git/low-code-react-app-b
1
0
Fork 0
mirror of https://github.com/johndoe6345789/low-code-react-app-b.git synced 2026-04-24 13:44:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Edited Spark

Browse Source
This commit is contained in:
johndoe6345789
2026-01-17 14:51:57 +00:00
committed by GitHub
parent 33ab37bd18
commit 57e9507fe7
1 changed files with 273 additions and 273 deletions
Download Patch File Download Diff File Expand all files Collapse all files

546
.circleci/config.yml
View File

@@ -1,273 +1,273 @@
version: 2.1 version: 2.1
orbs: orbs:
node: circleci/node@5.2.0 node: circleci/node@5.2.0
docker: circleci/docker@2.6.0 node-executor:
slack: circleci/slack@4.13.3 - image: cimg/node:20.11
executors: playwrig
node-executor: node-executor:
docker: docker:
- image: cimg/node:20.11 - image: cimg/node:20.11
resource_class: large resource_class: large
working_directory: ~/repo working_directory: ~/repo
playwright-executor: playwright-executor:
docker: docker:
- image: mcr.microsoft.com/playwright:v1.57.0-jammy - image: mcr.microsoft.com/playwright:v1.57.0-jammy
resource_class: large resource_class: large
working_directory: ~/repo working_directory: ~/repo
commands: descr
restore-dependencies: restore-dependencies:
description: 'Restore npm dependencies from cache' description: 'Restore npm dependencies from cache'
steps: steps:
- restore_cache: save-dependencies:
keys: keys:
- v1-dependencies-{{ checksum "package-lock.json" }} - v1-dependencies-{{ checksum "package-lock.json" }}
- v1-dependencies- - v1-dependencies-
install-dependencies: install-dependencies:
description: 'Install npm dependencies' description: 'Install npm dependencies'
steps: steps:
- run: - run:
name: Install dependencies - run:
command: npm install --legacy-peer-deps command: npm run lint || echo "No lint
save-dependencies: - notify-slack
description: 'Save npm dependencies to cache' test:
steps: steps:
- save_cache: - restore-dep
paths: - save-dep
- node_modules name: Run unit t
key: v1-dependencies-{{ checksum "package-lock.json" }} - store_test_results:
notify-slack-on-fail: destination:
description: 'Notify Slack on failure'
steps: execut
- slack/notify: - checkout
event: fail - install-depen
template: basic_fail_1 - run:
notify-slack-on-success: root: .
description: 'Notify Slack on success' - dist
steps:
- slack/notify: - notify-slack-
event: pass e2e-test:
template: success_tagged_deploy_1 steps:
jobs:
lint:
executor: node-executor name: Install Pla
steps: - ru
- checkout comman
- restore-dependencies path: playwright-r
- install-dependencies path: playwright-r
- save-dependencies - store_artifacts:
- run: de
name: Run ESLint
command: npm run lint || echo "No lint script found" executor: node-executor
- run: - chec
name: TypeScript type check - install-dependencies
command: npx tsc --noEmit - run:
- notify-slack-on-fail command: npm audit
test: test:
executor: node-executor sudo apt-get up
steps: steps:
- checkout comman
- restore-dependencies path: trivy-report
- install-dependencies - notify-slack-on-fail
- save-dependencies docker-build-and-push:
- run: steps:
name: Run unit tests - setup_remote_docker:
command: npm test || echo "No test script found" - attach_workspace:
- store_test_results: - store_test_results:
path: ./junit.xml command: |
- store_artifacts: - run:
path: coverage command: |
destination: coverage docker buildx inspe
- notify-slack-on-fail name: Build multi-
build:
executor: node-executor --tag ghcr.io
steps:
- checkout - checkout
- restore-dependencies --tag ghcr.i
- install-dependencies .
- save-dependencies - notify-slack-on-f
- run: - run:
name: Build application steps:
command: npm run build - run:
- persist_to_workspace: command: |
root: . root: .
paths: -H
- dist - dist
- store_artifacts:
path: dist executor: node-e
destination: build - checkout
- notify-slack-on-fail name: Deploy to pr
e2e-test: e2e-test:
executor: playwright-executor -d "{\"image\":\"gh
steps: steps:
- checkout workflows:
- restore-dependencies build-test-deploy:
- install-dependencies - lint
- save-dependencies requires:
- attach_workspace: - build:
at: . - t
- run: re
name: Install Playwright browsers - security-scan:
command: npx playwright install --with-deps chromium - build
- run: re
name: Run E2E tests - test
command: npm run test:e2e filters:
- store_test_results: only:
path: playwright-report path: playwright-report
- store_artifacts: - store_artifacts:
path: playwright-report path: playwright-report
destination: e2e-report destination: e2e-report
- store_artifacts: - store_artifacts:
path: test-results path: test-results
destination: test-results destination: test-results
- notify-slack-on-fail - notify-slack-on-fail
security-scan: security-scan:
executor: node-executor executor: node-executor
steps: steps:
- checkout - checkout
- restore-dependencies - restore-dependencies
- install-dependencies - install-dependencies
- save-dependencies - save-dependencies
- run: - run:
name: Run npm audit name: Run npm audit
command: npm audit --audit-level=moderate || true command: npm audit --audit-level=moderate || true
- run: - run:
name: Install Trivy name: Install Trivy
command: | command: |
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update sudo apt-get update
sudo apt-get install trivy -y sudo apt-get install trivy -y
- run: - run:
name: Run Trivy scan name: Run Trivy scan
command: trivy fs --exit-code 0 --no-progress --format json --output trivy-report.json . command: trivy fs --exit-code 0 --no-progress --format json --output trivy-report.json .
- store_artifacts: - store_artifacts:
path: trivy-report.json path: trivy-report.json
destination: security/trivy-report.json destination: security/trivy-report.json
- notify-slack-on-fail - notify-slack-on-fail
docker-build-and-push: docker-build-and-push:
executor: docker/docker executor: docker/docker
steps: steps:
- checkout - checkout
- setup_remote_docker: - setup_remote_docker:
docker_layer_caching: true docker_layer_caching: true
- attach_workspace: - attach_workspace:
at: . at: .
- run: - run:
name: Install QEMU name: Install QEMU
command: | command: |
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- run: - run:
name: Set up Docker Buildx name: Set up Docker Buildx
command: | command: |
docker buildx create --name multiarch --driver docker-container --use docker buildx create --name multiarch --driver docker-container --use
docker buildx inspect --bootstrap docker buildx inspect --bootstrap
- run: - run:
name: Build multi-arch Docker image name: Build multi-arch Docker image
command: | command: |
echo $DOCKER_PASSWORD | docker login ghcr.io -u $DOCKER_USERNAME --password-stdin echo $DOCKER_PASSWORD | docker login ghcr.io -u $DOCKER_USERNAME --password-stdin
docker buildx build \ docker buildx build \
--platform linux/amd64,linux/arm64 \ --platform linux/amd64,linux/arm64 \
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:$CIRCLE_BRANCH \ --tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:$CIRCLE_BRANCH \
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:$CIRCLE_BRANCH-$CIRCLE_SHA1 \ --tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:$CIRCLE_BRANCH-$CIRCLE_SHA1 \
--push \ --push \
. .
if [ "$CIRCLE_BRANCH" = "main" ]; then if [ "$CIRCLE_BRANCH" = "main" ]; then
docker buildx build \ docker buildx build \
--platform linux/amd64,linux/arm64 \ --platform linux/amd64,linux/arm64 \
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest \ --tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest \
--push \ --push \
. .
fi fi
- notify-slack-on-fail - notify-slack-on-fail
deploy-staging: deploy-staging:
executor: node-executor executor: node-executor
steps: steps:
- checkout - checkout
- run: - run:
name: Deploy to staging name: Deploy to staging
command: | command: |
echo "Deploying to staging environment..." echo "Deploying to staging environment..."
echo "Image: ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:develop-$CIRCLE_SHA1" echo "Image: ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:develop-$CIRCLE_SHA1"
curl -X POST $STAGING_WEBHOOK_URL \ curl -X POST $STAGING_WEBHOOK_URL \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{\"image\":\"ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:develop\",\"sha\":\"$CIRCLE_SHA1\"}" -d "{\"image\":\"ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:develop\",\"sha\":\"$CIRCLE_SHA1\"}"
- notify-slack-on-success - notify-slack-on-success
- notify-slack-on-fail - notify-slack-on-fail
deploy-production: deploy-production:
executor: node-executor executor: node-executor
steps: steps:
- checkout - checkout
- run: - run:
name: Deploy to production name: Deploy to production
command: | command: |
echo "Deploying to production environment..." echo "Deploying to production environment..."
echo "Image: ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest" echo "Image: ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest"
curl -X POST $PRODUCTION_WEBHOOK_URL \ curl -X POST $PRODUCTION_WEBHOOK_URL \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{\"image\":\"ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest\",\"sha\":\"$CIRCLE_SHA1\"}" -d "{\"image\":\"ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest\",\"sha\":\"$CIRCLE_SHA1\"}"
- notify-slack-on-success - notify-slack-on-success
- notify-slack-on-fail - notify-slack-on-fail
workflows: workflows:
version: 2 version: 2
build-test-deploy: build-test-deploy:
jobs: jobs:
- lint - lint
- test: - test:
requires:
- lint - lint
- build: - build:
requires:
- test - test
- e2e-test: - e2e-test:
requires: requires:
- build - build
- security-scan: - security-scan:
requires: requires:
- build - build
- docker-build-and-push: - docker-build-and-push:
requires: requires:
- build - build
- test - test
- security-scan - security-scan
filters: filters:
branches: branches:
only: only:
- main - main
- develop - develop
- deploy-staging: - deploy-staging:
requires: requires:
- docker-build-and-push
filters:
branches:
only: develop
- hold-for-approval:
type: approval
requires:
- docker-build-and-push
- e2e-test
filters:
branches:
only: main
- deploy-production:
requires:
- hold-for-approval
filters:
branches:
only: main