-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbitbucket-pipelines.yml
156 lines (141 loc) · 5.36 KB
/
bitbucket-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
clone:
depth: full # SonarCloud scanner needs the full history to assign issues properly
image: node:12
definitions:
# CACHES
caches:
sonar: ~/.sonar/cache # Caching SonarCloud artifacts will speed up your build
nodecustom: ./node_modules # YARN doesn't work with Node cache for some reason
yarn: /usr/local/share/.cache/yarn # Don't ask LOL...
# SERVICES
services:
docker:
memory: 2048 # Increasing Docker Memory Size to 2GB instead of defailt 1GB
# STEPS
steps:
# DEFINE Mirror to Github STEP
- step: &github
name: "Mirror to Github"
script:
- git config --global user.name "Alkemi Build CI"
- git config --global user.email [email protected]
- git push --mirror [email protected]:project-alkemi/alkemi-earn-safe-app.git
# DEFINE TEST STEP
- step: &test
name: Test
caches:
- nodecustom
- yarn
script:
- yarn install
# CI=true in default variables for Bitbucket Pipelines https://support.atlassian.com/bitbucket-cloud/docs/variables-in-pipelines/
- yarn test
# DEFINE LINT STEP
- step: &lint
name: Lint the node package
script:
# Run your linter of choice here
# - yarn add eslint
- npx eslint src
caches:
- nodecustom
- yarn
# DEFINE BUILD STEP
- step: &build
name: Build and Test
caches:
- nodecustom
- yarn
script:
- yarn install
# CI=true in default variables for Bitbucket Pipelines https://support.atlassian.com/bitbucket-cloud/docs/variables-in-pipelines/
- yarn test
- yarn run build
artifacts:
- build/**
# DEFINE Security STEP
- step: &security
name: Security Scan
script:
# Run a security scan for sensitive data.
# See more security tools at https://bitbucket.org/product/features/pipelines/integrations?&category=security
- pipe: atlassian/git-secrets-scan:0.4.3
# DEFINE CODE ANALYSIS
- step: &analyze
name: Code Analysis
caches:
- nodecustom
- yarn
- sonar
script:
# Increase Node Memory Size to 2GB instead of default 512MB
- export NODE_OPTIONS=--max_old_space_size=2048
- yarn install --quiet
- pipe: sonarsource/sonarcloud-scan:1.2.1
# DEFINE CODE QUALITY GATE
- step: &quality-gate
name: Code Quality Enforcement
script:
- pipe: sonarsource/sonarcloud-quality-gate:0.1.4
# If the quality requirements aren't passed as defined in Sonar, Build will Fail
# DEFINE DEPLOY STEP
- step: &deploy
name: Deploy to Production
deployment: Production
trigger: manual
clone:
enabled: false
script:
# sync your files to S3
- pipe: atlassian/aws-s3-deploy:0.4.4
variables:
AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGION: $AWS_DEFAULT_REGION
S3_BUCKET: $AWS_S3_BUCKET
LOCAL_PATH: "build"
# triggering a distribution invalidation to refresh the CDN caches
- pipe: atlassian/aws-cloudfront-invalidate:0.1.1
variables:
AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGION: $AWS_DEFAULT_REGION
DISTRIBUTION_ID: $AWS_CLOUDFRONT_ID
# DEFINE RELEASE and bump VERSION
- step: &release
name: "Release and bump version"
caches:
- nodecustom
- yarn
- sonar
script:
# Install quietly
- yarn install --quiet
# Run Test
- yarn test
# Do Release w/ debug on
- npx semantic-release
artifacts: # defining the artifacts to be passed to each future step.
- CHANGELOG.md
- package.json
# Workflow Configuration
pipelines:
default:
- parallel:
- step: *test
- step: *lint
branches:
development:
# Runs only on Development Branch
- parallel:
- step: *build
- step: *security
- step: *analyze
- step: *release
master:
- parallel:
- step: *build
- step: *security
- step: *analyze
- step: *github
- step: *deploy