-
Notifications
You must be signed in to change notification settings - Fork 1
/
.gitlab-ci.yml
95 lines (83 loc) · 2.38 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
image: docker:dind
variables:
PROJECT: "agents-kong"
# Fortify
FORTIFY_PROJECT: "10853"
FORTIFY_BUILD_ID: "agents-kong"
FORTIFY_INCLUDE: "**/*.go"
FORTIFY_EXCLUDE: "**/*_test.go"
# Blackduck
BLACKDUCK_PROJECT_NAME: "Amplify - APIC Kong Agents"
# SRM
SRM_PROJECT_NAME: "$BLACKDUCK_PROJECT_NAME"
SRM_PROJECT_ID: "256"
########################################
# set up custom names for the pipelines of releases and nightly schedules
########################################
PIPELINE_NAME: "$CI_COMMIT_MESSAGE"
workflow:
name: "$PIPELINE_NAME"
rules:
- if: $CI_PIPELINE_SOURCE == "schedule" && $COMPONENT_TESTS_ONLY == "y"
variables:
PIPELINE_NAME: "Scheduled nightly tests"
- if: $CI_PIPELINE_SOURCE == "schedule"
variables:
PIPELINE_NAME: "Scheduled nightly CSR"
- when: always
include:
- project: "apigov/gitlabci"
ref: master
file: "/.gitlab-ci-sonar.yml"
- project: "apigov/beano_cicd"
ref: $BEANO_CICD_LATEST
# the order of these include files is important
file:
- "/gitlabci/variables.yml"
- "/gitlabci/restrictions.yml"
- "/gitlabci/jobs.yml"
- project: "scurity/gitlabci"
ref: $SCURITY_LATEST
file:
- "/.gitlab-ci-fortify.yml"
- "/.gitlab-ci-twistlock.yml"
- "/.gitlab-ci-iriusrisk.yml"
- "/.gitlab-ci-blackduck.yml"
- "/.gitlab-ci-csr.yml"
- project: "apigov/beano_cicd"
ref: $BEANO_CICD_LATEST
# the order of these include files is important
file:
- "/gitlabci/csrjobs.yml"
- "/gitlabci/csrjobsformirror.yml"
stages:
- test
- qa-test
- sonar-preview
- sonar-publish
- security-scans
- security-review
twistlock-discovery:
extends: .twistlock
rules:
- !reference [.mirror-branch-csr-rules, rules]
before_script:
- apk --no-cache update && apk add make
- make docker-da
- export IMAGE_NAME=kong-discovery-agent:latest
- echo "TL_DA=true" >> build.env
twistlock-traceability:
extends: .twistlock
rules:
- !reference [.mirror-branch-csr-rules, rules]
before_script:
- apk --no-cache update && apk add make
- make docker-ta
- export IMAGE_NAME=kong-traceability-agent:latest
- echo "TL_TA=true" >> build.env
twistlock-discovery:on-schedule:
variables:
AGENT_NAME: "kong_discovery_agent"
twistlock-traceability:on-schedule:
variables:
AGENT_NAME: "kong_traceability_agent"