@mojaloop/central-ledger 9.2.2 → 15.1.3-snapshot.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.circleci/config.yml +625 -204
- package/.env +3 -2
- package/.ncurc.yaml +9 -0
- package/.nvmrc +1 -1
- package/.versionrc +15 -0
- package/CHANGELOG.md +353 -0
- package/CODEOWNERS +31 -0
- package/Dockerfile +20 -14
- package/LICENSE.md +4 -4
- package/Onboarding.md +0 -7
- package/README.md +99 -22
- package/audit-resolve.json +136 -1
- package/config/default.json +82 -27
- package/docker/central-ledger/default.json +68 -21
- package/docker/ml-api-adapter/default.json +10 -1
- package/docker/wait-for/wait-for-objstore.sh +1 -6
- package/docker/wait-for/wait-for.env +1 -1
- package/docker-compose.integration.yml +8 -5
- package/docker-compose.yml +73 -16
- package/migrations/310203_transferParticipant-indexes.js +38 -0
- package/migrations/310503_participantLimit-indexes-composite.js +38 -0
- package/migrations/{400401_settlementWindowStateChange-indexes.js → 400401_settlmentWindowStateChange-indexes.js} +0 -0
- package/migrations/401301_settlementModel-indexes.js +2 -0
- package/migrations/500401_quote-hotfix-2719.js +58 -0
- package/migrations/500501_feature-fixSubIdRef.js +53 -0
- package/migrations/500601_party-2480.js +63 -0
- package/migrations/501001_quoteExtension-quote-service-174.js +46 -0
- package/migrations/501002_quoteExtension-2522.js +61 -0
- package/migrations/800101_feature-fixSubIdRef.js +90 -0
- package/migrations/910102_hotfix954.js +4 -1
- package/migrations/940100_quotePartyIdInfoExtension.js +52 -0
- package/migrations/940101_quotePartyIdInfoExtension-2522.js +64 -0
- package/migrations/950100_settlementContentAggregation-decimal184.js +40 -0
- package/migrations/950101_transferParticipantStateChange.js +46 -0
- package/migrations/950102_settlementModel-adjustPosition.js +42 -0
- package/migrations/950103_dropTransferParticipantStateChange.js +47 -0
- package/migrations/950104_settlementModel-settlementAccountTypeId.js +79 -0
- package/migrations/950106_unique_settlement_model_ledger_account_currency.js +38 -0
- package/migrations/950107_settlementWindowContent_foreign_settlementModel.js +60 -0
- package/package.json +99 -81
- package/scripts/_wait4_all.js +146 -0
- package/seeds/amountType.js +4 -6
- package/seeds/balanceOfPayments.js +4 -6
- package/seeds/bulkProcessingState.js +4 -6
- package/seeds/bulkTransferState.js +4 -6
- package/seeds/currency.js +4 -6
- package/seeds/endpointType.js +128 -7
- package/seeds/ledgerAccountType.js +11 -10
- package/seeds/ledgerEntryType.js +5 -7
- package/seeds/participant.js +4 -6
- package/seeds/participantLimitType.js +4 -6
- package/seeds/partyIdentifierType.js +4 -6
- package/seeds/partyType.js +4 -6
- package/seeds/settlementDelay.js +4 -6
- package/seeds/settlementGranularity.js +4 -6
- package/seeds/settlementInterchange.js +4 -6
- package/seeds/settlementState.js +4 -6
- package/seeds/settlementWindow1State.js +4 -6
- package/seeds/transactionInitiator.js +4 -6
- package/seeds/transactionInitiatorType.js +4 -6
- package/seeds/transactionScenario.js +4 -6
- package/seeds/transferParticipantRoleType.js +4 -6
- package/seeds/transferState.js +9 -6
- package/src/api/interface/swagger.json +728 -948
- package/src/api/ledgerAccountTypes/handler.js +55 -0
- package/src/api/ledgerAccountTypes/routes.js +63 -0
- package/src/api/metrics/handler.js +2 -2
- package/src/api/metrics/routes.js +1 -1
- package/src/api/participants/handler.js +43 -35
- package/src/api/participants/routes.js +13 -13
- package/src/api/root/routes.js +2 -2
- package/src/api/settlementModels/handler.js +9 -26
- package/src/api/settlementModels/routes.js +4 -4
- package/src/api/transactions/handler.js +46 -0
- package/src/api/transactions/routes.js +45 -0
- package/src/domain/bulkTransfer/index.js +6 -5
- package/src/domain/ledgerAccountTypes/index.js +58 -0
- package/src/domain/participant/index.js +55 -4
- package/src/domain/position/index.js +18 -2
- package/src/domain/settlement/index.js +39 -6
- package/src/domain/transactions/index.js +61 -0
- package/src/domain/transfer/index.js +22 -2
- package/src/domain/transfer/transform.js +3 -3
- package/src/handlers/admin/handler.js +24 -32
- package/src/handlers/bulk/fulfil/handler.js +89 -56
- package/src/handlers/bulk/get/handler.js +203 -0
- package/src/handlers/bulk/index.js +4 -1
- package/src/handlers/bulk/prepare/handler.js +30 -29
- package/src/handlers/bulk/processing/handler.js +61 -32
- package/src/handlers/bulk/shared/validator.js +13 -1
- package/src/handlers/index.js +18 -9
- package/src/handlers/positions/handler.js +67 -46
- package/src/handlers/register.js +7 -7
- package/src/handlers/timeouts/handler.js +9 -4
- package/src/handlers/transfers/handler.js +408 -182
- package/src/handlers/transfers/validator.js +41 -11
- package/src/lib/cache.js +8 -34
- package/src/lib/config.js +5 -7
- package/src/lib/enum.js +22 -22
- package/src/lib/enumCached.js +76 -0
- package/src/lib/healthCheck/subServiceHealth.js +2 -2
- package/src/lib/requestLogger.js +9 -9
- package/src/lib/urlParser.js +1 -1
- package/src/models/bulkTransfer/bulkTransfer.js +6 -6
- package/src/models/bulkTransfer/bulkTransferAssociation.js +3 -3
- package/src/models/bulkTransfer/bulkTransferDuplicateCheck.js +4 -4
- package/src/models/bulkTransfer/bulkTransferExtension.js +2 -2
- package/src/models/bulkTransfer/bulkTransferFulfilmentDuplicateCheck.js +4 -4
- package/src/models/bulkTransfer/bulkTransferStateChange.js +7 -7
- package/src/models/bulkTransfer/facade.js +54 -3
- package/src/models/bulkTransfer/individualTransfer.js +2 -2
- package/src/models/ilpPackets/ilpPacket.js +36 -0
- package/src/models/ledgerAccountType/ledgerAccountType.js +139 -3
- package/src/models/misc/migrationLock.js +1 -1
- package/src/models/misc/segment.js +1 -1
- package/src/models/participant/facade.js +226 -76
- package/src/models/participant/participant.js +6 -5
- package/src/models/participant/participantCached.js +8 -0
- package/src/models/participant/participantCurrency.js +7 -7
- package/src/models/participant/participantCurrencyCached.js +11 -1
- package/src/models/participant/participantLimit.js +13 -13
- package/src/models/participant/participantLimitCached.js +124 -0
- package/src/models/participant/participantPosition.js +34 -5
- package/src/models/participant/participantPositionChange.js +10 -2
- package/src/models/position/facade.js +112 -18
- package/src/models/position/participantPosition.js +6 -6
- package/src/models/settlement/settlementModel.js +92 -17
- package/src/models/settlement/settlementModelCached.js +139 -0
- package/src/models/transfer/facade.js +97 -32
- package/src/models/transfer/ilpPacket.js +4 -4
- package/src/models/transfer/transfer.js +7 -7
- package/src/models/transfer/transferDuplicateCheck.js +21 -5
- package/src/models/transfer/transferError.js +5 -5
- package/src/models/transfer/transferErrorDuplicateCheck.js +4 -4
- package/src/models/transfer/transferExtension.js +4 -4
- package/src/models/transfer/transferFulfilment.js +5 -5
- package/src/models/transfer/transferFulfilmentDuplicateCheck.js +4 -4
- package/src/models/transfer/transferParticipant.js +3 -3
- package/src/models/transfer/transferStateChange.js +11 -11
- package/src/models/transfer/transferTimeout.js +5 -5
- package/src/schema/bulkTransfer.js +4 -4
- package/src/shared/plugins.js +10 -9
- package/src/shared/setup.js +69 -46
- package/test/integration/domain/participant/index.test.js +2 -0
- package/test/integration/handlers/handlers.test.js +605 -166
- package/test/integration/handlers/root.test.js +1 -1
- package/test/integration/helpers/hubAccounts.js +62 -0
- package/test/integration/helpers/ilpPacket.js +1 -1
- package/test/integration/helpers/participantFundsInOut.js +80 -0
- package/test/integration/helpers/participantLimit.js +6 -1
- package/test/integration/helpers/settlementModels.js +88 -0
- package/test/integration/helpers/testConsumer.js +163 -0
- package/test/integration/helpers/testProducer.js +0 -1
- package/test/integration/helpers/transferDuplicateCheck.js +1 -1
- package/test/integration/helpers/transferStateChange.js +1 -1
- package/test/integration/helpers/transferTestHelper.js +3 -5
- package/test/integration/models/transfer/transferStateChange.test.js +6 -0
- package/test/unit/api/ledgerAccountTypes/handler.test.js +126 -0
- package/test/unit/api/ledgerAccountTypes/routes.test.js +52 -0
- package/test/unit/api/participants/handler.test.js +75 -33
- package/test/unit/api/root/handler.test.js +1 -1
- package/test/unit/api/root/routes.test.js +2 -2
- package/test/unit/api/settlementModels/handler.test.js +21 -57
- package/test/unit/api/transactions/handler.test.js +108 -0
- package/test/unit/api/transactions/routes.test.js +38 -0
- package/test/unit/domain/ledgerAccountTypes/index.test.js +197 -0
- package/test/unit/domain/participant/index.test.js +115 -2
- package/test/unit/domain/settlement/index.test.js +199 -29
- package/test/unit/domain/transactions/index.test.js +128 -0
- package/test/unit/domain/transfer/index.test.js +1 -0
- package/test/unit/domain/transfer/transform.test.js +2 -0
- package/test/unit/handlers/admin/handler.test.js +5 -5
- package/test/unit/handlers/bulk/get/handler.test.js +401 -0
- package/test/unit/handlers/index.test.js +6 -0
- package/test/unit/handlers/positions/handler.test.js +26 -0
- package/test/unit/handlers/register.test.js +2 -0
- package/test/unit/handlers/transfers/handler.test.js +491 -36
- package/test/unit/handlers/transfers/validator.test.js +31 -31
- package/test/unit/lib/cache.test.js +0 -64
- package/test/unit/lib/cachingOfEnums.test.js +121 -0
- package/test/unit/lib/config.test.js +34 -0
- package/test/unit/lib/enum.test.js +6 -1
- package/test/unit/lib/enumCached.test.js +82 -0
- package/test/unit/lib/healthCheck/subServiceHealth.test.js +2 -0
- package/test/unit/lib/requestLogger.test.js +14 -12
- package/test/unit/models/ilpPackets/ilpPacket.test.js +89 -0
- package/test/unit/models/ledgerAccountType/ledgerAccountType.test.js +255 -6
- package/test/unit/models/misc/migrationLock.test.js +4 -0
- package/test/unit/models/misc/segment.test.js +5 -0
- package/test/unit/models/participant/facade.test.js +493 -54
- package/test/unit/models/participant/participant.test.js +4 -0
- package/test/unit/models/participant/participantCurrency.test.js +22 -9
- package/test/unit/models/participant/participantCurrencyCached.test.js +1 -1
- package/test/unit/models/participant/participantLimit.test.js +97 -0
- package/test/unit/models/participant/participantLimitCached.test.js +232 -0
- package/test/unit/models/participant/participantPosition.test.js +217 -0
- package/test/unit/models/participant/participantPositionChange.test.js +3 -0
- package/test/unit/models/position/facade.test.js +318 -29
- package/test/unit/models/position/participantPosition.test.js +22 -7
- package/test/unit/models/settlement/settlementModel.test.js +18 -37
- package/test/unit/models/settlement/settlementModelCached.test.js +171 -0
- package/test/unit/models/transfer/facade.test.js +115 -0
- package/test/unit/models/transfer/ilpPacket.test.js +28 -11
- package/test/unit/models/transfer/transfer.test.js +13 -4
- package/test/unit/models/transfer/transferDuplicateCheck.test.js +4 -0
- package/test/unit/models/transfer/transferError.test.js +5 -1
- package/test/unit/models/transfer/transferErrorDuplicateCheck.test.js +4 -0
- package/test/unit/models/transfer/transferExtension.test.js +26 -9
- package/test/unit/models/transfer/transferFulfilment.test.js +14 -5
- package/test/unit/models/transfer/transferFulfilmentDuplicateCheck.test.js +4 -0
- package/test/unit/models/transfer/transferParticipant.test.js +14 -5
- package/test/unit/models/transfer/transferStateChange.test.js +3 -0
- package/test/unit/models/transfer/transferTimeout.test.js +6 -0
- package/test/unit/seeds/amountType.test.js +6 -22
- package/test/unit/seeds/balanceOfPayments.test.js +6 -22
- package/test/unit/seeds/bulkProcessingState.test.js +84 -0
- package/test/unit/{lib/sidecar/nullClient.test.js → seeds/bulkTransferState.test.js} +36 -39
- package/test/unit/seeds/currency.test.js +6 -22
- package/test/unit/seeds/endpointType.test.js +6 -22
- package/test/unit/seeds/ledgerAccountType.test.js +5 -22
- package/test/unit/seeds/ledgerEntryType.test.js +6 -22
- package/test/unit/seeds/participant.test.js +5 -22
- package/test/unit/seeds/participantLimitType.test.js +6 -22
- package/test/unit/seeds/partyIdentifierType.test.js +6 -22
- package/test/unit/seeds/partyType.test.js +6 -22
- package/test/unit/seeds/settlementState.test.js +5 -22
- package/test/unit/seeds/settlementWindow1State.test.js +5 -22
- package/test/unit/seeds/transactionInitiator.test.js +6 -22
- package/test/unit/seeds/transactionInitiatorType.test.js +6 -22
- package/test/unit/seeds/transactionScenario.test.js +6 -22
- package/test/unit/seeds/transferParticipantRoleType.test.js +6 -22
- package/test/unit/seeds/transferState.test.js +6 -22
- package/test/unit/shared/plugins.test.js +31 -1
- package/test/unit/shared/setup.test.js +25 -36
- package/test/util/helpers.js +37 -2
- package/test/util/randomTransfers.js +1 -1
- package/test/util/scripts/env.sh +6 -5
- package/test/util/scripts/populateTestData.sh +204 -181
- package/test/util/scripts/populateTestDataForLegacySimulator.sh +261 -0
- package/test/util/scripts/restartObjStore.sh +1 -1
- package/test-integration.Dockerfile +15 -15
- package/test.Dockerfile +12 -12
- package/.circleci/_set_up_deploy_envs.sh +0 -47
- package/.dockerignore +0 -17
- package/.ncurc.json +0 -3
- package/server.sh +0 -4
- package/sonar-project.properties +0 -17
- package/src/lib/sidecar/index.js +0 -47
- package/src/lib/sidecar/nullClient.js +0 -18
- package/test/.env +0 -8
- package/test/integration-config.json +0 -367
- package/test/integration-runner.env +0 -31
- package/test/integration-runner.sh +0 -264
- package/test/spec-runner.sh +0 -132
- package/test/unit/lib/sidecar/index.test.js +0 -148
- package/test/unit/models/position/participantLimit.test.js +0 -135
package/.circleci/config.yml
CHANGED
|
@@ -1,7 +1,16 @@
|
|
|
1
|
-
# CircleCI v2
|
|
1
|
+
# CircleCI v2 Config
|
|
2
2
|
version: 2.1
|
|
3
|
+
|
|
4
|
+
##
|
|
5
|
+
# orbs
|
|
6
|
+
#
|
|
7
|
+
# Orbs used in this pipeline
|
|
8
|
+
##
|
|
3
9
|
orbs:
|
|
4
|
-
anchore: anchore/anchore-engine@1.
|
|
10
|
+
anchore: anchore/anchore-engine@1.9.0
|
|
11
|
+
slack: circleci/slack@4.9.3 # Ref: https://github.com/mojaloop/ci-config/tree/master/slack-templates
|
|
12
|
+
pr-tools: mojaloop/pr-tools@0.1.10 # Ref: https://github.com/mojaloop/ci-config/
|
|
13
|
+
gh: circleci/github-cli@2.1.0
|
|
5
14
|
|
|
6
15
|
##
|
|
7
16
|
# defaults
|
|
@@ -9,124 +18,59 @@ orbs:
|
|
|
9
18
|
# YAML defaults templates, in alphabetical order
|
|
10
19
|
##
|
|
11
20
|
defaults_Dependencies: &defaults_Dependencies |
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
21
|
+
apk --no-cache add bash
|
|
22
|
+
apk --no-cache add git
|
|
23
|
+
apk --no-cache add ca-certificates
|
|
24
|
+
apk --no-cache add curl
|
|
25
|
+
apk --no-cache add openssh-client
|
|
26
|
+
apk add --no-cache -t build-dependencies make gcc g++ python3 libtool autoconf automake jq
|
|
27
|
+
apk add --no-cache -t openssl ncurses coreutils libgcc linux-headers grep util-linux binutils findutils
|
|
28
|
+
npm config set unsafe-perm true
|
|
29
|
+
npm install -g node-gyp
|
|
19
30
|
|
|
20
31
|
defaults_awsCliDependencies: &defaults_awsCliDependencies |
|
|
21
|
-
apk --no-cache add
|
|
22
|
-
python \
|
|
23
|
-
py-pip \
|
|
24
|
-
groff \
|
|
25
|
-
less \
|
|
26
|
-
mailcap
|
|
27
|
-
pip install --upgrade awscli==1.14.5 s3cmd==2.0.1 python-magic
|
|
28
|
-
apk -v --purge del py-pip
|
|
29
|
-
|
|
30
|
-
defaults_build_docker_build: &defaults_build_docker_build
|
|
31
|
-
name: Build Docker $CIRCLE_TAG image
|
|
32
|
-
command: |
|
|
33
|
-
echo "Building Docker image: $CIRCLE_TAG"
|
|
34
|
-
docker build -t $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG .
|
|
32
|
+
apk --no-cache add aws-cli
|
|
35
33
|
|
|
36
|
-
|
|
37
|
-
name:
|
|
38
|
-
command: |
|
|
39
|
-
docker login -u $DOCKER_USER -p $DOCKER_PASS
|
|
40
|
-
|
|
41
|
-
defaults_build_docker_publish: &defaults_build_docker_publish
|
|
42
|
-
name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
|
|
34
|
+
defaults_license_scanner: &defaults_license_scanner
|
|
35
|
+
name: Install and set up license-scanner
|
|
43
36
|
command: |
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
|
|
47
|
-
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
|
|
37
|
+
git clone https://github.com/mojaloop/license-scanner /tmp/license-scanner
|
|
38
|
+
cd /tmp/license-scanner && make build default-files set-up
|
|
48
39
|
|
|
40
|
+
defaults_npm_auth: &defaults_npm_auth
|
|
41
|
+
name: Update NPM registry auth token
|
|
42
|
+
command: echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > .npmrc
|
|
49
43
|
|
|
50
|
-
|
|
51
|
-
name:
|
|
44
|
+
defaults_npm_publish_release: &defaults_npm_publish_release
|
|
45
|
+
name: Publish NPM $RELEASE_TAG artifact
|
|
52
46
|
command: |
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
name:
|
|
47
|
+
source $BASH_ENV
|
|
48
|
+
echo "Publishing tag $RELEASE_TAG"
|
|
49
|
+
npm publish --tag $RELEASE_TAG --access public
|
|
50
|
+
defaults_export_version_from_package: &defaults_export_version_from_package
|
|
51
|
+
name: Format the changelog into the github release body and get release tag
|
|
58
52
|
command: |
|
|
59
|
-
|
|
60
|
-
|
|
53
|
+
git diff --no-indent-heuristic master~1 HEAD CHANGELOG.md | sed -n '/^+[^+]/ s/^+//p' > /tmp/changes
|
|
54
|
+
echo 'export RELEASE_CHANGES=`cat /tmp/changes`' >> $BASH_ENV
|
|
55
|
+
echo 'export RELEASE_TAG=`cat package-lock.json | jq -r .version`' >> $BASH_ENV
|
|
61
56
|
|
|
62
|
-
|
|
63
|
-
name: Configure
|
|
64
|
-
command: |
|
|
65
|
-
echo "Configure Kubernetes credentials ${K8_USER_NAME}"
|
|
66
|
-
if [ ! -z "$K8_USER_TOKEN" ];
|
|
67
|
-
then
|
|
68
|
-
echo "Configure Kubernetes credentials ${K8_USER_NAME} using Token"
|
|
69
|
-
kubectl config set-credentials $K8_USER_NAME --token=$K8_USER_TOKEN
|
|
70
|
-
else
|
|
71
|
-
echo "Configure Kubernetes credentials ${K8_USER_NAME} using Certs"
|
|
72
|
-
kubectl config set-credentials $K8_USER_NAME --client-certificate=$CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/$K8_USER_PEM_CERT_FILENAME --client-key=$CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/$K8_USER_PEM_KEY_FILENAME
|
|
73
|
-
fi
|
|
74
|
-
|
|
75
|
-
defaults_deploy_configure_helm: &defaults_deploy_configure_helm
|
|
76
|
-
name: Configure Helm
|
|
57
|
+
defaults_configure_git: &defaults_configure_git
|
|
58
|
+
name: Configure git
|
|
77
59
|
command: |
|
|
78
|
-
|
|
60
|
+
git config user.email ${GIT_CI_EMAIL}
|
|
61
|
+
git config user.name ${GIT_CI_USER}
|
|
79
62
|
|
|
80
|
-
|
|
81
|
-
name:
|
|
82
|
-
command: |
|
|
83
|
-
echo "Install or Upgrade Chart ${K8_RELEASE_NAME} for Docker Image ${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_TAG}"
|
|
84
|
-
if [ -z "$(helm list -q | grep -E "^${K8_RELEASE_NAME}$")" ] && [ "$(helm list -q | grep -E "^${K8_RELEASE_NAME}$")" != "Error: Unauthorized" ];
|
|
85
|
-
then
|
|
86
|
-
echo "Installing ${K8_RELEASE_NAME} new release"
|
|
87
|
-
helm install --namespace=$K8_NAMESPACE --name=$K8_RELEASE_NAME --repo=$K8_HELM_REPO --version $K8_HELM_CHART_VERSION $HELM_VALUE_SET_VALUES -f $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM/$HELM_VALUE_FILENAME $K8_HELM_CHART_NAME
|
|
88
|
-
else
|
|
89
|
-
echo "Upgrading ${K8_RELEASE_NAME} release"
|
|
90
|
-
helm upgrade $K8_RELEASE_NAME --repo=$K8_HELM_REPO --version $K8_HELM_CHART_VERSION --reuse-values $HELM_VALUE_SET_VALUES -f $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM/$HELM_VALUE_FILENAME $K8_HELM_CHART_NAME
|
|
91
|
-
fi
|
|
92
|
-
|
|
93
|
-
defaults_deploy_prequisites: &defaults_deploy_prequisites
|
|
94
|
-
name: Copy deployment pre-requisites from S3 bucket
|
|
95
|
-
command: |
|
|
96
|
-
if [ -z "$K8_USER_TOKEN" ];
|
|
97
|
-
then
|
|
98
|
-
echo "Copying K8 keys into $AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS folder"
|
|
99
|
-
mkdir $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS
|
|
100
|
-
aws s3 cp $AWS_S3_URI_DEVOPS_DEPLOYMENT_CONFIG/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/$K8_USER_PEM_KEY_FILENAME $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/
|
|
101
|
-
aws s3 cp $AWS_S3_URI_DEVOPS_DEPLOYMENT_CONFIG/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/$K8_USER_PEM_CERT_FILENAME $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/
|
|
102
|
-
else
|
|
103
|
-
echo "Skipping K8 keys into $AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS folder"
|
|
104
|
-
fi
|
|
105
|
-
|
|
106
|
-
echo "Copying Helm value file into $AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM folder for $K8_RELEASE_NAME release"
|
|
107
|
-
mkdir $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM
|
|
108
|
-
aws s3 cp $AWS_S3_URI_DEVOPS_DEPLOYMENT_CONFIG/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM/$HELM_VALUE_FILENAME $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM/
|
|
109
|
-
|
|
110
|
-
defaults_deploy_set_kubernetes_context: &defaults_deploy_set_kubernetes_context
|
|
111
|
-
name: Set Kubernetes context
|
|
63
|
+
defaults_configure_nvm: &defaults_configure_nvm
|
|
64
|
+
name: Configure NVM
|
|
112
65
|
command: |
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
defaults_slack_announcement: &defaults_slack_announcement
|
|
123
|
-
name: Slack announcement for tag releases
|
|
124
|
-
command: |
|
|
125
|
-
curl -X POST \
|
|
126
|
-
$SLACK_WEBHOOK_ANNOUNCEMENT \
|
|
127
|
-
-H 'Content-type: application/json' \
|
|
128
|
-
-H 'cache-control: no-cache' \
|
|
129
|
-
-d "{\"text\": \"*${CIRCLE_PROJECT_REPONAME}* - Release \`${CIRCLE_TAG}\`: https://github.com/mojaloop/${CIRCLE_PROJECT_REPONAME}/releases/tag/${CIRCLE_TAG}\"}"
|
|
66
|
+
touch $HOME/.profile
|
|
67
|
+
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
|
|
68
|
+
export NVM_DIR="$HOME/.nvm"
|
|
69
|
+
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
|
|
70
|
+
echo "Installing Node version: $(cat .nvmrc)"
|
|
71
|
+
nvm install $(cat .nvmrc)
|
|
72
|
+
nvm alias default $(cat .nvmrc)
|
|
73
|
+
nvm use $(cat .nvmrc)
|
|
130
74
|
|
|
131
75
|
##
|
|
132
76
|
# Executors
|
|
@@ -135,18 +79,14 @@ defaults_slack_announcement: &defaults_slack_announcement
|
|
|
135
79
|
##
|
|
136
80
|
executors:
|
|
137
81
|
default-docker:
|
|
138
|
-
working_directory: /home/circleci/project
|
|
82
|
+
working_directory: &WORKING_DIR /home/circleci/project
|
|
139
83
|
docker:
|
|
140
|
-
- image: node:
|
|
84
|
+
- image: node:16.15.0-alpine # Ref: https://hub.docker.com/_/node?tab=tags&page=1&name=alpine
|
|
141
85
|
|
|
142
86
|
default-machine:
|
|
87
|
+
working_directory: *WORKING_DIR
|
|
143
88
|
machine:
|
|
144
|
-
image: ubuntu-
|
|
145
|
-
|
|
146
|
-
helm-kube:
|
|
147
|
-
working_directory: /home/circleci/project
|
|
148
|
-
docker:
|
|
149
|
-
- image: hypnoglow/kubernetes-helm
|
|
89
|
+
image: ubuntu-2004:current # Ref: https://circleci.com/developer/machine/image/ubuntu-2004
|
|
150
90
|
|
|
151
91
|
##
|
|
152
92
|
# Jobs
|
|
@@ -157,43 +97,71 @@ jobs:
|
|
|
157
97
|
setup:
|
|
158
98
|
executor: default-docker
|
|
159
99
|
steps:
|
|
160
|
-
- checkout
|
|
161
100
|
- run:
|
|
162
101
|
name: Install general dependencies
|
|
163
102
|
command: *defaults_Dependencies
|
|
103
|
+
- checkout
|
|
164
104
|
- run:
|
|
165
|
-
|
|
166
|
-
command: cd $(npm root -g)/npm
|
|
105
|
+
<<: *defaults_configure_nvm
|
|
167
106
|
- run:
|
|
168
107
|
name: Update NPM install
|
|
169
|
-
command: npm
|
|
170
|
-
- run:
|
|
171
|
-
name: Delete build dependencies
|
|
172
|
-
command: apk del build-dependencies
|
|
108
|
+
command: npm ci
|
|
173
109
|
- save_cache:
|
|
174
|
-
key: dependency-cache-{{
|
|
110
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
175
111
|
paths:
|
|
176
112
|
- node_modules
|
|
177
113
|
|
|
178
|
-
test-
|
|
114
|
+
test-dependencies:
|
|
179
115
|
executor: default-docker
|
|
180
116
|
steps:
|
|
117
|
+
- run:
|
|
118
|
+
name: Install general dependencies
|
|
119
|
+
command: *defaults_Dependencies
|
|
181
120
|
- checkout
|
|
121
|
+
- run:
|
|
122
|
+
<<: *defaults_configure_nvm
|
|
123
|
+
- restore_cache:
|
|
124
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
125
|
+
- run:
|
|
126
|
+
name: Execute dependency tests
|
|
127
|
+
command: npm run dep:check
|
|
128
|
+
|
|
129
|
+
test-lint:
|
|
130
|
+
executor: default-docker
|
|
131
|
+
steps:
|
|
182
132
|
- run:
|
|
183
133
|
name: Install general dependencies
|
|
184
134
|
command: *defaults_Dependencies
|
|
135
|
+
- checkout
|
|
136
|
+
- run:
|
|
137
|
+
<<: *defaults_configure_nvm
|
|
185
138
|
- restore_cache:
|
|
186
|
-
|
|
187
|
-
|
|
139
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
140
|
+
- run:
|
|
141
|
+
name: Execute lint tests
|
|
142
|
+
command: npm run lint
|
|
143
|
+
|
|
144
|
+
test-unit:
|
|
145
|
+
executor: default-docker
|
|
146
|
+
steps:
|
|
188
147
|
- run:
|
|
148
|
+
name: Install general dependencies
|
|
149
|
+
command: *defaults_Dependencies
|
|
150
|
+
- checkout
|
|
151
|
+
- run:
|
|
152
|
+
<<: *defaults_configure_nvm
|
|
153
|
+
- restore_cache:
|
|
154
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
155
|
+
- run:
|
|
156
|
+
# This is needed for legacy core tests. Remove this once 'tape' is fully deprecated.
|
|
189
157
|
name: Install tape, tapes and tap-xunit
|
|
190
|
-
command: npm install
|
|
158
|
+
command: npm install tape tapes tap-xunit
|
|
191
159
|
- run:
|
|
192
160
|
name: Create dir for test results
|
|
193
161
|
command: mkdir -p ./test/results
|
|
194
162
|
- run:
|
|
195
163
|
name: Execute unit tests
|
|
196
|
-
command: npm -s run test:xunit
|
|
164
|
+
command: npm -s run test:xunit
|
|
197
165
|
- store_artifacts:
|
|
198
166
|
path: ./test/results
|
|
199
167
|
prefix: test
|
|
@@ -203,16 +171,17 @@ jobs:
|
|
|
203
171
|
test-coverage:
|
|
204
172
|
executor: default-docker
|
|
205
173
|
steps:
|
|
206
|
-
- checkout
|
|
207
174
|
- run:
|
|
208
175
|
name: Install general dependencies
|
|
209
176
|
command: *defaults_Dependencies
|
|
210
177
|
- run:
|
|
211
178
|
name: Install AWS CLI dependencies
|
|
212
179
|
command: *defaults_awsCliDependencies
|
|
180
|
+
- checkout
|
|
181
|
+
- run:
|
|
182
|
+
<<: *defaults_configure_nvm
|
|
213
183
|
- restore_cache:
|
|
214
|
-
|
|
215
|
-
- dependency-cache-{{ checksum "package.json" }}
|
|
184
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
216
185
|
- run:
|
|
217
186
|
name: Execute code coverage check
|
|
218
187
|
command: npm -s run test:coverage-check
|
|
@@ -227,7 +196,7 @@ jobs:
|
|
|
227
196
|
if [ "${CIRCLE_BRANCH}" == "master" ];
|
|
228
197
|
then
|
|
229
198
|
echo "Sending lcov.info to SonarQube..."
|
|
230
|
-
aws s3 cp coverage/lcov.info $AWS_S3_DIR_SONARQUBE/$CIRCLE_PROJECT_REPONAME/lcov.info
|
|
199
|
+
aws s3 cp coverage/lcov.info $AWS_S3_DIR_SONARQUBE/${CIRCLE_PROJECT_REPONAME}/lcov.info
|
|
231
200
|
else
|
|
232
201
|
echo "Not a release (env CIRCLE_BRANCH != 'master'), skipping sending lcov.info to SonarQube."
|
|
233
202
|
fi
|
|
@@ -236,30 +205,81 @@ jobs:
|
|
|
236
205
|
executor: default-machine
|
|
237
206
|
steps:
|
|
238
207
|
- checkout
|
|
208
|
+
- run:
|
|
209
|
+
<<: *defaults_configure_nvm
|
|
239
210
|
- restore_cache:
|
|
240
|
-
key: dependency-cache-{{
|
|
211
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
241
212
|
- run:
|
|
242
213
|
name: Create dir for test results
|
|
243
214
|
command: mkdir -p ./test/results
|
|
244
215
|
- run:
|
|
245
|
-
name:
|
|
246
|
-
command:
|
|
247
|
-
|
|
216
|
+
name: Build and start the docker containers
|
|
217
|
+
command: |
|
|
218
|
+
## This is not needed as we are only doing narrow-integration tests.
|
|
219
|
+
# docker-compose build
|
|
220
|
+
|
|
221
|
+
## Lets pull only the Services needed for the Integration Test
|
|
222
|
+
docker-compose pull mysql kafka
|
|
223
|
+
|
|
224
|
+
## Lets startup only the Services needed for the Integration Test
|
|
225
|
+
docker-compose up -d mysql kafka
|
|
226
|
+
|
|
227
|
+
## Check straight away to see if any containers have exited
|
|
228
|
+
docker-compose ps
|
|
229
|
+
|
|
230
|
+
## wait for services to be up and running
|
|
231
|
+
npm run wait-4-docker
|
|
232
|
+
- run:
|
|
233
|
+
name: Run the integration tests
|
|
234
|
+
command: |
|
|
235
|
+
npm rebuild
|
|
236
|
+
npm run test:int
|
|
237
|
+
environment:
|
|
238
|
+
ENDPOINT_URL: http://localhost:4545/notification
|
|
248
239
|
- store_artifacts:
|
|
249
240
|
path: ./test/results
|
|
250
241
|
prefix: test
|
|
251
242
|
- store_test_results:
|
|
252
243
|
path: ./test/results
|
|
253
244
|
|
|
245
|
+
test-functional:
|
|
246
|
+
executor: default-machine
|
|
247
|
+
steps:
|
|
248
|
+
- checkout
|
|
249
|
+
- attach_workspace:
|
|
250
|
+
at: /tmp
|
|
251
|
+
- run:
|
|
252
|
+
name: Load the pre-built docker local image from workspace
|
|
253
|
+
command: docker load -i /tmp/docker-image-local.tar
|
|
254
|
+
- run:
|
|
255
|
+
name: Download the mojaloop/ml-core-test-harness repo
|
|
256
|
+
command: |
|
|
257
|
+
git clone --depth 1 --branch v0.0.2 https://github.com/mojaloop/ml-core-test-harness.git /tmp/ml-core-test-harness
|
|
258
|
+
- run:
|
|
259
|
+
name: Execute TTK functional tests
|
|
260
|
+
command: |
|
|
261
|
+
cd /tmp/ml-core-test-harness
|
|
262
|
+
export CENTRAL_LEDGER_VERSION=local
|
|
263
|
+
docker-compose --project-name ttk-func --ansi never --profile all-services --profile ttk-provisioning --profile ttk-tests up -d
|
|
264
|
+
bash wait-for-container.sh ttk-func-ttk-tests-1
|
|
265
|
+
docker logs ttk-func-ttk-tests-1 > ./reports/ttk-tests-console.log
|
|
266
|
+
docker-compose -p ttk-func --ansi never down
|
|
267
|
+
cat ./reports/ttk-tests-console.log
|
|
268
|
+
- store_artifacts:
|
|
269
|
+
path: /tmp/ml-core-test-harness/reports
|
|
270
|
+
prefix: test
|
|
271
|
+
|
|
254
272
|
vulnerability-check:
|
|
255
273
|
executor: default-docker
|
|
256
274
|
steps:
|
|
257
|
-
- checkout
|
|
258
275
|
- run:
|
|
259
276
|
name: Install general dependencies
|
|
260
277
|
command: *defaults_Dependencies
|
|
278
|
+
- checkout
|
|
279
|
+
- run:
|
|
280
|
+
<<: *defaults_configure_nvm
|
|
261
281
|
- restore_cache:
|
|
262
|
-
key: dependency-cache-{{
|
|
282
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
263
283
|
- run:
|
|
264
284
|
name: Create dir for test results
|
|
265
285
|
command: mkdir -p ./audit/results
|
|
@@ -273,17 +293,14 @@ jobs:
|
|
|
273
293
|
audit-licenses:
|
|
274
294
|
executor: default-docker
|
|
275
295
|
steps:
|
|
276
|
-
- checkout
|
|
277
296
|
- run:
|
|
278
297
|
name: Install general dependencies
|
|
279
298
|
command: *defaults_Dependencies
|
|
280
299
|
- run:
|
|
281
300
|
<<: *defaults_license_scanner
|
|
301
|
+
- checkout
|
|
282
302
|
- restore_cache:
|
|
283
|
-
key: dependency-cache-{{
|
|
284
|
-
- run:
|
|
285
|
-
name: Prune non-production packages before running license-scanner
|
|
286
|
-
command: npm prune --production
|
|
303
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
287
304
|
- run:
|
|
288
305
|
name: Run the license-scanner
|
|
289
306
|
command: cd /tmp/license-scanner && pathToRepo=$CIRCLE_WORKING_DIRECTORY make run
|
|
@@ -291,14 +308,38 @@ jobs:
|
|
|
291
308
|
path: /tmp/license-scanner/results
|
|
292
309
|
prefix: licenses
|
|
293
310
|
|
|
294
|
-
build:
|
|
311
|
+
build-local:
|
|
295
312
|
executor: default-machine
|
|
296
313
|
steps:
|
|
297
314
|
- checkout
|
|
298
315
|
- run:
|
|
299
|
-
|
|
316
|
+
name: Build Docker local image
|
|
317
|
+
command: |
|
|
318
|
+
echo "Building Docker image: local"
|
|
319
|
+
docker build -t $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:local .
|
|
300
320
|
- run:
|
|
301
321
|
name: Save docker image to workspace
|
|
322
|
+
command: docker save -o /tmp/docker-image-local.tar $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:local
|
|
323
|
+
- persist_to_workspace:
|
|
324
|
+
root: /tmp
|
|
325
|
+
paths:
|
|
326
|
+
- ./docker-image-local.tar
|
|
327
|
+
|
|
328
|
+
build:
|
|
329
|
+
executor: default-machine
|
|
330
|
+
steps:
|
|
331
|
+
- attach_workspace:
|
|
332
|
+
at: /tmp
|
|
333
|
+
- run:
|
|
334
|
+
name: Load the pre-built docker local image from workspace
|
|
335
|
+
command: docker load -i /tmp/docker-image-local.tar
|
|
336
|
+
- run:
|
|
337
|
+
name: Re-tag the image
|
|
338
|
+
command: |
|
|
339
|
+
echo "Re-tagging Docker image: $CIRCLE_TAG"
|
|
340
|
+
docker tag $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:local $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
|
|
341
|
+
- run:
|
|
342
|
+
name: Save the new docker image to workspace
|
|
302
343
|
command: docker save -o /tmp/docker-image.tar $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
|
|
303
344
|
- persist_to_workspace:
|
|
304
345
|
root: /tmp
|
|
@@ -307,7 +348,6 @@ jobs:
|
|
|
307
348
|
|
|
308
349
|
license-scan:
|
|
309
350
|
executor: default-machine
|
|
310
|
-
# <<: *defaults_test_env
|
|
311
351
|
steps:
|
|
312
352
|
- attach_workspace:
|
|
313
353
|
at: /tmp
|
|
@@ -318,7 +358,7 @@ jobs:
|
|
|
318
358
|
<<: *defaults_license_scanner
|
|
319
359
|
- run:
|
|
320
360
|
name: Run the license-scanner
|
|
321
|
-
command: cd /tmp/license-scanner && mode=docker
|
|
361
|
+
command: cd /tmp/license-scanner && mode=docker dockerImages=$DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG make run
|
|
322
362
|
- store_artifacts:
|
|
323
363
|
path: /tmp/license-scanner/results
|
|
324
364
|
prefix: licenses
|
|
@@ -328,6 +368,29 @@ jobs:
|
|
|
328
368
|
steps:
|
|
329
369
|
- setup_remote_docker
|
|
330
370
|
- checkout
|
|
371
|
+
- run:
|
|
372
|
+
name: Setup Slack config
|
|
373
|
+
command: |
|
|
374
|
+
echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
|
|
375
|
+
echo "export SLACK_RELEASE_TYPE='GitHub Release'" >> $BASH_ENV
|
|
376
|
+
echo "export SLACK_RELEASE_TAG='${RELEASE_TAG} on ${CIRCLE_BRANCH} branch'" >> $BASH_ENV
|
|
377
|
+
echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
|
|
378
|
+
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
|
|
379
|
+
echo "export SLACK_CUSTOM_MSG='Anchore Image Scan failed for: \`${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_TAG}\`'" >> $BASH_ENV
|
|
380
|
+
- run:
|
|
381
|
+
name: Install docker dependencies for anchore
|
|
382
|
+
command: |
|
|
383
|
+
apk add --update py-pip docker python3-dev libffi-dev openssl-dev gcc libc-dev make jq npm
|
|
384
|
+
- run:
|
|
385
|
+
name: Install general dependencies
|
|
386
|
+
command: |
|
|
387
|
+
apk --no-cache add git
|
|
388
|
+
apk --no-cache add ca-certificates
|
|
389
|
+
apk --no-cache add curl
|
|
390
|
+
apk --no-cache add openssh-client
|
|
391
|
+
apk add --no-cache -t build-dependencies make gcc g++ python3 libtool autoconf automake
|
|
392
|
+
npm config set unsafe-perm true
|
|
393
|
+
npm install -g node-gyp
|
|
331
394
|
- run:
|
|
332
395
|
name: Install AWS CLI dependencies
|
|
333
396
|
command: *defaults_awsCliDependencies
|
|
@@ -336,90 +399,306 @@ jobs:
|
|
|
336
399
|
- run:
|
|
337
400
|
name: Load the pre-built docker image from workspace
|
|
338
401
|
command: docker load -i /tmp/docker-image.tar
|
|
402
|
+
- run:
|
|
403
|
+
name: Download the mojaloop/ci-config repo
|
|
404
|
+
command: |
|
|
405
|
+
git clone https://github.com/mojaloop/ci-config /tmp/ci-config
|
|
406
|
+
# Generate the mojaloop anchore-policy
|
|
407
|
+
cd /tmp/ci-config/container-scanning && ./mojaloop-policy-generator.js /tmp/mojaloop-policy.json
|
|
408
|
+
- run:
|
|
409
|
+
name: Pull base image locally
|
|
410
|
+
command: |
|
|
411
|
+
docker pull node:16.15.0-alpine
|
|
412
|
+
# Analyze the base and derived image
|
|
413
|
+
# Note: It seems images are scanned in parallel, so preloading the base image result doesn't give us any real performance gain
|
|
339
414
|
- anchore/analyze_local_image:
|
|
340
|
-
|
|
341
|
-
|
|
342
|
-
|
|
415
|
+
# Force the older version, version 0.7.0 was just published, and is broken
|
|
416
|
+
anchore_version: v0.6.1
|
|
417
|
+
image_name: "docker.io/node:16.15.0-alpine $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
|
|
343
418
|
policy_failure: false
|
|
344
419
|
timeout: '500'
|
|
345
|
-
|
|
346
|
-
|
|
347
|
-
command: |
|
|
348
|
-
if [[ ! $(which jq) ]]; then
|
|
349
|
-
(set +o pipefail; apk add jq || apt-get install -y jq || yum install -y jq)
|
|
350
|
-
fi
|
|
351
|
-
if [[ $(ls anchore-reports/*content-os*.json 2> /dev/null) ]]; then
|
|
352
|
-
printf "\n%s\n" "The following OS packages are installed:"
|
|
353
|
-
jq '[.content | sort_by(.package) | .[] | {package: .package, version: .version}]' anchore-reports/*content-os*.json
|
|
354
|
-
fi
|
|
355
|
-
if [[ $(ls anchore-reports/*vuln*.json 2> /dev/null) ]]; then
|
|
356
|
-
printf "\n%s\n" "The following vulnerabilities were found:"
|
|
357
|
-
jq '[.vulnerabilities | group_by(.package) | .[] | {package: .[0].package, vuln: [.[].vuln]}]' anchore-reports/*vuln*.json
|
|
358
|
-
fi
|
|
420
|
+
# Note: if the generated policy is invalid, this will fallback to the default policy, which we don't want!
|
|
421
|
+
policy_bundle_file_path: /tmp/mojaloop-policy.json
|
|
359
422
|
- run:
|
|
360
423
|
name: Upload Anchore reports to s3
|
|
361
424
|
command: |
|
|
362
425
|
aws s3 cp anchore-reports ${AWS_S3_DIR_ANCHORE_REPORTS}/${CIRCLE_PROJECT_REPONAME}/ --recursive
|
|
363
426
|
aws s3 rm ${AWS_S3_DIR_ANCHORE_REPORTS}/latest/ --recursive --exclude "*" --include "${CIRCLE_PROJECT_REPONAME}*"
|
|
364
427
|
aws s3 cp anchore-reports ${AWS_S3_DIR_ANCHORE_REPORTS}/latest/ --recursive
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
# echo "FailCount is: ${failCount}"
|
|
369
|
-
# if [ $failCount -gt 0 ]; then
|
|
370
|
-
# printf "Failed with a policy failure count of: ${failCount}"
|
|
371
|
-
# exit 1
|
|
372
|
-
# fi
|
|
428
|
+
- run:
|
|
429
|
+
name: Evaluate failures
|
|
430
|
+
command: /tmp/ci-config/container-scanning/anchore-result-diff.js anchore-reports/node_16.15.0-alpine-policy.json anchore-reports/${CIRCLE_PROJECT_REPONAME}*-policy.json
|
|
373
431
|
- store_artifacts:
|
|
374
432
|
path: anchore-reports
|
|
433
|
+
- slack/notify:
|
|
434
|
+
event: fail
|
|
435
|
+
template: SLACK_TEMP_RELEASE_FAILURE
|
|
375
436
|
|
|
376
|
-
|
|
437
|
+
release:
|
|
438
|
+
executor: default-docker
|
|
439
|
+
steps:
|
|
440
|
+
- run:
|
|
441
|
+
name: Install general dependencies
|
|
442
|
+
command: *defaults_Dependencies
|
|
443
|
+
- checkout
|
|
444
|
+
- run:
|
|
445
|
+
<<: *defaults_configure_nvm
|
|
446
|
+
- restore_cache:
|
|
447
|
+
keys:
|
|
448
|
+
- dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
449
|
+
- run:
|
|
450
|
+
<<: *defaults_configure_git
|
|
451
|
+
- run:
|
|
452
|
+
name: Setup Slack config
|
|
453
|
+
command: |
|
|
454
|
+
echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
|
|
455
|
+
echo "export SLACK_RELEASE_TYPE='GitHub Release'" >> $BASH_ENV
|
|
456
|
+
echo "export SLACK_RELEASE_TAG='${RELEASE_TAG} on ${CIRCLE_BRANCH} branch'" >> $BASH_ENV
|
|
457
|
+
echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
|
|
458
|
+
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
|
|
459
|
+
- run:
|
|
460
|
+
name: Generate changelog and bump package version
|
|
461
|
+
command: npm run release -- --no-verify
|
|
462
|
+
- run:
|
|
463
|
+
name: Push the release
|
|
464
|
+
command: git push --follow-tags origin ${CIRCLE_BRANCH}
|
|
465
|
+
- slack/notify:
|
|
466
|
+
event: fail
|
|
467
|
+
template: SLACK_TEMP_RELEASE_FAILURE
|
|
468
|
+
|
|
469
|
+
github-release:
|
|
470
|
+
executor: default-machine
|
|
471
|
+
steps:
|
|
472
|
+
- run:
|
|
473
|
+
name: Install git
|
|
474
|
+
command: |
|
|
475
|
+
sudo apt-get update && sudo apt-get install -y git
|
|
476
|
+
- gh/install
|
|
477
|
+
- checkout
|
|
478
|
+
- run:
|
|
479
|
+
<<: *defaults_configure_git
|
|
480
|
+
- run:
|
|
481
|
+
name: Fetch updated release branch
|
|
482
|
+
command: |
|
|
483
|
+
git fetch origin
|
|
484
|
+
git checkout origin/${CIRCLE_BRANCH}
|
|
485
|
+
- run:
|
|
486
|
+
<<: *defaults_export_version_from_package
|
|
487
|
+
- run:
|
|
488
|
+
name: Check the release changes
|
|
489
|
+
command: |
|
|
490
|
+
echo "Changes are: ${RELEASE_CHANGES}"
|
|
491
|
+
- run:
|
|
492
|
+
name: Setup Slack config
|
|
493
|
+
command: |
|
|
494
|
+
echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
|
|
495
|
+
echo "export SLACK_RELEASE_TYPE='Github Release'" >> $BASH_ENV
|
|
496
|
+
echo "export SLACK_RELEASE_TAG=v${RELEASE_TAG}" >> $BASH_ENV
|
|
497
|
+
echo "export SLACK_RELEASE_URL=https://github.com/mojaloop/${CIRCLE_PROJECT_REPONAME}/releases/tag/v${RELEASE_TAG}" >> $BASH_ENV
|
|
498
|
+
echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
|
|
499
|
+
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
|
|
500
|
+
- run:
|
|
501
|
+
name: Create Release
|
|
502
|
+
command: |
|
|
503
|
+
gh release create "v${RELEASE_TAG}" --title "v${RELEASE_TAG} Release" --draft=false --notes "${RELEASE_CHANGES}" ./CHANGELOG.md
|
|
504
|
+
- slack/notify:
|
|
505
|
+
event: pass
|
|
506
|
+
template: SLACK_TEMP_RELEASE_SUCCESS
|
|
507
|
+
- slack/notify:
|
|
508
|
+
event: fail
|
|
509
|
+
template: SLACK_TEMP_RELEASE_FAILURE
|
|
510
|
+
|
|
511
|
+
publish-docker:
|
|
377
512
|
executor: default-machine
|
|
378
513
|
steps:
|
|
379
514
|
- checkout
|
|
515
|
+
- run:
|
|
516
|
+
name: Setup for LATEST release
|
|
517
|
+
command: |
|
|
518
|
+
echo "export RELEASE_TAG=$RELEASE_TAG_PROD" >> $BASH_ENV
|
|
519
|
+
echo "RELEASE_TAG=$RELEASE_TAG_PROD"
|
|
520
|
+
|
|
521
|
+
PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
|
|
522
|
+
echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
|
|
523
|
+
echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
|
|
524
|
+
- run:
|
|
525
|
+
name: Setup Slack config
|
|
526
|
+
command: |
|
|
527
|
+
echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
|
|
528
|
+
echo "export SLACK_RELEASE_TYPE='Docker Release'" >> $BASH_ENV
|
|
529
|
+
echo "export SLACK_RELEASE_TAG=v${CIRCLE_TAG:1}" >> $BASH_ENV
|
|
530
|
+
echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
|
|
531
|
+
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
|
|
380
532
|
- attach_workspace:
|
|
381
533
|
at: /tmp
|
|
382
534
|
- run:
|
|
383
535
|
name: Load the pre-built docker image from workspace
|
|
384
|
-
command:
|
|
385
|
-
|
|
386
|
-
<<: *defaults_build_docker_login
|
|
536
|
+
command: |
|
|
537
|
+
docker load -i /tmp/docker-image.tar
|
|
387
538
|
- run:
|
|
388
|
-
name:
|
|
389
|
-
command:
|
|
539
|
+
name: Login to Docker Hub
|
|
540
|
+
command: docker login -u $DOCKER_USER -p $DOCKER_PASS
|
|
390
541
|
- run:
|
|
391
542
|
name: Re-tag pre built image
|
|
392
543
|
command: |
|
|
393
544
|
docker tag $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
|
|
394
545
|
- run:
|
|
395
|
-
|
|
546
|
+
name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
|
|
547
|
+
command: |
|
|
548
|
+
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
|
|
549
|
+
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
|
|
550
|
+
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
|
|
551
|
+
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
|
|
396
552
|
- run:
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
|
|
400
|
-
|
|
553
|
+
name: Set Image Digest
|
|
554
|
+
command: |
|
|
555
|
+
IMAGE_DIGEST=$(docker inspect $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:v${CIRCLE_TAG:1} | jq '.[0].RepoDigests | .[]')
|
|
556
|
+
echo "IMAGE_DIGEST=${IMAGE_DIGEST}"
|
|
557
|
+
echo "export IMAGE_DIGEST=${IMAGE_DIGEST}" >> $BASH_ENV
|
|
558
|
+
- run:
|
|
559
|
+
name: Update Slack config
|
|
560
|
+
command: |
|
|
561
|
+
echo "export SLACK_RELEASE_URL='https://hub.docker.com/layers/${CIRCLE_PROJECT_REPONAME}/${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}/v${CIRCLE_TAG:1}/images/${IMAGE_DIGEST}?context=explore'" | sed -r "s/${DOCKER_ORG}\/${CIRCLE_PROJECT_REPONAME}@sha256:/sha256-/g" >> $BASH_ENV
|
|
562
|
+
- slack/notify:
|
|
563
|
+
event: pass
|
|
564
|
+
template: SLACK_TEMP_RELEASE_SUCCESS
|
|
565
|
+
- slack/notify:
|
|
566
|
+
event: fail
|
|
567
|
+
template: SLACK_TEMP_RELEASE_FAILURE
|
|
568
|
+
|
|
569
|
+
publish-docker-snapshot:
|
|
570
|
+
executor: default-machine
|
|
401
571
|
steps:
|
|
402
572
|
- checkout
|
|
403
573
|
- run:
|
|
404
|
-
name:
|
|
405
|
-
command:
|
|
574
|
+
name: Setup for SNAPSHOT release
|
|
575
|
+
command: |
|
|
576
|
+
echo "export RELEASE_TAG=$RELEASE_TAG_SNAPSHOT" >> $BASH_ENV
|
|
577
|
+
echo "RELEASE_TAG=$RELEASE_TAG_SNAPSHOT"
|
|
578
|
+
|
|
579
|
+
PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
|
|
580
|
+
echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
|
|
581
|
+
echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
|
|
406
582
|
- run:
|
|
407
|
-
name:
|
|
408
|
-
command:
|
|
583
|
+
name: Setup Slack config
|
|
584
|
+
command: |
|
|
585
|
+
echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
|
|
586
|
+
echo "export SLACK_RELEASE_TYPE='Docker Release'" >> $BASH_ENV
|
|
587
|
+
echo "export SLACK_RELEASE_TAG=v${CIRCLE_TAG:1}" >> $BASH_ENV
|
|
588
|
+
echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
|
|
589
|
+
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
|
|
590
|
+
- attach_workspace:
|
|
591
|
+
at: /tmp
|
|
409
592
|
- run:
|
|
410
|
-
|
|
593
|
+
name: Load the pre-built docker image from workspace
|
|
594
|
+
command: |
|
|
595
|
+
docker load -i /tmp/docker-image.tar
|
|
411
596
|
- run:
|
|
412
|
-
|
|
597
|
+
name: Login to Docker Hub
|
|
598
|
+
command: docker login -u $DOCKER_USER -p $DOCKER_PASS
|
|
413
599
|
- run:
|
|
414
|
-
|
|
600
|
+
name: Re-tag pre built image
|
|
601
|
+
command: |
|
|
602
|
+
docker tag $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
|
|
603
|
+
- run:
|
|
604
|
+
name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
|
|
605
|
+
command: |
|
|
606
|
+
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
|
|
607
|
+
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
|
|
608
|
+
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
|
|
609
|
+
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
|
|
610
|
+
- run:
|
|
611
|
+
name: Set Image Digest
|
|
612
|
+
command: |
|
|
613
|
+
IMAGE_DIGEST=$(docker inspect $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:v${CIRCLE_TAG:1} | jq '.[0].RepoDigests | .[]')
|
|
614
|
+
echo "IMAGE_DIGEST=${IMAGE_DIGEST}"
|
|
615
|
+
echo "export IMAGE_DIGEST=${IMAGE_DIGEST}" >> $BASH_ENV
|
|
616
|
+
- run:
|
|
617
|
+
name: Update Slack config
|
|
618
|
+
command: |
|
|
619
|
+
echo "export SLACK_RELEASE_URL='https://hub.docker.com/layers/${CIRCLE_PROJECT_REPONAME}/${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}/v${CIRCLE_TAG:1}/images/${IMAGE_DIGEST}?context=explore'" | sed -r "s/${DOCKER_ORG}\/${CIRCLE_PROJECT_REPONAME}@sha256:/sha256-/g" >> $BASH_ENV
|
|
620
|
+
- slack/notify:
|
|
621
|
+
event: pass
|
|
622
|
+
template: SLACK_TEMP_RELEASE_SUCCESS
|
|
623
|
+
- slack/notify:
|
|
624
|
+
event: fail
|
|
625
|
+
template: SLACK_TEMP_RELEASE_FAILURE
|
|
626
|
+
|
|
627
|
+
publish-npm:
|
|
628
|
+
executor: default-docker
|
|
629
|
+
steps:
|
|
415
630
|
- run:
|
|
416
|
-
|
|
631
|
+
name: Install general dependencies
|
|
632
|
+
command: *defaults_Dependencies
|
|
633
|
+
- checkout
|
|
634
|
+
- restore_cache:
|
|
635
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
417
636
|
- run:
|
|
418
|
-
|
|
637
|
+
name: Setup for LATEST release
|
|
638
|
+
command: |
|
|
639
|
+
echo "export RELEASE_TAG=$RELEASE_TAG_PROD" >> $BASH_ENV
|
|
640
|
+
echo "RELEASE_TAG=$RELEASE_TAG_PROD"
|
|
641
|
+
PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
|
|
642
|
+
echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
|
|
643
|
+
echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
|
|
419
644
|
- run:
|
|
420
|
-
|
|
645
|
+
name: Setup Slack config
|
|
646
|
+
command: |
|
|
647
|
+
echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
|
|
648
|
+
echo "export SLACK_RELEASE_TYPE='NPM Release'" >> $BASH_ENV
|
|
649
|
+
echo "export SLACK_RELEASE_TAG=v${CIRCLE_TAG:1}" >> $BASH_ENV
|
|
650
|
+
echo "export SLACK_RELEASE_URL=https://www.npmjs.com/package/@mojaloop/${CIRCLE_PROJECT_REPONAME}/v/${CIRCLE_TAG:1}" >> $BASH_ENV
|
|
651
|
+
echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
|
|
652
|
+
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
|
|
653
|
+
- run:
|
|
654
|
+
<<: *defaults_npm_auth
|
|
655
|
+
- run:
|
|
656
|
+
<<: *defaults_npm_publish_release
|
|
657
|
+
- slack/notify:
|
|
658
|
+
event: pass
|
|
659
|
+
template: SLACK_TEMP_RELEASE_SUCCESS
|
|
660
|
+
- slack/notify:
|
|
661
|
+
event: fail
|
|
662
|
+
template: SLACK_TEMP_RELEASE_FAILURE
|
|
663
|
+
|
|
664
|
+
publish-npm-snapshot:
|
|
665
|
+
executor: default-docker
|
|
666
|
+
steps:
|
|
421
667
|
- run:
|
|
422
|
-
|
|
668
|
+
name: Install general dependencies
|
|
669
|
+
command: *defaults_Dependencies
|
|
670
|
+
- checkout
|
|
671
|
+
- restore_cache:
|
|
672
|
+
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
|
|
673
|
+
- run:
|
|
674
|
+
name: Setup for SNAPSHOT release
|
|
675
|
+
command: |
|
|
676
|
+
echo "export RELEASE_TAG=${RELEASE_TAG_SNAPSHOT}" >> $BASH_ENV
|
|
677
|
+
echo "RELEASE_TAG=${RELEASE_TAG_SNAPSHOT}"
|
|
678
|
+
echo "Override package version: ${CIRCLE_TAG:1}"
|
|
679
|
+
npx standard-version --skip.tag --skip.commit --skip.changelog --release-as ${CIRCLE_TAG:1}
|
|
680
|
+
PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
|
|
681
|
+
echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
|
|
682
|
+
echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
|
|
683
|
+
- run:
|
|
684
|
+
name: Setup Slack config
|
|
685
|
+
command: |
|
|
686
|
+
echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
|
|
687
|
+
echo "export SLACK_RELEASE_TYPE='NPM Snapshot'" >> $BASH_ENV
|
|
688
|
+
echo "export SLACK_RELEASE_TAG=v${CIRCLE_TAG:1}" >> $BASH_ENV
|
|
689
|
+
echo "export SLACK_RELEASE_URL=https://www.npmjs.com/package/@mojaloop/${CIRCLE_PROJECT_REPONAME}/v/${CIRCLE_TAG:1}" >> $BASH_ENV
|
|
690
|
+
echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
|
|
691
|
+
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
|
|
692
|
+
- run:
|
|
693
|
+
<<: *defaults_npm_auth
|
|
694
|
+
- run:
|
|
695
|
+
<<: *defaults_npm_publish_release
|
|
696
|
+
- slack/notify:
|
|
697
|
+
event: pass
|
|
698
|
+
template: SLACK_TEMP_RELEASE_SUCCESS
|
|
699
|
+
- slack/notify:
|
|
700
|
+
event: fail
|
|
701
|
+
template: SLACK_TEMP_RELEASE_FAILURE
|
|
423
702
|
|
|
424
703
|
##
|
|
425
704
|
# Workflows
|
|
@@ -430,6 +709,8 @@ workflows:
|
|
|
430
709
|
version: 2
|
|
431
710
|
build_and_test:
|
|
432
711
|
jobs:
|
|
712
|
+
- pr-tools/pr-title-check:
|
|
713
|
+
context: org-global
|
|
433
714
|
- setup:
|
|
434
715
|
context: org-global
|
|
435
716
|
filters:
|
|
@@ -439,6 +720,28 @@ workflows:
|
|
|
439
720
|
ignore:
|
|
440
721
|
- /feature*/
|
|
441
722
|
- /bugfix*/
|
|
723
|
+
- test-dependencies:
|
|
724
|
+
context: org-global
|
|
725
|
+
requires:
|
|
726
|
+
- setup
|
|
727
|
+
filters:
|
|
728
|
+
tags:
|
|
729
|
+
only: /.*/
|
|
730
|
+
branches:
|
|
731
|
+
ignore:
|
|
732
|
+
- /feature*/
|
|
733
|
+
- /bugfix*/
|
|
734
|
+
- test-lint:
|
|
735
|
+
context: org-global
|
|
736
|
+
requires:
|
|
737
|
+
- setup
|
|
738
|
+
filters:
|
|
739
|
+
tags:
|
|
740
|
+
only: /.*/
|
|
741
|
+
branches:
|
|
742
|
+
ignore:
|
|
743
|
+
- /feature*/
|
|
744
|
+
- /bugfix*/
|
|
442
745
|
- test-unit:
|
|
443
746
|
context: org-global
|
|
444
747
|
requires:
|
|
@@ -461,6 +764,29 @@ workflows:
|
|
|
461
764
|
ignore:
|
|
462
765
|
- /feature*/
|
|
463
766
|
- /bugfix*/
|
|
767
|
+
- test-integration:
|
|
768
|
+
context: org-global
|
|
769
|
+
requires:
|
|
770
|
+
- setup
|
|
771
|
+
filters:
|
|
772
|
+
tags:
|
|
773
|
+
only: /.*/
|
|
774
|
+
branches:
|
|
775
|
+
ignore:
|
|
776
|
+
- /feature*/
|
|
777
|
+
- /bugfix*/
|
|
778
|
+
- test-functional:
|
|
779
|
+
context: org-global
|
|
780
|
+
requires:
|
|
781
|
+
- setup
|
|
782
|
+
- build-local
|
|
783
|
+
filters:
|
|
784
|
+
tags:
|
|
785
|
+
only: /.*/
|
|
786
|
+
branches:
|
|
787
|
+
ignore:
|
|
788
|
+
- /feature*/
|
|
789
|
+
- /bugfix*/
|
|
464
790
|
- vulnerability-check:
|
|
465
791
|
context: org-global
|
|
466
792
|
requires:
|
|
@@ -483,7 +809,7 @@ workflows:
|
|
|
483
809
|
ignore:
|
|
484
810
|
- /feature*/
|
|
485
811
|
- /bugfix*/
|
|
486
|
-
-
|
|
812
|
+
- build-local:
|
|
487
813
|
context: org-global
|
|
488
814
|
requires:
|
|
489
815
|
- setup
|
|
@@ -498,14 +824,18 @@ workflows:
|
|
|
498
824
|
context: org-global
|
|
499
825
|
requires:
|
|
500
826
|
- setup
|
|
827
|
+
- test-dependencies
|
|
828
|
+
- test-lint
|
|
501
829
|
- test-unit
|
|
502
830
|
- test-coverage
|
|
503
831
|
- test-integration
|
|
832
|
+
- test-functional
|
|
504
833
|
- vulnerability-check
|
|
505
834
|
- audit-licenses
|
|
835
|
+
- build-local
|
|
506
836
|
filters:
|
|
507
837
|
tags:
|
|
508
|
-
only: /v[0-9]+(\.[0-9]+)*(\-snapshot)?(\-hotfix(\.[0-9]+))?/
|
|
838
|
+
only: /v[0-9]+(\.[0-9]+)*(\-snapshot(\.[0-9]+)?)?(\-hotfix(\.[0-9]+)?)?(\-perf(\.[0-9]+)?)?/
|
|
509
839
|
branches:
|
|
510
840
|
ignore:
|
|
511
841
|
- /.*/
|
|
@@ -515,7 +845,7 @@ workflows:
|
|
|
515
845
|
- build
|
|
516
846
|
filters:
|
|
517
847
|
tags:
|
|
518
|
-
only: /v[0-9]+(\.[0-9]+)*(\-snapshot)?(\-hotfix(\.[0-9]+))?/
|
|
848
|
+
only: /v[0-9]+(\.[0-9]+)*(\-snapshot(\.[0-9]+)?)?(\-hotfix(\.[0-9]+)?)?(\-perf(\.[0-9]+)?)?/
|
|
519
849
|
branches:
|
|
520
850
|
ignore:
|
|
521
851
|
- /.*/
|
|
@@ -525,28 +855,119 @@ workflows:
|
|
|
525
855
|
- build
|
|
526
856
|
filters:
|
|
527
857
|
tags:
|
|
528
|
-
only: /v[0-9]+(\.[0-9]+)*(\-snapshot)?(\-hotfix(\.[0-9]+))?/
|
|
858
|
+
only: /v[0-9]+(\.[0-9]+)*(\-snapshot(\.[0-9]+)?)?(\-hotfix(\.[0-9]+)?)?(\-perf(\.[0-9]+)?)?/
|
|
859
|
+
branches:
|
|
860
|
+
ignore:
|
|
861
|
+
- /.*/
|
|
862
|
+
# New commits to master release automatically
|
|
863
|
+
- release:
|
|
864
|
+
context: org-global
|
|
865
|
+
requires:
|
|
866
|
+
- pr-tools/pr-title-check
|
|
867
|
+
- test-dependencies
|
|
868
|
+
- test-lint
|
|
869
|
+
- test-unit
|
|
870
|
+
- test-coverage
|
|
871
|
+
- test-integration
|
|
872
|
+
- test-functional
|
|
873
|
+
- vulnerability-check
|
|
874
|
+
- audit-licenses
|
|
875
|
+
- license-scan
|
|
876
|
+
- image-scan
|
|
877
|
+
filters:
|
|
878
|
+
branches:
|
|
879
|
+
only:
|
|
880
|
+
- master
|
|
881
|
+
- /release\/v.*/
|
|
882
|
+
- github-release:
|
|
883
|
+
context: org-global
|
|
884
|
+
requires:
|
|
885
|
+
- release
|
|
886
|
+
filters:
|
|
887
|
+
branches:
|
|
888
|
+
only:
|
|
889
|
+
- master
|
|
890
|
+
- /release\/v.*/
|
|
891
|
+
- publish-docker:
|
|
892
|
+
context: org-global
|
|
893
|
+
requires:
|
|
894
|
+
- pr-tools/pr-title-check
|
|
895
|
+
- test-dependencies
|
|
896
|
+
- test-lint
|
|
897
|
+
- test-unit
|
|
898
|
+
- build
|
|
899
|
+
- test-coverage
|
|
900
|
+
- test-integration
|
|
901
|
+
- test-functional
|
|
902
|
+
- vulnerability-check
|
|
903
|
+
- audit-licenses
|
|
904
|
+
- license-scan
|
|
905
|
+
- image-scan
|
|
906
|
+
filters:
|
|
907
|
+
tags:
|
|
908
|
+
only: /v[0-9]+(\.[0-9]+)*/
|
|
909
|
+
branches:
|
|
910
|
+
ignore:
|
|
911
|
+
- /.*/
|
|
912
|
+
- publish-docker-snapshot:
|
|
913
|
+
context: org-global
|
|
914
|
+
requires:
|
|
915
|
+
- pr-tools/pr-title-check
|
|
916
|
+
- test-dependencies
|
|
917
|
+
- test-lint
|
|
918
|
+
- test-unit
|
|
919
|
+
- build
|
|
920
|
+
- test-coverage
|
|
921
|
+
- test-integration
|
|
922
|
+
- test-functional
|
|
923
|
+
- vulnerability-check
|
|
924
|
+
- audit-licenses
|
|
925
|
+
- license-scan
|
|
926
|
+
- image-scan
|
|
927
|
+
filters:
|
|
928
|
+
tags:
|
|
929
|
+
only: /v[0-9]+(\.[0-9]+)*\-snapshot+((\.[0-9]+)?)/
|
|
529
930
|
branches:
|
|
530
931
|
ignore:
|
|
531
932
|
- /.*/
|
|
532
|
-
|
|
933
|
+
|
|
934
|
+
- publish-npm:
|
|
533
935
|
context: org-global
|
|
534
936
|
requires:
|
|
937
|
+
- pr-tools/pr-title-check
|
|
938
|
+
- test-dependencies
|
|
939
|
+
- test-lint
|
|
940
|
+
- test-unit
|
|
941
|
+
- test-coverage
|
|
942
|
+
- test-integration
|
|
943
|
+
- test-functional
|
|
944
|
+
- vulnerability-check
|
|
945
|
+
- audit-licenses
|
|
535
946
|
- license-scan
|
|
536
947
|
- image-scan
|
|
537
948
|
filters:
|
|
538
949
|
tags:
|
|
539
|
-
only: /v[0-9]+(\.[0-9]+)
|
|
950
|
+
only: /v[0-9]+(\.[0-9]+)*/
|
|
540
951
|
branches:
|
|
541
952
|
ignore:
|
|
542
953
|
- /.*/
|
|
543
|
-
-
|
|
954
|
+
- publish-npm-snapshot:
|
|
544
955
|
context: org-global
|
|
545
956
|
requires:
|
|
546
|
-
-
|
|
957
|
+
- pr-tools/pr-title-check
|
|
958
|
+
- test-dependencies
|
|
959
|
+
- test-lint
|
|
960
|
+
- test-unit
|
|
961
|
+
- test-coverage
|
|
962
|
+
- test-integration
|
|
963
|
+
- test-functional
|
|
964
|
+
- vulnerability-check
|
|
965
|
+
- audit-licenses
|
|
966
|
+
- license-scan
|
|
967
|
+
- image-scan
|
|
547
968
|
filters:
|
|
548
969
|
tags:
|
|
549
|
-
only: /v[0-9]+(\.[0-9]+)
|
|
970
|
+
only: /v[0-9]+(\.[0-9]+)*\-snapshot+((\.[0-9]+)?)/
|
|
550
971
|
branches:
|
|
551
972
|
ignore:
|
|
552
973
|
- /.*/
|