legio-30/.gitlab/.gitlab-ci.yml

image: node:16

npm:
  stage: build
  artifacts:
    paths:
      - dist
    expire_in: 1 week
  cache:
    - key:
        files:
          - package.json
      paths:
        - node_modules
        - package-lock.json
      policy: pull-push
    - key: $CI_PIPELINE_ID
      paths:
        - dist
      policy: push
  script:
    - npm i
    - npm run build
  rules:
    - if: $CI_COMMIT_BRANCH

audit:
  stage: test
  cache:
    - key:
        files:
          - package.json
      paths:
        - node_modules
      policy: pull
  script:
    - AUDIT=$(npm audit)
    - echo "vulnerabilities_high $(echo $AUDIT | grep -oE '[0-9]+ high' | grep -oE '[0-9]+' || echo 0)" > metrics.txt
    - echo "vulnerabilities_medium $(echo $AUDIT | grep -oE '[0-9]+ moderate' | grep -oE '[0-9]+' || echo 0)" >> metrics.txt
    - echo "vulnerabilities_low $(echo $AUDIT | grep -oE '[0-9]+ low' | grep -oE '[0-9]+' || echo 0)" >> metrics.txt
    - echo "$AUDIT"
  artifacts:
    reports:
      metrics: metrics.txt
  rules:
    - if: $CI_COMMIT_BRANCH

registry:
  stage: deploy
  image: docker
  cache:
    - key: $CI_PIPELINE_ID
      paths:
        - dist
      policy: pull
  before_script:
    - docker login -u $CI_REGISTRY_USER -p $CI_JOB_TOKEN $CI_REGISTRY
  script:
    - TAG=$([ "$CI_COMMIT_BRANCH" = "$CI_DEFAULT_BRANCH" ] && echo "latest" || echo "$CI_COMMIT_BRANCH" | sed -E "s/[_/]/-/g")
    - docker build --no-cache -t "$CI_REGISTRY_IMAGE:$TAG" .
    - docker push "$CI_REGISTRY_IMAGE:$TAG"
  rules:
    - if: $CI_COMMIT_BRANCH

tag:
  stage: deploy
  image:
    name: alpine/git
    entrypoint: [ "" ]
  cache: [ ]
  before_script:
    - git remote set-url origin "https://Tagger:$DEPLOY_TOKEN@$CI_SERVER_HOST/$CI_PROJECT_PATH.git"
  script:
    - VERSION=$(cat package.json | grep version | grep -Eo ':.+' | grep -Eo '[[:alnum:]\.\/\-]+')
    - git tag -f $VERSION $CI_COMMIT_SHA
    - git push -f origin $VERSION
  rules:
    - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
  allow_failure: true
Updates 2022-09-14 22:07:17 -04:00			`image: node:16`

			`npm:`
			`stage: build`
			`artifacts:`
			`paths:`
			`- dist`
			`expire_in: 1 week`
			`cache:`
			`- key:`
			`files:`
			`- package.json`
			`paths:`
			`- node_modules`
			`- package-lock.json`
			`policy: pull-push`
			`- key: $CI_PIPELINE_ID`
			`paths:`
			`- dist`
			`policy: push`
			`script:`
			`- npm i`
			`- npm run build`
			`rules:`
			`- if: $CI_COMMIT_BRANCH`

			`audit:`
			`stage: test`
			`cache:`
			`- key:`
			`files:`
			`- package.json`
			`paths:`
			`- node_modules`
			`policy: pull`
			`script:`
			`- AUDIT=$(npm audit)`
			`- echo "vulnerabilities_high $(echo $AUDIT \| grep -oE '[0-9]+ high' \| grep -oE '[0-9]+' \|\| echo 0)" > metrics.txt`
			`- echo "vulnerabilities_medium $(echo $AUDIT \| grep -oE '[0-9]+ moderate' \| grep -oE '[0-9]+' \|\| echo 0)" >> metrics.txt`
			`- echo "vulnerabilities_low $(echo $AUDIT \| grep -oE '[0-9]+ low' \| grep -oE '[0-9]+' \|\| echo 0)" >> metrics.txt`
			`- echo "$AUDIT"`
			`artifacts:`
			`reports:`
			`metrics: metrics.txt`
			`rules:`
			`- if: $CI_COMMIT_BRANCH`

			`registry:`
Fixed build 2022-09-22 21:28:10 -04:00			`stage: deploy`
Updates 2022-09-14 22:07:17 -04:00			`image: docker`
			`cache:`
			`- key: $CI_PIPELINE_ID`
			`paths:`
			`- dist`
			`policy: pull`
			`before_script:`
			`- docker login -u $CI_REGISTRY_USER -p $CI_JOB_TOKEN $CI_REGISTRY`
			`script:`
			`- TAG=$([ "$CI_COMMIT_BRANCH" = "$CI_DEFAULT_BRANCH" ] && echo "latest" \|\| echo "$CI_COMMIT_BRANCH" \| sed -E "s/[_/]/-/g")`
			`- docker build --no-cache -t "$CI_REGISTRY_IMAGE:$TAG" .`
			`- docker push "$CI_REGISTRY_IMAGE:$TAG"`
			`rules:`
			`- if: $CI_COMMIT_BRANCH`

			`tag:`
Fixed build 2022-09-22 21:28:10 -04:00			`stage: deploy`
Updates 2022-09-14 22:07:17 -04:00			`image:`
			`name: alpine/git`
			`entrypoint: [ "" ]`
			`cache: [ ]`
			`before_script:`
Fixed build 2022-09-22 21:28:10 -04:00			`- git remote set-url origin "https://Tagger:$DEPLOY_TOKEN@$CI_SERVER_HOST/$CI_PROJECT_PATH.git"`
Updates 2022-09-14 22:07:17 -04:00			`script:`
			`- VERSION=$(cat package.json \| grep version \| grep -Eo ':.+' \| grep -Eo '[[:alnum:]\.\/\-]+')`
			`- git tag -f $VERSION $CI_COMMIT_SHA`
			`- git push -f origin $VERSION`
			`rules:`
			`- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'`
			`allow_failure: true`