Fakultas Ilmu Komputer UI

Commit a82de55e authored by Daya Adianto's avatar Daya Adianto
Browse files

Configure Dependency Scanning in `.gitlab-ci.yml`, creating this file if it does not already exist

parent f7823126
Pipeline #88479 failed
---
# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
variables:
PIPENV_VERSION: 2021.5.29
PIPENV_VENV_IN_PROJECT: 'True'
stages:
- build
- deploy
# Use merge request pipeline
- build
- deploy
workflow:
rules:
- if: '$CI_MERGE_REQUEST_IID'
- if: '$CI_COMMIT_TAG'
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- if: "$CI_MERGE_REQUEST_IID"
- if: "$CI_COMMIT_TAG"
- if: "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH"
build:
stage: build
image: docker.io/python:3.9.7-alpine
before_script:
- apk add --no-cache git
- pip install pipenv==${PIPENV_VERSION}
- unset PIPENV_VERSION
- pipenv sync
- apk add --no-cache git
- pip install pipenv==${PIPENV_VERSION}
- unset PIPENV_VERSION
- pipenv sync
script:
- pipenv run mkdocs build
- pipenv run mkdocs build
cache:
key:
files:
- Pipfile.lock
- Pipfile.lock
paths:
- .venv/
- ".venv/"
artifacts:
paths:
- site/
- site/
deploy:
stage: deploy
image: docker.io/alpine:3.14.2
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- if: "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH"
needs:
- build
- build
before_script:
- apk add --no-cache openssh-client rsync
- mkdir -p ~/.ssh && chmod 700 ~/.ssh
- eval $(ssh-agent -s)
- echo "${SSH_PRIVATE_KEY}" | tr -d '\r' | ssh-add -
- echo "${SSH_KNOWN_HOSTS}" >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
- apk add --no-cache openssh-client rsync
- mkdir -p ~/.ssh && chmod 700 ~/.ssh
- eval $(ssh-agent -s)
- echo "${SSH_PRIVATE_KEY}" | tr -d '\r' | ssh-add -
- echo "${SSH_KNOWN_HOSTS}" >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
- rsync -ahP site/ admin@10.119.105.12:/opt/course-site
- rsync -ahP site/ admin@10.119.105.12:/opt/course-site
environment:
name: production
url: https://pmpl.cs.ui.ac.id
include:
- template: Security/Dependency-Scanning.gitlab-ci.yml
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment