-
Notifications
You must be signed in to change notification settings - Fork 2
/
.sdk-ci.yml
133 lines (126 loc) · 3.99 KB
/
.sdk-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
.sdk-base:
before_script:
- cd pangea-sdk
rules:
- if: $CI_PIPELINE_SOURCE == "push"
sdk-test-it:
stage: integration_tests
retry: 2
variables:
# Set each service test environment
SERVICE_AUDIT_ENV: LVE
SERVICE_AUTHN_ENV: LVE
SERVICE_AUTHZ_ENV: LVE
SERVICE_EMBARGO_ENV: LVE
SERVICE_FILE_SCAN_ENV: LVE
SERVICE_IP_INTEL_ENV: LVE
SERVICE_DOMAIN_INTEL_ENV: LVE
SERVICE_URL_INTEL_ENV: LVE
SERVICE_FILE_INTEL_ENV: LVE
SERVICE_USER_INTEL_ENV: LVE
SERVICE_REDACT_ENV: LVE
SERVICE_SANITIZE_ENV: LVE
SERVICE_VAULT_ENV: LVE
SERVICE_SHARE_ENV: LVE
before_script:
- echo $ENV
- echo $CLOUD
# Update environment variables
# Domain
- export PANGEA_INTEGRATION_DOMAIN_${ENV}="$(eval echo \$PANGEA_INTEGRATION_DOMAIN_${ENV}_${CLOUD})"
# Tokens
- export PANGEA_INTEGRATION_TOKEN_${ENV}="$(eval echo \$PANGEA_INTEGRATION_TOKEN_${ENV}_${CLOUD})"
- export PANGEA_INTEGRATION_VAULT_TOKEN_${ENV}="$(eval echo \$PANGEA_INTEGRATION_VAULT_TOKEN_${ENV}_${CLOUD})"
- export PANGEA_INTEGRATION_CUSTOM_SCHEMA_TOKEN_${ENV}="$(eval echo \$PANGEA_INTEGRATION_CUSTOM_SCHEMA_TOKEN_${ENV}_${CLOUD})"
- export PANGEA_INTEGRATION_MULTI_CONFIG_TOKEN_${ENV}="$(eval echo \$PANGEA_INTEGRATION_MULTI_CONFIG_TOKEN_${ENV}_${CLOUD})"
# Config IDs
- export PANGEA_AUDIT_CONFIG_ID_1_${ENV}="$(eval echo \$PANGEA_AUDIT_CONFIG_ID_1_${ENV}_${CLOUD})"
- export PANGEA_AUDIT_CONFIG_ID_2_${ENV}="$(eval echo \$PANGEA_AUDIT_CONFIG_ID_2_${ENV}_${CLOUD})"
- export PANGEA_AUDIT_CONFIG_ID_3_${ENV}="$(eval echo \$PANGEA_AUDIT_CONFIG_ID_3_${ENV}_${CLOUD})"
- export PANGEA_REDACT_CONFIG_ID_1_${ENV}="$(eval echo \$PANGEA_REDACT_CONFIG_ID_1_${ENV}_${CLOUD})"
- export PANGEA_REDACT_CONFIG_ID_2_${ENV}="$(eval echo \$PANGEA_REDACT_CONFIG_ID_2_${ENV}_${CLOUD})"
- cd pangea-sdk
parallel:
matrix:
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_AUDIT_ENV}
TEST: audit
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_AUTHN_ENV}
TEST: authn
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_AUTHZ_ENV}
TEST: authz
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_EMBARGO_ENV}
TEST: embargo
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_DOMAIN_INTEL_ENV}
TEST: domain_intel
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_IP_INTEL_ENV}
TEST: ip_intel
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_URL_INTEL_ENV}
TEST: url_intel
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_USER_INTEL_ENV}
TEST: user_intel
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_FILE_INTEL_ENV}
TEST: file_intel
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_FILE_SCAN_ENV}
TEST: file_scan
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_REDACT_ENV}
TEST: redact
- CLOUD: [AWS]
ENV: ${SERVICE_SANITIZE_ENV}
TEST: sanitize
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_VAULT_ENV}
TEST: vault
- CLOUD: [AWS, GCP]
ENV: ${SERVICE_SHARE_ENV}
TEST: share
allow_failure: false
rules:
- if: '$CI_COMMIT_BRANCH && $CLOUD == "GCP" && $TEST == "file_scan"'
allow_failure: true
- if: '$CI_COMMIT_BRANCH && $CLOUD == "GCP" && $TEST != "file_scan"'
allow_failure: true
- if: '$CI_COMMIT_BRANCH && $CLOUD != "GCP"'
allow_failure: false
script:
- go test -count=1 -tags integration -v ./service/${TEST}/...
sdk-lint:
extends: .sdk-base
stage: lint
script:
- make verify
sdk-generate-docs:
extends: .sdk-base
stage: lint
allow_failure: true
script:
- make docgen
artifacts:
expire_in: 1 month
expose_as: go_sdk
paths: ["pangea-sdk/go_sdk.json"]
when: on_success
sdk-unit-testing:
extends: .sdk-base
stage: unit_tests
script:
- make unit
sdk-publish:
stage: publish
variables:
GOPROXY: proxy.golang.org
script:
- bash ./dev/validate_tag.sh "$CI_COMMIT_TAG"
- go list -m github.com/pangeacyber/pangea-go/pangea-sdk@"$CI_COMMIT_TAG"
rules:
- if: $CI_COMMIT_TAG