mirror of
https://github.com/johndoe6345789/low-code-react-app-b.git
synced 2026-04-24 13:44:54 +00:00
Edited Spark
This commit is contained in:
@@ -1,273 +1,273 @@
|
|||||||
version: 2.1
|
version: 2.1
|
||||||
|
|
||||||
orbs:
|
orbs:
|
||||||
node: circleci/node@5.2.0
|
node: circleci/node@5.2.0
|
||||||
docker: circleci/docker@2.6.0
|
node-executor:
|
||||||
slack: circleci/slack@4.13.3
|
- image: cimg/node:20.11
|
||||||
|
|
||||||
executors:
|
playwrig
|
||||||
node-executor:
|
node-executor:
|
||||||
docker:
|
docker:
|
||||||
- image: cimg/node:20.11
|
- image: cimg/node:20.11
|
||||||
resource_class: large
|
resource_class: large
|
||||||
working_directory: ~/repo
|
working_directory: ~/repo
|
||||||
|
|
||||||
playwright-executor:
|
playwright-executor:
|
||||||
docker:
|
docker:
|
||||||
- image: mcr.microsoft.com/playwright:v1.57.0-jammy
|
- image: mcr.microsoft.com/playwright:v1.57.0-jammy
|
||||||
resource_class: large
|
resource_class: large
|
||||||
working_directory: ~/repo
|
working_directory: ~/repo
|
||||||
|
|
||||||
commands:
|
descr
|
||||||
restore-dependencies:
|
restore-dependencies:
|
||||||
description: 'Restore npm dependencies from cache'
|
description: 'Restore npm dependencies from cache'
|
||||||
steps:
|
steps:
|
||||||
- restore_cache:
|
save-dependencies:
|
||||||
keys:
|
keys:
|
||||||
- v1-dependencies-{{ checksum "package-lock.json" }}
|
- v1-dependencies-{{ checksum "package-lock.json" }}
|
||||||
- v1-dependencies-
|
- v1-dependencies-
|
||||||
|
|
||||||
install-dependencies:
|
install-dependencies:
|
||||||
description: 'Install npm dependencies'
|
description: 'Install npm dependencies'
|
||||||
steps:
|
steps:
|
||||||
- run:
|
- run:
|
||||||
name: Install dependencies
|
- run:
|
||||||
command: npm install --legacy-peer-deps
|
command: npm run lint || echo "No lint
|
||||||
|
|
||||||
save-dependencies:
|
- notify-slack
|
||||||
description: 'Save npm dependencies to cache'
|
test:
|
||||||
steps:
|
steps:
|
||||||
- save_cache:
|
- restore-dep
|
||||||
paths:
|
- save-dep
|
||||||
- node_modules
|
name: Run unit t
|
||||||
key: v1-dependencies-{{ checksum "package-lock.json" }}
|
- store_test_results:
|
||||||
|
|
||||||
notify-slack-on-fail:
|
destination:
|
||||||
description: 'Notify Slack on failure'
|
|
||||||
steps:
|
execut
|
||||||
- slack/notify:
|
- checkout
|
||||||
event: fail
|
- install-depen
|
||||||
template: basic_fail_1
|
- run:
|
||||||
|
|
||||||
notify-slack-on-success:
|
root: .
|
||||||
description: 'Notify Slack on success'
|
- dist
|
||||||
steps:
|
|
||||||
- slack/notify:
|
- notify-slack-
|
||||||
event: pass
|
e2e-test:
|
||||||
template: success_tagged_deploy_1
|
steps:
|
||||||
|
|
||||||
jobs:
|
|
||||||
lint:
|
|
||||||
executor: node-executor
|
name: Install Pla
|
||||||
steps:
|
- ru
|
||||||
- checkout
|
comman
|
||||||
- restore-dependencies
|
path: playwright-r
|
||||||
- install-dependencies
|
path: playwright-r
|
||||||
- save-dependencies
|
- store_artifacts:
|
||||||
- run:
|
de
|
||||||
name: Run ESLint
|
|
||||||
command: npm run lint || echo "No lint script found"
|
executor: node-executor
|
||||||
- run:
|
- chec
|
||||||
name: TypeScript type check
|
- install-dependencies
|
||||||
command: npx tsc --noEmit
|
- run:
|
||||||
- notify-slack-on-fail
|
command: npm audit
|
||||||
|
|
||||||
test:
|
test:
|
||||||
executor: node-executor
|
sudo apt-get up
|
||||||
steps:
|
steps:
|
||||||
- checkout
|
comman
|
||||||
- restore-dependencies
|
path: trivy-report
|
||||||
- install-dependencies
|
- notify-slack-on-fail
|
||||||
- save-dependencies
|
docker-build-and-push:
|
||||||
- run:
|
steps:
|
||||||
name: Run unit tests
|
- setup_remote_docker:
|
||||||
command: npm test || echo "No test script found"
|
- attach_workspace:
|
||||||
- store_test_results:
|
- store_test_results:
|
||||||
path: ./junit.xml
|
command: |
|
||||||
- store_artifacts:
|
- run:
|
||||||
path: coverage
|
command: |
|
||||||
destination: coverage
|
docker buildx inspe
|
||||||
- notify-slack-on-fail
|
name: Build multi-
|
||||||
|
|
||||||
build:
|
|
||||||
executor: node-executor
|
--tag ghcr.io
|
||||||
steps:
|
|
||||||
- checkout
|
- checkout
|
||||||
- restore-dependencies
|
--tag ghcr.i
|
||||||
- install-dependencies
|
.
|
||||||
- save-dependencies
|
- notify-slack-on-f
|
||||||
- run:
|
- run:
|
||||||
name: Build application
|
steps:
|
||||||
command: npm run build
|
- run:
|
||||||
- persist_to_workspace:
|
command: |
|
||||||
root: .
|
root: .
|
||||||
paths:
|
-H
|
||||||
- dist
|
- dist
|
||||||
- store_artifacts:
|
|
||||||
path: dist
|
executor: node-e
|
||||||
destination: build
|
- checkout
|
||||||
- notify-slack-on-fail
|
name: Deploy to pr
|
||||||
|
|
||||||
e2e-test:
|
e2e-test:
|
||||||
executor: playwright-executor
|
-d "{\"image\":\"gh
|
||||||
steps:
|
steps:
|
||||||
- checkout
|
workflows:
|
||||||
- restore-dependencies
|
build-test-deploy:
|
||||||
- install-dependencies
|
- lint
|
||||||
- save-dependencies
|
requires:
|
||||||
- attach_workspace:
|
- build:
|
||||||
at: .
|
- t
|
||||||
- run:
|
re
|
||||||
name: Install Playwright browsers
|
- security-scan:
|
||||||
command: npx playwright install --with-deps chromium
|
- build
|
||||||
- run:
|
re
|
||||||
name: Run E2E tests
|
- test
|
||||||
command: npm run test:e2e
|
filters:
|
||||||
- store_test_results:
|
only:
|
||||||
path: playwright-report
|
path: playwright-report
|
||||||
- store_artifacts:
|
- store_artifacts:
|
||||||
path: playwright-report
|
path: playwright-report
|
||||||
destination: e2e-report
|
destination: e2e-report
|
||||||
- store_artifacts:
|
- store_artifacts:
|
||||||
path: test-results
|
path: test-results
|
||||||
destination: test-results
|
destination: test-results
|
||||||
- notify-slack-on-fail
|
- notify-slack-on-fail
|
||||||
|
|
||||||
security-scan:
|
security-scan:
|
||||||
executor: node-executor
|
executor: node-executor
|
||||||
steps:
|
steps:
|
||||||
- checkout
|
- checkout
|
||||||
- restore-dependencies
|
- restore-dependencies
|
||||||
- install-dependencies
|
- install-dependencies
|
||||||
- save-dependencies
|
- save-dependencies
|
||||||
- run:
|
- run:
|
||||||
name: Run npm audit
|
name: Run npm audit
|
||||||
command: npm audit --audit-level=moderate || true
|
command: npm audit --audit-level=moderate || true
|
||||||
- run:
|
- run:
|
||||||
name: Install Trivy
|
name: Install Trivy
|
||||||
command: |
|
command: |
|
||||||
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
|
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
|
||||||
echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
|
echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
|
||||||
sudo apt-get update
|
sudo apt-get update
|
||||||
sudo apt-get install trivy -y
|
sudo apt-get install trivy -y
|
||||||
- run:
|
- run:
|
||||||
name: Run Trivy scan
|
name: Run Trivy scan
|
||||||
command: trivy fs --exit-code 0 --no-progress --format json --output trivy-report.json .
|
command: trivy fs --exit-code 0 --no-progress --format json --output trivy-report.json .
|
||||||
- store_artifacts:
|
- store_artifacts:
|
||||||
path: trivy-report.json
|
path: trivy-report.json
|
||||||
destination: security/trivy-report.json
|
destination: security/trivy-report.json
|
||||||
- notify-slack-on-fail
|
- notify-slack-on-fail
|
||||||
|
|
||||||
docker-build-and-push:
|
docker-build-and-push:
|
||||||
executor: docker/docker
|
executor: docker/docker
|
||||||
steps:
|
steps:
|
||||||
- checkout
|
- checkout
|
||||||
- setup_remote_docker:
|
- setup_remote_docker:
|
||||||
docker_layer_caching: true
|
docker_layer_caching: true
|
||||||
- attach_workspace:
|
- attach_workspace:
|
||||||
at: .
|
at: .
|
||||||
- run:
|
- run:
|
||||||
name: Install QEMU
|
name: Install QEMU
|
||||||
command: |
|
command: |
|
||||||
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||||
- run:
|
- run:
|
||||||
name: Set up Docker Buildx
|
name: Set up Docker Buildx
|
||||||
command: |
|
command: |
|
||||||
docker buildx create --name multiarch --driver docker-container --use
|
docker buildx create --name multiarch --driver docker-container --use
|
||||||
docker buildx inspect --bootstrap
|
docker buildx inspect --bootstrap
|
||||||
- run:
|
- run:
|
||||||
name: Build multi-arch Docker image
|
name: Build multi-arch Docker image
|
||||||
command: |
|
command: |
|
||||||
echo $DOCKER_PASSWORD | docker login ghcr.io -u $DOCKER_USERNAME --password-stdin
|
echo $DOCKER_PASSWORD | docker login ghcr.io -u $DOCKER_USERNAME --password-stdin
|
||||||
docker buildx build \
|
docker buildx build \
|
||||||
--platform linux/amd64,linux/arm64 \
|
--platform linux/amd64,linux/arm64 \
|
||||||
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:$CIRCLE_BRANCH \
|
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:$CIRCLE_BRANCH \
|
||||||
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:$CIRCLE_BRANCH-$CIRCLE_SHA1 \
|
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:$CIRCLE_BRANCH-$CIRCLE_SHA1 \
|
||||||
--push \
|
--push \
|
||||||
.
|
.
|
||||||
if [ "$CIRCLE_BRANCH" = "main" ]; then
|
if [ "$CIRCLE_BRANCH" = "main" ]; then
|
||||||
docker buildx build \
|
docker buildx build \
|
||||||
--platform linux/amd64,linux/arm64 \
|
--platform linux/amd64,linux/arm64 \
|
||||||
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest \
|
--tag ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest \
|
||||||
--push \
|
--push \
|
||||||
.
|
.
|
||||||
fi
|
fi
|
||||||
- notify-slack-on-fail
|
- notify-slack-on-fail
|
||||||
|
|
||||||
deploy-staging:
|
deploy-staging:
|
||||||
executor: node-executor
|
executor: node-executor
|
||||||
steps:
|
steps:
|
||||||
- checkout
|
- checkout
|
||||||
- run:
|
- run:
|
||||||
name: Deploy to staging
|
name: Deploy to staging
|
||||||
command: |
|
command: |
|
||||||
echo "Deploying to staging environment..."
|
echo "Deploying to staging environment..."
|
||||||
echo "Image: ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:develop-$CIRCLE_SHA1"
|
echo "Image: ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:develop-$CIRCLE_SHA1"
|
||||||
curl -X POST $STAGING_WEBHOOK_URL \
|
curl -X POST $STAGING_WEBHOOK_URL \
|
||||||
-H "Content-Type: application/json" \
|
-H "Content-Type: application/json" \
|
||||||
-d "{\"image\":\"ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:develop\",\"sha\":\"$CIRCLE_SHA1\"}"
|
-d "{\"image\":\"ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:develop\",\"sha\":\"$CIRCLE_SHA1\"}"
|
||||||
- notify-slack-on-success
|
- notify-slack-on-success
|
||||||
- notify-slack-on-fail
|
- notify-slack-on-fail
|
||||||
|
|
||||||
deploy-production:
|
deploy-production:
|
||||||
executor: node-executor
|
executor: node-executor
|
||||||
steps:
|
steps:
|
||||||
- checkout
|
- checkout
|
||||||
- run:
|
- run:
|
||||||
name: Deploy to production
|
name: Deploy to production
|
||||||
command: |
|
command: |
|
||||||
echo "Deploying to production environment..."
|
echo "Deploying to production environment..."
|
||||||
echo "Image: ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest"
|
echo "Image: ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest"
|
||||||
curl -X POST $PRODUCTION_WEBHOOK_URL \
|
curl -X POST $PRODUCTION_WEBHOOK_URL \
|
||||||
-H "Content-Type: application/json" \
|
-H "Content-Type: application/json" \
|
||||||
-d "{\"image\":\"ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest\",\"sha\":\"$CIRCLE_SHA1\"}"
|
-d "{\"image\":\"ghcr.io/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME:latest\",\"sha\":\"$CIRCLE_SHA1\"}"
|
||||||
- notify-slack-on-success
|
- notify-slack-on-success
|
||||||
- notify-slack-on-fail
|
- notify-slack-on-fail
|
||||||
|
|
||||||
workflows:
|
workflows:
|
||||||
version: 2
|
version: 2
|
||||||
build-test-deploy:
|
build-test-deploy:
|
||||||
jobs:
|
jobs:
|
||||||
- lint
|
- lint
|
||||||
- test:
|
- test:
|
||||||
requires:
|
|
||||||
- lint
|
- lint
|
||||||
- build:
|
- build:
|
||||||
requires:
|
|
||||||
- test
|
- test
|
||||||
- e2e-test:
|
- e2e-test:
|
||||||
requires:
|
requires:
|
||||||
- build
|
- build
|
||||||
- security-scan:
|
- security-scan:
|
||||||
requires:
|
requires:
|
||||||
- build
|
- build
|
||||||
- docker-build-and-push:
|
- docker-build-and-push:
|
||||||
requires:
|
requires:
|
||||||
- build
|
- build
|
||||||
- test
|
- test
|
||||||
- security-scan
|
- security-scan
|
||||||
filters:
|
filters:
|
||||||
branches:
|
branches:
|
||||||
only:
|
only:
|
||||||
- main
|
- main
|
||||||
- develop
|
- develop
|
||||||
- deploy-staging:
|
- deploy-staging:
|
||||||
requires:
|
requires:
|
||||||
- docker-build-and-push
|
|
||||||
filters:
|
|
||||||
branches:
|
|
||||||
only: develop
|
|
||||||
- hold-for-approval:
|
|
||||||
type: approval
|
|
||||||
requires:
|
|
||||||
- docker-build-and-push
|
|
||||||
- e2e-test
|
|
||||||
filters:
|
|
||||||
branches:
|
|
||||||
only: main
|
|
||||||
- deploy-production:
|
|
||||||
requires:
|
|
||||||
- hold-for-approval
|
|
||||||
filters:
|
|
||||||
branches:
|
|
||||||
only: main
|
|
||||||
|
|||||||
Reference in New Issue
Block a user