
|
|
|
1219
1141
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app@$version --quiet --delete-tags; done
|
|
1220
1142
|
- set -e
|
|
1221
1143
|
- collapseable_section_end "cleanup"
|
|
1222
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1223
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/my-app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1224
1144
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1225
1145
|
environment:
|
|
1226
1146
|
name: stage/my-app
|
|
@@ -1239,8 +1159,6 @@ before_script:
|
|
|
1239
1159
|
artifacts: false
|
|
1240
1160
|
- job: 'my-app ๐จ docker | stage '
|
|
1241
1161
|
artifacts: false
|
|
1242
|
-
- job: 'my-app ๐งพ sbom | stage '
|
|
1243
|
-
artifacts: true
|
|
1244
1162
|
retry: *a1
|
|
1245
1163
|
interruptible: true
|
|
1246
1164
|
allow_failure: false
|
|
@@ -1261,8 +1179,6 @@ before_script:
|
|
|
1261
1179
|
- gcloud run services delete pan-test-app-stage-my-app --project=my-project-id --region=europe-west6
|
|
1262
1180
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/stage/my-app --quiet --delete-tags
|
|
1263
1181
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app@$version --quiet --delete-tags; done
|
|
1264
|
-
- echo 'Disabling component in Dependency Track'
|
|
1265
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/my-app" "$CI_ENVIRONMENT_URL" || true
|
|
1266
1182
|
- set -e
|
|
1267
1183
|
environment:
|
|
1268
1184
|
name: stage/my-app
|
|
@@ -1424,28 +1340,6 @@ before_script:
|
|
|
1424
1340
|
- 'my-app ๐จ app | prod '
|
|
1425
1341
|
retry: *a1
|
|
1426
1342
|
interruptible: true
|
|
1427
|
-
'my-app ๐งพ sbom | prod ':
|
|
1428
|
-
stage: build
|
|
1429
|
-
image:
|
|
1430
|
-
name: aquasec/trivy:0.58.2
|
|
1431
|
-
entrypoint:
|
|
1432
|
-
- ''
|
|
1433
|
-
variables: {}
|
|
1434
|
-
script:
|
|
1435
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1436
|
-
- collapseable_section_end "injectvars"
|
|
1437
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
1438
|
-
artifacts:
|
|
1439
|
-
paths:
|
|
1440
|
-
- __sbom.json
|
|
1441
|
-
rules:
|
|
1442
|
-
- when: never
|
|
1443
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1444
|
-
- if: $CI_COMMIT_TAG
|
|
1445
|
-
needs: []
|
|
1446
|
-
retry: *a1
|
|
1447
|
-
interruptible: true
|
|
1448
|
-
allow_failure: true
|
|
1449
1343
|
'my-app ๐ Deploy | prod ':
|
|
1450
1344
|
stage: deploy prod
|
|
1451
1345
|
image: path/to/docker/gcloud:the-version
|
|
@@ -1528,8 +1422,6 @@ before_script:
|
|
|
1528
1422
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app@$version --quiet --delete-tags; done
|
|
1529
1423
|
- set -e
|
|
1530
1424
|
- collapseable_section_end "cleanup"
|
|
1531
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1532
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/my-app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1533
1425
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1534
1426
|
environment:
|
|
1535
1427
|
name: prod/my-app
|
|
@@ -1548,8 +1440,6 @@ before_script:
|
|
|
1548
1440
|
artifacts: false
|
|
1549
1441
|
- job: 'my-app ๐จ docker | prod '
|
|
1550
1442
|
artifacts: false
|
|
1551
|
-
- job: 'my-app ๐งพ sbom | prod '
|
|
1552
|
-
artifacts: true
|
|
1553
1443
|
retry: *a1
|
|
1554
1444
|
interruptible: true
|
|
1555
1445
|
allow_failure: true
|
|
@@ -1570,8 +1460,6 @@ before_script:
|
|
|
1570
1460
|
- gcloud run services delete pan-test-app-prod-my-app --project=my-project-id --region=europe-west6
|
|
1571
1461
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/prod/my-app --quiet --delete-tags
|
|
1572
1462
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/my-app@$version --quiet --delete-tags; done
|
|
1573
|
-
- echo 'Disabling component in Dependency Track'
|
|
1574
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/my-app" "$CI_ENVIRONMENT_URL" || true
|
|
1575
1463
|
- set -e
|
|
1576
1464
|
environment:
|
|
1577
1465
|
name: prod/my-app
|
|
@@ -219,28 +219,6 @@ before_script:
|
|
|
219
219
|
needs: []
|
|
220
220
|
retry: *a1
|
|
221
221
|
interruptible: true
|
|
222
|
-
'app ๐งพ sbom | dev ':
|
|
223
|
-
stage: build
|
|
224
|
-
image:
|
|
225
|
-
name: aquasec/trivy:0.58.2
|
|
226
|
-
entrypoint:
|
|
227
|
-
- ''
|
|
228
|
-
variables: {}
|
|
229
|
-
script:
|
|
230
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
231
|
-
- collapseable_section_end "injectvars"
|
|
232
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" .temp-with-dockerfile
|
|
233
|
-
artifacts:
|
|
234
|
-
paths:
|
|
235
|
-
- __sbom.json
|
|
236
|
-
rules:
|
|
237
|
-
- when: never
|
|
238
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
239
|
-
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_MESSAGE !~ /^chore\\(release\\).*/
|
|
240
|
-
needs: []
|
|
241
|
-
retry: *a1
|
|
242
|
-
interruptible: true
|
|
243
|
-
allow_failure: true
|
|
244
222
|
'app ๐ Deploy | dev ':
|
|
245
223
|
stage: deploy dev
|
|
246
224
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -368,8 +346,6 @@ before_script:
|
|
|
368
346
|
- collapseable_section_end "writeallvalues"
|
|
369
347
|
- kubernetesCreateSecret
|
|
370
348
|
- kubernetesDeploy
|
|
371
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
372
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
373
349
|
- echo deployment successful ๐ป
|
|
374
350
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
375
351
|
environment:
|
|
@@ -392,8 +368,6 @@ before_script:
|
|
|
392
368
|
artifacts: false
|
|
393
369
|
- job: 'app ๐งช test | dev '
|
|
394
370
|
artifacts: false
|
|
395
|
-
- job: 'app ๐งพ sbom | dev '
|
|
396
|
-
artifacts: true
|
|
397
371
|
- job: 'app ๐ก audit | dev '
|
|
398
372
|
artifacts: false
|
|
399
373
|
retry: *a1
|
|
@@ -439,8 +413,6 @@ before_script:
|
|
|
439
413
|
- kubectl config set-context "kube-pan-test-app-dev-app" --cluster="kube-pan-test-app-dev-app" --user="kube-pan-test-app-dev-app" --namespace="pan-test-app-dev"
|
|
440
414
|
- kubectl config use-context "kube-pan-test-app-dev-app"
|
|
441
415
|
- kubernetesDelete
|
|
442
|
-
- echo 'Disabling component in Dependency Track'
|
|
443
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/app" "$CI_ENVIRONMENT_URL" || true
|
|
444
416
|
environment:
|
|
445
417
|
name: dev/app
|
|
446
418
|
action: stop
|
|
@@ -620,28 +592,6 @@ before_script:
|
|
|
620
592
|
needs: []
|
|
621
593
|
retry: *a1
|
|
622
594
|
interruptible: true
|
|
623
|
-
'app ๐งพ sbom | review ':
|
|
624
|
-
stage: build
|
|
625
|
-
image:
|
|
626
|
-
name: aquasec/trivy:0.58.2
|
|
627
|
-
entrypoint:
|
|
628
|
-
- ''
|
|
629
|
-
variables: {}
|
|
630
|
-
script:
|
|
631
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
632
|
-
- collapseable_section_end "injectvars"
|
|
633
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" .temp-with-dockerfile
|
|
634
|
-
artifacts:
|
|
635
|
-
paths:
|
|
636
|
-
- __sbom.json
|
|
637
|
-
rules:
|
|
638
|
-
- when: never
|
|
639
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
640
|
-
- if: $CI_MERGE_REQUEST_ID
|
|
641
|
-
needs: []
|
|
642
|
-
retry: *a1
|
|
643
|
-
interruptible: true
|
|
644
|
-
allow_failure: true
|
|
645
595
|
'app ๐ Deploy | review ':
|
|
646
596
|
stage: deploy review
|
|
647
597
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -775,8 +725,6 @@ before_script:
|
|
|
775
725
|
- collapseable_section_end "writeallvalues"
|
|
776
726
|
- kubernetesCreateSecret
|
|
777
727
|
- kubernetesDeploy
|
|
778
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
779
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
780
728
|
- echo deployment successful ๐ป
|
|
781
729
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
782
730
|
environment:
|
|
@@ -799,8 +747,6 @@ before_script:
|
|
|
799
747
|
artifacts: false
|
|
800
748
|
- job: 'app ๐งช test | review '
|
|
801
749
|
artifacts: false
|
|
802
|
-
- job: 'app ๐งพ sbom | review '
|
|
803
|
-
artifacts: true
|
|
804
750
|
- job: 'app ๐ก audit | review '
|
|
805
751
|
artifacts: false
|
|
806
752
|
retry: *a1
|
|
@@ -846,8 +792,6 @@ before_script:
|
|
|
846
792
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app" --namespace="pan-test-app-review"
|
|
847
793
|
- kubectl config use-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app"
|
|
848
794
|
- kubernetesDelete
|
|
849
|
-
- echo 'Disabling component in Dependency Track'
|
|
850
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/app" "$CI_ENVIRONMENT_URL" || true
|
|
851
795
|
environment:
|
|
852
796
|
name: review/$CI_COMMIT_REF_NAME/app
|
|
853
797
|
action: stop
|
|
@@ -956,28 +900,6 @@ before_script:
|
|
|
956
900
|
needs: []
|
|
957
901
|
retry: *a1
|
|
958
902
|
interruptible: true
|
|
959
|
-
'app ๐งพ sbom | stage ':
|
|
960
|
-
stage: build
|
|
961
|
-
image:
|
|
962
|
-
name: aquasec/trivy:0.58.2
|
|
963
|
-
entrypoint:
|
|
964
|
-
- ''
|
|
965
|
-
variables: {}
|
|
966
|
-
script:
|
|
967
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
968
|
-
- collapseable_section_end "injectvars"
|
|
969
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" .temp-with-dockerfile
|
|
970
|
-
artifacts:
|
|
971
|
-
paths:
|
|
972
|
-
- __sbom.json
|
|
973
|
-
rules:
|
|
974
|
-
- when: never
|
|
975
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
976
|
-
- if: $CI_COMMIT_TAG
|
|
977
|
-
needs: []
|
|
978
|
-
retry: *a1
|
|
979
|
-
interruptible: true
|
|
980
|
-
allow_failure: true
|
|
981
903
|
'app ๐ Deploy | stage ':
|
|
982
904
|
stage: deploy stage
|
|
983
905
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -1105,8 +1027,6 @@ before_script:
|
|
|
1105
1027
|
- collapseable_section_end "writeallvalues"
|
|
1106
1028
|
- kubernetesCreateSecret
|
|
1107
1029
|
- kubernetesDeploy
|
|
1108
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1109
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1110
1030
|
- echo deployment successful ๐ป
|
|
1111
1031
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1112
1032
|
environment:
|
|
@@ -1124,8 +1044,6 @@ before_script:
|
|
|
1124
1044
|
needs:
|
|
1125
1045
|
- job: 'app ๐จ docker | stage '
|
|
1126
1046
|
artifacts: false
|
|
1127
|
-
- job: 'app ๐งพ sbom | stage '
|
|
1128
|
-
artifacts: true
|
|
1129
1047
|
retry: *a1
|
|
1130
1048
|
interruptible: true
|
|
1131
1049
|
allow_failure: false
|
|
@@ -1169,8 +1087,6 @@ before_script:
|
|
|
1169
1087
|
- kubectl config set-context "kube-pan-test-app-stage-app" --cluster="kube-pan-test-app-stage-app" --user="kube-pan-test-app-stage-app" --namespace="pan-test-app-stage"
|
|
1170
1088
|
- kubectl config use-context "kube-pan-test-app-stage-app"
|
|
1171
1089
|
- kubernetesDelete
|
|
1172
|
-
- echo 'Disabling component in Dependency Track'
|
|
1173
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/app" "$CI_ENVIRONMENT_URL" || true
|
|
1174
1090
|
environment:
|
|
1175
1091
|
name: stage/app
|
|
1176
1092
|
action: stop
|
|
@@ -1279,28 +1195,6 @@ before_script:
|
|
|
1279
1195
|
needs: []
|
|
1280
1196
|
retry: *a1
|
|
1281
1197
|
interruptible: true
|
|
1282
|
-
'app ๐งพ sbom | prod ':
|
|
1283
|
-
stage: build
|
|
1284
|
-
image:
|
|
1285
|
-
name: aquasec/trivy:0.58.2
|
|
1286
|
-
entrypoint:
|
|
1287
|
-
- ''
|
|
1288
|
-
variables: {}
|
|
1289
|
-
script:
|
|
1290
|
-
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1291
|
-
- collapseable_section_end "injectvars"
|
|
1292
|
-
- trivy fs --quiet --format cyclonedx --output "__sbom.json" .temp-with-dockerfile
|
|
1293
|
-
artifacts:
|
|
1294
|
-
paths:
|
|
1295
|
-
- __sbom.json
|
|
1296
|
-
rules:
|
|
1297
|
-
- when: never
|
|
1298
|
-
if: $CI_PIPELINE_SOURCE == "trigger"
|
|
1299
|
-
- if: $CI_COMMIT_TAG
|
|
1300
|
-
needs: []
|
|
1301
|
-
retry: *a1
|
|
1302
|
-
interruptible: true
|
|
1303
|
-
allow_failure: true
|
|
1304
1198
|
'app ๐ Deploy | prod ':
|
|
1305
1199
|
stage: deploy prod
|
|
1306
1200
|
image: path/to/docker/kubernetes:the-version
|
|
@@ -1428,8 +1322,6 @@ before_script:
|
|
|
1428
1322
|
- collapseable_section_end "writeallvalues"
|
|
1429
1323
|
- kubernetesCreateSecret
|
|
1430
1324
|
- kubernetesDeploy
|
|
1431
|
-
- echo 'Uploading SBOM to Dependency Track'
|
|
1432
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "$ROOT_URL" "__sbom.json" vex.json || true
|
|
1433
1325
|
- echo deployment successful ๐ป
|
|
1434
1326
|
- echo "CL_GITLAB_ENVIRONMENT_URL=$ROOT_URL" >> gitlab_environment.env
|
|
1435
1327
|
environment:
|
|
@@ -1447,8 +1339,6 @@ before_script:
|
|
|
1447
1339
|
needs:
|
|
1448
1340
|
- job: 'app ๐จ docker | prod '
|
|
1449
1341
|
artifacts: false
|
|
1450
|
-
- job: 'app ๐งพ sbom | prod '
|
|
1451
|
-
artifacts: true
|
|
1452
1342
|
retry: *a1
|
|
1453
1343
|
interruptible: true
|
|
1454
1344
|
allow_failure: true
|
|
@@ -1492,8 +1382,6 @@ before_script:
|
|
|
1492
1382
|
- kubectl config set-context "kube-pan-test-app-prod-app" --cluster="kube-pan-test-app-prod-app" --user="kube-pan-test-app-prod-app" --namespace="pan-test-app-prod"
|
|
1493
1383
|
- kubectl config use-context "kube-pan-test-app-prod-app"
|
|
1494
1384
|
- kubernetesDelete
|
|
1495
|
-
- echo 'Disabling component in Dependency Track'
|
|
1496
|
-
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/app" "$CI_ENVIRONMENT_URL" || true
|
|
1497
1385
|
environment:
|
|
1498
1386
|
name: prod/app
|
|
1499
1387
|
action: stop
|