.gitlab-ci.yml 1.86 KB
Newer Older
Arthur Lutz's avatar
Arthur Lutz committed
1 2
default:
  image: python:3.7
3

4
include:
Arthur Lutz's avatar
Arthur Lutz committed
5
  - project: "open-source/gitlab-ci-templates"
6
    ref: "branch/default"
Arthur Lutz's avatar
Arthur Lutz committed
7
    file:                                           # the stages are:
Arthur Lutz's avatar
Arthur Lutz committed
8
      - "templates/no-duplicated-ci-pipelines.yml"  # no stage
Arthur Lutz's avatar
Arthur Lutz committed
9 10 11 12 13 14
      - "templates/lint/black.yml"
      - "templates/lint/flake8.yml"
      - "templates/lint/check-manifest.yml"
      - "templates/lint/yamllint.yml"
      - "templates/lint/mypy.yml"
      - "templates/tests/py3.yml"
Arthur Lutz's avatar
Arthur Lutz committed
15 16 17
      - "templates/build-docker-image.yml"          # test and publish
      - "templates/create-release-on-heptapod.yml"  # release
      - "templates/upload-to-pypi.yml"              # release
18

Nicolas Chauvat's avatar
Nicolas Chauvat committed
19
stages:
Arthur Lutz's avatar
Arthur Lutz committed
20 21
  - lint
  - tests
22 23 24
  - release
  - publish
  - deploy
Nicolas Chauvat's avatar
Nicolas Chauvat committed
25

26 27 28 29 30 31 32 33 34
deploy:
  image:
    name: registry.logilab.fr/logilab/infra/dockerfiles/kubectl
  stage: deploy
  rules:
    - if: '$CI_COMMIT_REF_NAME == "branch/default"'
  script:
    - kubectl version
    - sed "s@r.intra.logilab.fr/intranet/intranet@$CI_REGISTRY_IMAGE:latest@" deploy/deployment.yaml | kubectl -n intranet apply -f -
Arthur Lutz's avatar
Arthur Lutz committed
35
    - kubectl -n intranet rollout restart deployment/intranet deployment/intranet-scheduler
36
    - kubectl -n intranet rollout status --timeout=180s deployment/intranet
Arthur Lutz's avatar
Arthur Lutz committed
37
    - kubectl -n intranet rollout status --timeout=180s deployment/intranet-scheduler
Arthur Lutz's avatar
Arthur Lutz committed
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62

checkov:
  stage: tests
  allow_failure: true  # True for AutoDevOps compatibility
  image:
    name: bridgecrew/checkov:latest
    entrypoint:
      - '/usr/bin/env'
      - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
  rules:
    - changes:
        - '**/*.yml'
        - '**/*.yaml'
        - '**/*.json'
        - '**/*.template'
        - '**/*.tf'
        - '**/serverless.yml'
        - '**/serverless.yaml'
  script:
    - checkov -d . -o junitxml | tee checkov.test.xml
  artifacts:
    reports:
      junit: "checkov.test.xml"
    paths:
      - "checkov.test.xml"