forked from nortal/GovStack-IM-BB-PubSub-Component
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
81 lines (75 loc) · 2.28 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
workflow:
name: "$PIPELINE_NAME - push to '$ECR_NAME' ECR, run e2e tests='${RUN_E2E_TESTS}'"
# When to run workflow
rules:
# https://docs.gitlab.com/ee/ci/pipelines/merge_request_pipelines.html
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
variables:
PIPELINE_NAME: "MR pipeline: $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME"
# Running from the GitLab Web UI, NOTE: all jobs executed
- if: $CI_PIPELINE_SOURCE == "web"
# Pushing to default branch
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
RUN_E2E_TESTS: "true"
stages:
- build
- test
- sonarqube-check
- build-image
- push-image
- e2e-tests
variables:
PIPELINE_NAME: "Branch pipeline: $CI_COMMIT_BRANCH"
ECR_NAME:
value: "nortal"
options:
- "nortal"
- "gofore"
description: "Select the ECR target. Valid options are: 'nortal', 'gofore'"
RUN_E2E_TESTS:
value: "false"
options:
- "true"
- "false"
description: "Run E2E tests"
# Include subproject pipelines
include:
- "schema/.gitlab-ci.yml"
- "messaging-api/.gitlab-ci.yml"
- "management-api/.gitlab-ci.yml"
- "management-ui/.gitlab-ci.yml"
- "tests/.gitlab-ci.yml"
.install_aws_cli:
- echo "--- install_aws_cli ---"
- apk add --no-cache python3 py3-pip
- pip3 install --no-cache-dir awscli
.login_to_aws_script:
- echo "--- login_to_aws_script ---"
- >
export $(printf "AWS_ACCESS_KEY_ID=%s AWS_SECRET_ACCESS_KEY=%s AWS_SESSION_TOKEN=%s"
$(aws sts assume-role-with-web-identity
--role-arn ${AWS_ROLE_ARN}
--role-session-name "GitLabRunner-${CI_PROJECT_ID}-${CI_PIPELINE_ID}"
--web-identity-token ${GITLAB_OIDC_TOKEN}
--duration-seconds 3600
--query 'Credentials.[AccessKeyId,SecretAccessKey,SessionToken]'
--output text))
- aws sts get-caller-identity
- export AWS_ACCOUNT=$(aws sts get-caller-identity --query 'Account' --output text)
.push_docker_image:
stage: push-image
image:
name: docker:git
pull_policy: if-not-present
id_tokens:
GITLAB_OIDC_TOKEN:
aud: https://gitlab.nortal.com
environment:
name: $ECR_NAME
script:
- aws ecr get-login-password |
docker login --username AWS --password-stdin
${AWS_ECR_URL}
- echo "Pushing image ${IMAGE_NAME}"
- docker push $IMAGE_NAME