forked from vin33sh/to-do-kubemigrate
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathazure-pipelines.yml
72 lines (59 loc) · 2.31 KB
/
azure-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# Starter pipeline
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
trigger:
- master
pool:
name: MyHostedVM
steps:
- task: AzureKeyVault@2
inputs:
azureSubscription: 'ServicePrincipalForKeyVault'
KeyVaultName: 'kube-migrate-creds'
SecretsFilter: '*'
RunAsPreJob: true
- task: DockerCompose@0
inputs:
containerregistrytype: 'Azure Container Registry'
azureSubscription: 'Microsoft Azure Enterprise (83cc3e46-0000-4be1-a33f-f757490dcebc)'
azureContainerRegistry: '{"loginServer":"infykubedemo.azurecr.io", "id" : "/subscriptions/83cc3e46-0000-4be1-a33f-f757490dcebc/resourceGroups/InfyKubeDemo/providers/Microsoft.ContainerRegistry/registries/infykubedemo"}'
dockerComposeFile: '**/docker-compose.yaml'
dockerComposeFileArgs: 'TAG=$(TAG)'
action: 'Run a Docker Compose command'
dockerComposeCommand: 'build'
- task: CmdLine@2
displayName: Trivy Scanning for API
inputs:
script:
#echo 'checking for HIGH , CRITICAL for API'
trivy image --exit-code 0 --severity HIGH,CRITICAL $(IMAGE_REPOSITORY_API):$(TAG)
- task: CmdLine@2
displayName: Trivy Scanning for FE
inputs:
script:
#echo 'checking for HIGH , CRITICAL for FE'
trivy image --exit-code 0 --severity HIGH,CRITICAL $(IMAGE_REPOSITORY_CLIENT):$(TAG)
- task: DockerCompose@0
inputs:
containerregistrytype: 'Azure Container Registry'
azureSubscription: 'ServicePrincipalForKeyVault'
azureContainerRegistry: '{"loginServer":"infykubedemo.azurecr.io", "id" : "/subscriptions/83cc3e46-0000-4be1-a33f-f757490dcebc/resourceGroups/InfyKubeDemo/providers/Microsoft.ContainerRegistry/registries/infykubedemo"}'
dockerComposeFile: '**/docker-compose.yaml'
dockerComposeFileArgs: 'TAG=$(TAG)'
action: 'Run a Docker Compose command'
dockerComposeCommand: 'push'
- script: |
echo docker images
echo See https://aka.ms/yaml
- task: CopyFiles@2
inputs:
SourceFolder: 'helm-charts'
Contents: '**'
TargetFolder: '$(Build.ArtifactStagingDirectory)'
CleanTargetFolder: true
- task: PublishBuildArtifacts@1
inputs:
PathtoPublish: '$(Build.ArtifactStagingDirectory)'
ArtifactName: 'helmartifact'
publishLocation: 'Container'