debian-mirror-gitlab/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml

103 lines
2.6 KiB
YAML
Raw Normal View History

2021-11-11 11:23:49 +05:30
variables:
2022-11-25 23:54:43 +05:30
DAST_AUTO_DEPLOY_IMAGE_VERSION: 'v2.39.0'
2021-11-11 11:23:49 +05:30
2019-12-26 22:10:19 +05:30
.dast-auto-deploy:
2022-08-27 11:52:29 +05:30
image: "${CI_TEMPLATE_REGISTRY_HOST}/gitlab-org/cluster-integration/auto-deploy-image:${DAST_AUTO_DEPLOY_IMAGE_VERSION}"
2019-12-21 20:55:43 +05:30
2022-08-13 15:12:31 +05:30
.common_rules: &common_rules
- if: $CI_DEFAULT_BRANCH != $CI_COMMIT_REF_NAME
when: never
- if: $DAST_DISABLED || $DAST_DISABLED_FOR_DEFAULT_BRANCH
when: never
- if: $DAST_WEBSITE # we don't need to create a review app if a URL is already given
when: never
2019-12-21 20:55:43 +05:30
dast_environment_deploy:
2019-12-26 22:10:19 +05:30
extends: .dast-auto-deploy
2019-12-21 20:55:43 +05:30
stage: review
script:
- auto-deploy check_kube_domain
- auto-deploy download_chart
2021-12-11 22:18:48 +05:30
- auto-deploy use_kube_context || true
2019-12-21 20:55:43 +05:30
- auto-deploy ensure_namespace
- auto-deploy initialize_tiller
- auto-deploy create_secret
- auto-deploy deploy
- auto-deploy persist_environment_url
environment:
name: dast-default
url: http://dast-$CI_PROJECT_ID-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN
on_stop: stop_dast_environment
artifacts:
paths: [environment_url.txt]
2020-05-24 23:13:21 +05:30
rules:
2022-08-13 15:12:31 +05:30
- *common_rules
2020-05-24 23:13:21 +05:30
- if: $CI_COMMIT_BRANCH &&
2021-12-11 22:18:48 +05:30
($CI_KUBERNETES_ACTIVE || $KUBECONFIG) &&
2020-05-24 23:13:21 +05:30
$GITLAB_FEATURES =~ /\bdast\b/
2019-12-21 20:55:43 +05:30
stop_dast_environment:
2019-12-26 22:10:19 +05:30
extends: .dast-auto-deploy
2019-12-21 20:55:43 +05:30
stage: cleanup
variables:
GIT_STRATEGY: none
script:
2021-12-11 22:18:48 +05:30
- auto-deploy use_kube_context || true
2019-12-21 20:55:43 +05:30
- auto-deploy initialize_tiller
- auto-deploy delete
environment:
name: dast-default
action: stop
needs: ["dast"]
2020-05-24 23:13:21 +05:30
rules:
2022-08-13 15:12:31 +05:30
- *common_rules
2020-05-24 23:13:21 +05:30
- if: $CI_COMMIT_BRANCH &&
2021-12-11 22:18:48 +05:30
($CI_KUBERNETES_ACTIVE || $KUBECONFIG) &&
2020-05-24 23:13:21 +05:30
$GITLAB_FEATURES =~ /\bdast\b/
2020-07-28 23:09:34 +05:30
when: always
2022-08-13 15:12:31 +05:30
.ecs_image:
2022-08-27 11:52:29 +05:30
image: '${CI_TEMPLATE_REGISTRY_HOST}/gitlab-org/cloud-deploy/aws-ecs:latest'
2022-08-13 15:12:31 +05:30
.ecs_rules: &ecs_rules
- if: $AUTO_DEVOPS_PLATFORM_TARGET != "ECS"
when: never
- if: $CI_KUBERNETES_ACTIVE || $KUBECONFIG
when: never
dast_ecs_environment_deploy:
extends: .ecs_image
stage: review
script:
- ecs update-task-definition
- echo "http://$(ecs get-task-hostname)" > environment_url.txt
environment:
name: dast-default
on_stop: stop_dast_ecs_environment
artifacts:
paths:
- environment_url.txt
rules:
- *common_rules
- *ecs_rules
- if: $CI_COMMIT_BRANCH && $GITLAB_FEATURES =~ /\bdast\b/
stop_dast_ecs_environment:
extends: .ecs_image
stage: cleanup
variables:
GIT_STRATEGY: none
script:
- ecs stop-task
allow_failure: true
environment:
name: dast-default
action: stop
needs:
- dast
rules:
- *common_rules
- *ecs_rules
- if: $CI_COMMIT_BRANCH && $GITLAB_FEATURES =~ /\bdast\b/
when: always