mirror of
https://gitlab.com/openstapps/openstapps.git
synced 2025-12-12 17:26:22 +00:00
907d61b5d2
The audit fails only if the results include a vulnerability with a level of at least 'high' in scheduled pipelines.
80 lines
1.1 KiB
YAML
80 lines
1.1 KiB
YAML
image: registry.gitlab.com/openstapps/projectmanagement/node
|
|
|
|
cache:
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
paths:
|
|
- node_modules
|
|
|
|
before_script:
|
|
- npm install
|
|
|
|
stages:
|
|
- build
|
|
- test
|
|
- audit
|
|
- deploy
|
|
- publish
|
|
|
|
build:
|
|
tags:
|
|
- performance
|
|
stage: build
|
|
script:
|
|
- npm run build
|
|
artifacts:
|
|
paths:
|
|
- lib
|
|
expire_in: 1 week
|
|
|
|
audit:
|
|
stage: audit
|
|
script:
|
|
- npm audit
|
|
allow_failure: true
|
|
except:
|
|
- schedules
|
|
|
|
scheduled-audit:
|
|
stage: audit
|
|
script:
|
|
- npm audit --audit-level=high
|
|
only:
|
|
- schedules
|
|
|
|
test:
|
|
dependencies:
|
|
- build
|
|
stage: test
|
|
script:
|
|
- npm test
|
|
artifacts:
|
|
paths:
|
|
- report
|
|
- coverage
|
|
|
|
package:
|
|
dependencies:
|
|
- build
|
|
tags:
|
|
- secrecy
|
|
stage: publish
|
|
script:
|
|
- echo "//registry.npmjs.org/:_authToken=$NPM_AUTH_TOKEN" > ~/.npmrc
|
|
- npm publish
|
|
only:
|
|
- /^v[0-9]+.[0-9]+.[0-9]+$/
|
|
artifacts:
|
|
paths:
|
|
- lib
|
|
|
|
pages:
|
|
stage: deploy
|
|
script:
|
|
- npm run documentation
|
|
- mv docs public
|
|
only:
|
|
- /^v[0-9]+\.[0-9]+\.[0-9]+$/
|
|
artifacts:
|
|
paths:
|
|
- public
|