wavemaker-rn-runtime/.gitlab-ci.yml at master · wavemaker/wavemaker-rn-runtime · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
stages:
        - jira_feature_dev
        - jira_next_release
        - jira_hotfix_release
        - jira_preprod_release
        - jira_verification_merge
        - security_check

before_script:
  - export NVM_DIR="$HOME/.nvm"
  - '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # Load nvm'
  - '[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # Load nvm bash_completion'

variables:
  NODE_OPTIONS: "--max-old-space-size=16384"


jira_feature_dev:
  stage: jira_feature_dev
  tags:
      - jira
  only:
      - /^feature.*$/

  script:
    - echo "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$NEXT_RELEASE_VERSION"
    - python3 /home/gitlab-runner/jira-ci-scripts/jira_connection.py "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" 4 "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$NEXT_RELEASE_VERSION"

jira_next_release:
  stage: jira_next_release
  tags:
      - jira
  only:
    - "$NEXT_RELEASE_BRANCH"

  script:
    - echo "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$NEXT_RELEASE_VERSION"
    - python3 /home/gitlab-runner/jira-ci-scripts/jira_connection.py "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" 5 "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$NEXT_RELEASE_VERSION"

jira_hotfix_release:
  stage: jira_hotfix_release
  tags:
      - jira
  only:
    - "$HOTFIX_BRANCH"
  script:
    - echo "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$NEXT_HOT_FIX_VERSION"
    - python3 /home/gitlab-runner/jira-ci-scripts/jira_connection.py "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" 5 "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$NEXT_HOT_FIX_VERSION"

jira_preprod_release:
  stage: jira_preprod_release
  tags:
      - jira
  only:
    - "$PREPOD_BRANCH"
  script:
    - echo "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$NEXT_PREPOD_VERSION"
    - python3 /home/gitlab-runner/jira-ci-scripts/jira_connection.py "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" 5 "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$NEXT_PREPOD_VERSION"

jira_verification_merge:
  stage: jira_verification_merge
  tags:
    - jira
  only: [merge_requests]
  script:
    - echo "$CI_COMMIT_MESSAGE" "$CI_COMMIT_BRANCH" "$JIRA_MSG" "$TOKEN" "$CI_PROJECT_ID" "$GITLAB_TOKEN" "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" "$CI_MERGE_REQUEST_TARGET_BRANCH_NAME" "$NEXT_HOT_FIX_VERSION"
    - python3 /home/gitlab-runner/jira-ci-scripts/verify_tickets_in_commits.py "$TOKEN" "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" "$CI_MERGE_REQUEST_TARGET_BRANCH_NAME" "$CI_PROJECT_ID" "$GITLAB_TOKEN"

security_vulnerability_check:
  stage: security_check
  tags:
    - npm
  only:
    refs: ['merge_requests']
    changes: ['package.json']
  script:
    - echo "🔍 Running security vulnerability checks..."
    # Check root package.json
    - echo "📦 Checking root package.json"
    - npm audit --audit-level=high || ROOT_AUDIT_FAILED=1
    - |
      if [ -n "$ROOT_AUDIT_FAILED" ]; then
        echo "❌ Security vulnerability found in package.json"
        exit 1
      fi
      echo "✅ No security vulnerabilities found"
  allow_failure: false