Commit 8206eec6 authored by Malin, James (Contractor) Christopher's avatar Malin, James (Contractor) Christopher
Browse files

test create metadata.json, build, unit tests, pen tests, publish image, trigger deploy

parent e7847310
Pipeline #880 failed
...@@ -66,7 +66,13 @@ initialize: ...@@ -66,7 +66,13 @@ initialize:
# - for env in "${!APP_@}"; do printf '%s=%s\n' "$env" "${!env}"; done; # - for env in "${!APP_@}"; do printf '%s=%s\n' "$env" "${!env}"; done;
# - for i in "${MY_ARRAY_#[@]}"; do echo "$i"; done # - for i in "${MY_ARRAY_#[@]}"; do echo "$i"; done
# - for env in "${!APP_@}"; do echo "$env"="${!env}" >> test.txt; done; # - PREFIXED VARIABLES NEEDED FOR DEPLOY
# - for env in "${!APP_@}"; do echo export "$env"="${!env}" >> test.txt; done;
- echo "export THISISENV=testit" >> test.sh
- cat test.sh
- source test.sh | while read line; do export "$line"; done
- echo $THISISENV
- node metadata.js ${branch} ${CI_COMMIT_SHA} ${IMAGE_VERSION} - node metadata.js ${branch} ${CI_COMMIT_SHA} ${IMAGE_VERSION}
- cat temp-metadata.json - cat temp-metadata.json
...@@ -85,13 +91,12 @@ build: ...@@ -85,13 +91,12 @@ build:
script: script:
- echo "Building..." - echo "Building..."
- mv temp-metadata.json metadata.json - mv temp-metadata.json metadata.json
- cat metadata.json # build a local directory to be used later for testing or deploying
# # build a local directory to be used later for testing or deploying - mkdir docker-images
# - mkdir docker-images # build image and save
# # build image and save - "docker build --build-arg FROM_IMAGE=$BASE_IMAGE
# - "docker build --build-arg FROM_IMAGE=$BASE_IMAGE --build-arg BUILD_IMAGE=$BUILDER_IMAGE -t $LOCAL_IMAGE ."
# --build-arg BUILD_IMAGE=$BUILDER_IMAGE -t $LOCAL_IMAGE ." - docker save $LOCAL_IMAGE > docker-images/app.tar
# - docker save $LOCAL_IMAGE > docker-images/app.tar
# Needed later when loading docker images # Needed later when loading docker images
# Could test without the docker images saved and try to pull local image # Could test without the docker images saved and try to pull local image
...@@ -105,97 +110,97 @@ build: ...@@ -105,97 +110,97 @@ build:
# paths: # paths:
# - docker-images # - docker-images
# run unit tests: run unit tests:
# stage: unit-tests stage: unit-tests
# image: trion/ng-cli-e2e image: trion/ng-cli-e2e
# cache: cache:
# # untracked: true # cache all files that are untracked in your Git repository # untracked: true # cache all files that are untracked in your Git repository
# # job doesn’t alter cached files, skip the upload step by setting policy: pull # job doesn’t alter cached files, skip the upload step by setting policy: pull
# policy: pull policy: pull
# # only: # only:
# # - master # - master
# script: script:
# - npm install --no-audit --no-save - npm install --no-audit --no-save
# - ng lint - ng lint
# - ng test hazdev-ng-geoserve-output --watch=false --code-coverage --progress false --browsers ChromeHeadless - ng test hazdev-ng-geoserve-output --watch=false --code-coverage --progress false --browsers ChromeHeadless
# - npm run build - npm run build
# - ng test earthquake-geoserve-ui --watch=false --code-coverage --progress false --browsers ChromeHeadless - ng test earthquake-geoserve-ui --watch=false --code-coverage --progress false --browsers ChromeHeadless
# - ng e2e - ng e2e
# run penetration tests: run penetration tests:
# stage: pen-tests stage: pen-tests
# image: docker:stable image: docker:stable
# cache: cache:
# policy: pull policy: pull
# # before_script: # before_script:
# # - npm i # - npm i
# # - npm i highlightjs # - npm i highlightjs
# # only: # only:
# # - master # - master
# script: script:
# - mkdir -p $OWASP_REPORT_DIR - mkdir -p $OWASP_REPORT_DIR
# - chmod 777 $OWASP_REPORT_DIR - chmod 777 $OWASP_REPORT_DIR
# - docker load -i docker-images/app.tar - docker load -i docker-images/app.tar
# - docker run --rm --name $LOCAL_CONTAINER -d $LOCAL_IMAGE - docker run --rm --name $LOCAL_CONTAINER -d $LOCAL_IMAGE
# - docker run --rm -d -u zap --name=$OWASP_CONTAINER --link=$LOCAL_CONTAINER:application -v $OWASP_REPORT_DIR:/zap/reports:rw -i $OWASP_IMAGE zap.sh -daemon -port $ZAP_API_PORT -config api.disablekey=true - docker run --rm -d -u zap --name=$OWASP_CONTAINER --link=$LOCAL_CONTAINER:application -v $OWASP_REPORT_DIR:/zap/reports:rw -i $OWASP_IMAGE zap.sh -daemon -port $ZAP_API_PORT -config api.disablekey=true
# - sleep 20 - sleep 20
# # docker run --rm -d -u zap --name=earthquake-geoserve-ui-3-OWASP --link=earthquake-geoserve-ui-3-PENTEST:application -v /var/lib/jenkins/workspace/HazDev/earthquake-geoserve/build-ui/owasp-data:/zap/reports:rw -i code.chs.usgs.gov:5001/devops/images/owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true # docker run --rm -d -u zap --name=earthquake-geoserve-ui-3-OWASP --link=earthquake-geoserve-ui-3-PENTEST:application -v /var/lib/jenkins/workspace/HazDev/earthquake-geoserve/build-ui/owasp-data:/zap/reports:rw -i code.chs.usgs.gov:5001/devops/images/owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true
# # docker run --rm --name earthquake-geoserve-ui-1.0.4-PENTEST -d jamesmalin/usgs-geoserve-ui:1.0.4 # docker run --rm --name earthquake-geoserve-ui-1.0.4-PENTEST -d jamesmalin/usgs-geoserve-ui:1.0.4
# # docker run --rm -d -u zap --name=earthquake-geoserve-ui-1.0.4-OWASP --link=earthquake-geoserve-ui-1.0.4-PENTEST:application -v /owasp-data:/zap/reports:rw -i owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true # docker run --rm -d -u zap --name=earthquake-geoserve-ui-1.0.4-OWASP --link=earthquake-geoserve-ui-1.0.4-PENTEST:application -v /owasp-data:/zap/reports:rw -i owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true
# - "docker exec -i ${OWASP_CONTAINER} - "docker exec -i ${OWASP_CONTAINER}
# curl -I localhost:${ZAP_API_PORT} curl -I localhost:${ZAP_API_PORT}
# > /dev/null 2>&1 && echo 'SUCCESS'" > /dev/null 2>&1 && echo 'SUCCESS'"
# - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT spider http://$PENTEST_IP/ - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT spider http://$PENTEST_IP/
# - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT active-scan http://$PENTEST_IP/ - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT active-scan http://$PENTEST_IP/
# - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT report -o owasp-zap-report.html -f html - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT report -o owasp-zap-report.html -f html
# - docker stop $OWASP_CONTAINER ${LOCAL_CONTAINER} - docker stop $OWASP_CONTAINER ${LOCAL_CONTAINER}
# artifacts: # can you make this not available to the public artifacts: # can you make this not available to the public
# paths: paths:
# - owasp-zap-report.html - owasp-zap-report.html
# - docker-images - docker-images
# dependencies: dependencies:
# - build - build
# ###### Publish ###### ###### Publish ######
# publish image: publish image:
# stage: publish-image stage: publish-image
# image: docker:stable image: docker:stable
# only: only:
# - merge_requests - merge_requests
# before_script: before_script:
# # - curl -O https://bootstrap.pypa.io/get-pip.py # - curl -O https://bootstrap.pypa.io/get-pip.py
# # - python3 get-pip.py --user # - python3 get-pip.py --user
# # - /root/.local/bin/pip3 install awscli --upgrade --user # - /root/.local/bin/pip3 install awscli --upgrade --user
# # - npm install -g docker # - npm install -g docker
# # - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY # - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
# script: script:
# # - aws cloudformation package --template-file ./deployment/aws-create-user.json --s3-bucket $S3_BUCKET --output-template usgs-user-template-export.yml # - aws cloudformation package --template-file ./deployment/aws-create-user.json --s3-bucket $S3_BUCKET --output-template usgs-user-template-export.yml
# # - aws cloudformation deploy --template-file /builds/jmalin/earthquake-geoserve-ui/usgs-user-template-export.yml --stack-name usgs-user-deploy-stack # - aws cloudformation deploy --template-file /builds/jmalin/earthquake-geoserve-ui/usgs-user-template-export.yml --stack-name usgs-user-deploy-stack
# # Re-tag candidate image as actual image name and push actual image to repository # Re-tag candidate image as actual image name and push actual image to repository
# # TODO - Deploy to USGS Hazdev Registry # TODO - Deploy to USGS Hazdev Registry
# # - docker build --build-arg FROM_IMAGE=$BASE_IMAGE --build-arg BUILD_IMAGE=$BUILDER_IMAGE -t $LOCAL_IMAGE . # - docker build --build-arg FROM_IMAGE=$BASE_IMAGE --build-arg BUILD_IMAGE=$BUILDER_IMAGE -t $LOCAL_IMAGE .
# - docker load -i docker-images/app.tar - docker load -i docker-images/app.tar
# - docker tag ${LOCAL_IMAGE} ${DEPLOY_IMAGE}:${IMAGE_VERSION} - docker tag ${LOCAL_IMAGE} ${DEPLOY_IMAGE}:${IMAGE_VERSION}
# - echo "$CHS_PASSWORD" | docker login --username $CHS_USERNAME --password-stdin $GITLAB_INNERSOURCE_REGISTRY - echo "$CHS_PASSWORD" | docker login --username $CHS_USERNAME --password-stdin $GITLAB_INNERSOURCE_REGISTRY
# - docker push ${DEPLOY_IMAGE}:${IMAGE_VERSION} - docker push ${DEPLOY_IMAGE}:${IMAGE_VERSION}
# # Re-tag candidate image as public image name and push to docker hub # Re-tag candidate image as public image name and push to docker hub
# # For a private registry include registry URL # For a private registry include registry URL
# - docker tag ${LOCAL_IMAGE} ${DOCKER_HUB_IMAGE}:${IMAGE_VERSION} - docker tag ${LOCAL_IMAGE} ${DOCKER_HUB_IMAGE}:${IMAGE_VERSION}
# # login to dockerhub # login to dockerhub
# - echo "$DOCKER_PASSWORD" | docker login --username $DOCKER_USERNAME --password-stdin - echo "$DOCKER_PASSWORD" | docker login --username $DOCKER_USERNAME --password-stdin
# - docker push ${DOCKER_HUB_IMAGE}:${IMAGE_VERSION} - docker push ${DOCKER_HUB_IMAGE}:${IMAGE_VERSION}
# # Delete pass file # Delete pass file
# - rm -rf /root/.docker/config.json - rm -rf /root/.docker/config.json
# dependencies: dependencies:
# - build - build
# # - 'run unit tests' # - 'run unit tests'
# # - 'run penetration tests' # - 'run penetration tests'
# cache: cache:
# key: "$CI_BUILD_REF_NAME" key: "$CI_BUILD_REF_NAME"
# paths: paths:
# - docker-images - docker-images
# trigger container master job # trigger container master job
trigger deploy: trigger deploy:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment