1 |
|
2 | version: 2
|
3 |
|
4 | defaults_working_directory: &defaults_working_directory
|
5 | working_directory: /home/circleci/project
|
6 |
|
7 | defaults_docker_node: &defaults_docker_node
|
8 | docker:
|
9 | - image: mhart/alpine-node:12.16.0
|
10 |
|
11 | defaults_Dependencies: &defaults_Dependencies |
|
12 | apk --no-cache add \
|
13 | git \
|
14 | ca-certificates \
|
15 | curl \
|
16 | openssh-client \
|
17 | bash
|
18 | apk add --no-cache -t build-dependencies make gcc g++ python libtool autoconf automake
|
19 |
|
20 | defaults_awsCliDependencies: &defaults_awsCliDependencies |
|
21 | apk --no-cache add \
|
22 | python \
|
23 | py-pip \
|
24 | groff \
|
25 | less \
|
26 | mailcap
|
27 | pip install --upgrade awscli==1.14.5 s3cmd==2.0.1 python-magic
|
28 | apk -v --purge del py-pip
|
29 |
|
30 | defaults_license_scanner: &defaults_license_scanner
|
31 | name: Install and set up license-scanner
|
32 | command: |
|
33 | git clone https://github.com/mojaloop/license-scanner /tmp/license-scanner
|
34 | cd /tmp/license-scanner && make build default-files set-up
|
35 |
|
36 | defaults_npm_auth: &defaults_npm_auth
|
37 | name: Update NPM registry auth token
|
38 | command: echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > .npmrc
|
39 |
|
40 | defaults_npm_publish_version: &defaults_npm_publish
|
41 | name: Update version to prerelease
|
42 | command: |
|
43 | source $BASH_ENV
|
44 | echo "Publishing tag $CIRCLE_TAG"
|
45 | npm publish --tag $CIRCLE_TAG --access public
|
46 |
|
47 | defaults_npm_publish_release: &defaults_npm_publish_release
|
48 | name: Publish NPM $RELEASE_TAG artifact
|
49 | command: |
|
50 | source $BASH_ENV
|
51 | echo "Publishing tag $RELEASE_TAG"
|
52 | npm publish --tag $RELEASE_TAG --access public
|
53 |
|
54 | defaults_slack_announcement: &defaults_slack_announcement
|
55 | name: Slack announcement for tag releases
|
56 | command: |
|
57 | curl -X POST \
|
58 | $SLACK_WEBHOOK_ANNOUNCEMENT \
|
59 | -H 'Content-type: application/json' \
|
60 | -H 'cache-control: no-cache' \
|
61 | -d "{
|
62 | \"text\": \"*${CIRCLE_PROJECT_REPONAME}* - Release \`${CIRCLE_TAG}\`: https://github.com/mojaloop/${CIRCLE_PROJECT_REPONAME}/releases/tag/${CIRCLE_TAG}\"
|
63 | }"
|
64 |
|
65 | jobs:
|
66 | setup:
|
67 | <<: *defaults_working_directory
|
68 | <<: *defaults_docker_node
|
69 | steps:
|
70 | - run:
|
71 | name: Install general dependencies
|
72 | command: *defaults_Dependencies
|
73 | - checkout
|
74 | - run:
|
75 | name: Update NPM install
|
76 | command: npm install
|
77 | - save_cache:
|
78 | key: dependency-cache-{{ checksum "package.json" }}
|
79 | paths:
|
80 | - node_modules
|
81 |
|
82 | test-unit:
|
83 | <<: *defaults_working_directory
|
84 | <<: *defaults_docker_node
|
85 | steps:
|
86 | - run:
|
87 | name: Install general dependencies
|
88 | command: *defaults_Dependencies
|
89 | - checkout
|
90 | - restore_cache:
|
91 | key: dependency-cache-{{ checksum "package.json" }}
|
92 | - run:
|
93 | name: Create dir for test results
|
94 | command: mkdir -p ./test/results
|
95 | - run:
|
96 | name: Execute unit tests
|
97 | command: npm -s run test:xunit > ./test/results/tape.xml
|
98 | - store_artifacts:
|
99 | path: ./test/results
|
100 | prefix: test
|
101 | - store_test_results:
|
102 | path: ./test/results
|
103 |
|
104 | test-coverage:
|
105 | <<: *defaults_working_directory
|
106 | <<: *defaults_docker_node
|
107 | steps:
|
108 | - run:
|
109 | name: Install general dependencies
|
110 | command: *defaults_Dependencies
|
111 | - run:
|
112 | name: Install AWS CLI dependencies
|
113 | command: *defaults_awsCliDependencies
|
114 | - checkout
|
115 | - restore_cache:
|
116 | key: dependency-cache-{{ checksum "package.json" }}
|
117 | - run:
|
118 | name: Execute code coverage check
|
119 | command: npm -s run test:coverage-check
|
120 | - store_artifacts:
|
121 | path: coverage
|
122 | prefix: test
|
123 | - store_test_results:
|
124 | path: coverage/lcov.info
|
125 | - run:
|
126 | name: Copy code coverage to SonarQube
|
127 | command: |
|
128 | if [ "${CIRCLE_BRANCH}" == "master" ];
|
129 | then
|
130 | echo "Sending lcov.info to SonarQube... "
|
131 | aws s3 cp coverage/lcov.info $AWS_S3_DIR_SONARQUBE/central-services-error-handling/lcov.info
|
132 | else
|
133 | echo "Not a release (env CIRCLE_BRANCH != 'master'), skipping sending lcov.info to SonarQube."
|
134 | fi
|
135 | vulnerability-check:
|
136 | <<: *defaults_working_directory
|
137 | <<: *defaults_docker_node
|
138 | steps:
|
139 | - run:
|
140 | name: Install general dependencies
|
141 | command: *defaults_Dependencies
|
142 | - checkout
|
143 | - restore_cache:
|
144 | key: dependency-cache-{{ checksum "package.json" }}
|
145 | - run:
|
146 | name: Create dir for test results
|
147 | command: mkdir -p ./audit/results
|
148 | - run:
|
149 | name: Check for new npm vulnerabilities
|
150 | command: npm run audit:check --silent -- --json > ./audit/results/auditResults.json
|
151 | - store_artifacts:
|
152 | path: ./audit/results
|
153 | prefix: audit
|
154 |
|
155 | audit-licenses:
|
156 | <<: *defaults_working_directory
|
157 | <<: *defaults_docker_node
|
158 | steps:
|
159 | - run:
|
160 | name: Install general dependencies
|
161 | command: *defaults_Dependencies
|
162 | - run:
|
163 | <<: *defaults_license_scanner
|
164 | - checkout
|
165 | - restore_cache:
|
166 | key: dependency-cache-{{ checksum "package.json" }}
|
167 | - run:
|
168 | name: Prune non-production packages before running license-scanner
|
169 | command: npm prune --production
|
170 | - run:
|
171 | name: Run the license-scanner
|
172 | command: cd /tmp/license-scanner && pathToRepo=$CIRCLE_WORKING_DIRECTORY make run
|
173 | - store_artifacts:
|
174 | path: /tmp/license-scanner/results
|
175 | prefix: licenses
|
176 |
|
177 | build-snapshot:
|
178 | <<: *defaults_working_directory
|
179 | <<: *defaults_docker_node
|
180 | steps:
|
181 | - run:
|
182 | name: Install general dependencies
|
183 | command: *defaults_Dependencies
|
184 | - checkout
|
185 | - run:
|
186 | name: setup environment vars for SNAPSHOT release
|
187 | command: |
|
188 | echo 'export RELEASE_TAG=$RELEASE_TAG_SNAPSHOT' >> $BASH_ENV
|
189 | - run:
|
190 | <<: *defaults_npm_auth
|
191 | - run:
|
192 | <<: *defaults_npm_publish_release
|
193 | - run:
|
194 | <<: *defaults_slack_announcement
|
195 |
|
196 | build:
|
197 | <<: *defaults_working_directory
|
198 | <<: *defaults_docker_node
|
199 | steps:
|
200 | - run:
|
201 | name: Install general dependencies
|
202 | command: *defaults_Dependencies
|
203 | - checkout
|
204 | - run:
|
205 | name: setup environment vars for LATEST release
|
206 | command: |
|
207 | echo 'export RELEASE_TAG=$RELEASE_TAG_PROD' >> $BASH_ENV
|
208 | - run:
|
209 | <<: *defaults_npm_auth
|
210 | - run:
|
211 | <<: *defaults_npm_publish_release
|
212 | - run:
|
213 | <<: *defaults_slack_announcement
|
214 |
|
215 | workflows:
|
216 | version: 2
|
217 | build_and_test:
|
218 | jobs:
|
219 | - setup:
|
220 | context: org-global
|
221 | filters:
|
222 | tags:
|
223 | only: /.*/
|
224 | branches:
|
225 | ignore:
|
226 | - /feature*/
|
227 | - /bugfix*/
|
228 | - test-unit:
|
229 | context: org-global
|
230 | requires:
|
231 | - setup
|
232 | filters:
|
233 | tags:
|
234 | only: /.*/
|
235 | branches:
|
236 | ignore:
|
237 | - /feature*/
|
238 | - /bugfix*/
|
239 | - test-coverage:
|
240 | context: org-global
|
241 | requires:
|
242 | - setup
|
243 | filters:
|
244 | tags:
|
245 | only: /.*/
|
246 | branches:
|
247 | ignore:
|
248 | - /feature*/
|
249 | - /bugfix*/
|
250 | - vulnerability-check:
|
251 | context: org-global
|
252 | requires:
|
253 | - setup
|
254 | filters:
|
255 | tags:
|
256 | only: /.*/
|
257 | branches:
|
258 | ignore:
|
259 | - /feature*/
|
260 | - /bugfix*/
|
261 | - audit-licenses:
|
262 | context: org-global
|
263 | requires:
|
264 | - setup
|
265 | filters:
|
266 | tags:
|
267 | only: /.*/
|
268 | branches:
|
269 | ignore:
|
270 | - /feature*/
|
271 | - /bugfix*/
|
272 | - build-snapshot:
|
273 | context: org-global
|
274 | requires:
|
275 | - setup
|
276 | - test-unit
|
277 | - test-coverage
|
278 | - vulnerability-check
|
279 | - audit-licenses
|
280 | filters:
|
281 | tags:
|
282 | only: /v[0-9]+(\.[0-9]+)*\-snapshot+((\.[0-9]+)?)/
|
283 | branches:
|
284 | ignore:
|
285 | - /.*/
|
286 | - build:
|
287 | context: org-global
|
288 | requires:
|
289 | - setup
|
290 | - test-unit
|
291 | - test-coverage
|
292 | - vulnerability-check
|
293 | - audit-licenses
|
294 | filters:
|
295 | tags:
|
296 | only: /v[0-9]+(\.[0-9]+)*/
|
297 | branches:
|
298 | ignore:
|
299 | - /.*/
|