-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
88 lines (80 loc) · 1.68 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
stages:
- build
- test
- security-scan
- deploy
variables:
FRONTEND_DIR: user-frontend
BACKEND_DIR: user-backend
# Job for building the React frontend
build-frontend:
image: node:18
stage: build
script:
- cd $FRONTEND_DIR
- npm install
- npm run build
artifacts:
paths:
- $FRONTEND_DIR/build
expire_in: 1 week
# Job for building the Spring Boot backend
build-backend:
image: maven:3.8.6-eclipse-temurin-17
stage: build
script:
- cd $BACKEND_DIR
- mvn clean install
artifacts:
paths:
- $BACKEND_DIR/target/*.jar
expire_in: 1 week
# Job for running tests
test:
image: maven:3.8.6-eclipse-temurin-17
stage: test
script:
- cd $BACKEND_DIR
- mvn test
# Snyk scan for frontend dependencies (Node.js)
snyk-scan-frontend:
image: snyk/snyk:docker
stage: security-scan
script:
- cd $FRONTEND_DIR
- npm install
- snyk auth $SNYK_TOKEN
- snyk test --file=package.json
only:
- master
# Snyk scan for backend dependencies (Java/Maven)
snyk-scan-backend:
image: snyk/snyk:docker
stage: security-scan
script:
- cd $BACKEND_DIR
- mvn clean install
- snyk auth $SNYK_TOKEN
- snyk test --file=pom.xml --package-manager=maven
only:
- master
# Snyk scan Docker images for vulnerabilities
snyk-scan-docker:
image: docker:20.10.16
stage: security-scan
services:
- docker:dind
script:
- docker build -t my-app:$CI_COMMIT_SHA .
- snyk auth $SNYK_TOKEN
- snyk container test my-app:$CI_COMMIT_SHA
only:
- master
# Job for deploying the application
deploy:
image: node:18
stage: deploy
script:
- echo "Deploying application..."
only:
- master