Newer
Older
include:
- remote: https://open.greenhost.net/openappstack/openappstack/raw/master/.gitlab/ci_templates/kaniko.yml
variables:
KANIKO_CONTEXT: "consent_provider"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
logout_provider:
stage: build
variables:
KANIKO_CONTEXT: "logout_provider"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
only:
changes:
- logout_provider/**/*
- .gitlab-ci.yml
variables:
KANIKO_CONTEXT: "login_provider"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
stage: build
needs: []
variables:
KANIKO_CONTEXT: "kratos"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
only:
changes:
- kratos/**/*
- .gitlab-ci.yml
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
- test/integration_tests/test/Dockerfile
pylint:
stage: build-test-images
variables:
KANIKO_CONTEXT: "test/lint/pylint"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
only:
changes:
- test/lint/pylint/Dockerfile
- test/lint/pylint/requirements.txt
- .gitlab-ci.yml
behave-integration:
stage: integration-test
services:
- name: postgres:latest
alias: postgres
- name: ${CI_REGISTRY_IMAGE}/login_provider:${CI_COMMIT_REF_NAME}
alias: login
- name: ${CI_REGISTRY_IMAGE}/consent_provider:${CI_COMMIT_REF_NAME}
alias: consent
- name: ${CI_REGISTRY_IMAGE}/logout_provider:${CI_COMMIT_REF_NAME}
alias: logout
alias: hydra
command:
- serve
- all
- --dangerous-force-http
- --dangerous-allow-insecure-redirect-urls
- name: open.greenhost.net:4567/openappstack/user-panel/backend:master
- name: ${CI_REGISTRY_IMAGE}/integration_test_app:${CI_COMMIT_REF_NAME}
# Feature Flag FF_NETWORK_PER_BUILD Enables creation of a docker network per build
# with the docker executor of the gitlab-runner. This is required for service
# interconnection. Requires gitlab-runner v12.9.0
URLS_CONSENT: "http://consent:5001/consent"
URLS_SELF_ISSUER: "http://hydra:4444/"
BASE_URL: "http://hydra:4444/"
ACCESS_TOKEN_URL: "http://hydra:4444/oauth2/token"
AUTHORIZE_URL: "http://hydra:4444/oauth2/auth"
USERINFO_URL: "http://hydra:4444/userinfo"
GRAPHQL_URL: "http://backend:5000/graphql"
GIT_SUBMODULE_STRATEGY: "recursive"
TESTUSER_USERNAME: "testuser"
TESTUSER_PASSWORD: "password"
TESTUSER_EMAIL: "testuser@example.net"
DSN: "memory"
SECRETS_SYSTEM: "youReallyNeedToChangeThis"
DATABASE_USER: postgres
DATABASE_PASSWORD: secret
DATABASE_NAME: postgres
POSTGRES_PASSWORD: secret
POSTGRES_USER: postgres
POSTGRES_DB: postgres
OAUTHLIB_INSECURE_TRANSPORT: "true"
KEY: "testapp"
SECRET: "secret"
DEBUG: "true"
FLASK_ENV: "development"
image: ${CI_REGISTRY_IMAGE}/integration_test:${CI_COMMIT_REF_NAME}
- /bin/bash user-panel/backend/utils/create-user.bash ${TESTUSER_USERNAME} ${TESTUSER_PASSWORD} ${TESTUSER_EMAIL} backend:5000
- /bin/bash user-panel/backend/utils/create-user.bash ${TESTUSER_USERNAME2} ${TESTUSER_PASSWORD} ${TESTUSER_EMAIL2} backend:5000
- /bin/bash user-panel/backend/utils/create-application.bash ${KEY} "Application used for testing" backend:5000
- /bin/bash user-panel/backend/utils/create-role.bash ${ROLE} backend:5000
- /bin/bash user-panel/backend/utils/grant-access.bash ${TESTUSER_USERNAME} ${KEY} backend:5000
- /bin/bash user-panel/backend/utils/assign-role.bash ${TESTUSER_USERNAME} ${ROLE} backend:5000
# Wait for 60s for hydra to become available. Then create the oauth2 client object
- while [[ $HYDRAADMINSTATUS -ne "200" && 60 -ge $TIMER ]]; do HYDRAADMINSTATUS=`curl http://hydra:4445/health/ready -o /dev/null -w "%{http_code}"` || TIMER=$TIMER+5 && sleep 5 ; done
- /bin/bash test/create-hydra-client.bash ${KEY} ${SECRET} http://hydra:4445 http://oidc:5000/callback http://oidc:5000/ http://oidc:5000/logout
- TIMER=0
- while [[ $HYDRASTATUS -ne "200" && 60 -ge $TIMER ]]; do HYDRASTATUS=`curl http://hydra:4444/health/ready -o /dev/null -w "%{http_code}"` || TIMER=$TIMER+5 && sleep 5 ; done
-D username=${TESTUSER_USERNAME}
-D username2=${TESTUSER_USERNAME2}
-D password=${TESTUSER_PASSWORD}
-D email=${TESTUSER_EMAIL}
-D role=${ROLE}
pylint-lint:
stage: lint
variables:
GIT_AUTHOR_NAME: "RUNNER"
GIT_AUTHOR_EMAIL: "runner@greenhost.net"
PYLINT_PLUGINS: "pylint_flask pylint_flask_sqlalchemy"
image: ${CI_REGISTRY_IMAGE}/pylint:${CI_COMMIT_REF_NAME}
script:
- echo "Reverting back to master to squash commits"