docker-reactjs/buildspec.yml at master · DevOps9-debug/docker-reactjs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
version: 0.2
phases:
  install:
    commands:
      - echo "Install Phase - Installing dependencies"
      - pip3 install -q awscli --upgrade --user
      - pip3 install boto3
      - apt-get update && apt-get install -y jq
      - wget -qO /tmp/sonar-scanner.zip "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.7.0.2747-linux.zip"
      - unzip -q /tmp/sonar-scanner.zip -d /tmp

  pre_build:
    commands:
      - npm install -g snyk@latest
      - snyk auth $SNYK_TOKEN
      - npm install
      - snyk test || true
      - snyk monitor --org=1226e436-a544-4db3-8eaf-6177bd464474
      - echo "Start SonarQube code scan..."
      - /tmp/sonar-scanner-4.7.0.2747-linux/bin/sonar-scanner -Dsonar.projectKey=$SONAR_QUBE_PROJECT -Dsonar.sources=. -Dsonar.host.url=$SONAR_QUBE_URL -Dsonar.login=$SONAR_QUBE_KEY
      - sleep 7
      - "curl -s -u $SONAR_QUBE_KEY: $SONAR_QUBE_URL/api/qualitygates/project_status?projectKey=$SONAR_QUBE_PROJECT > /tmp/result.json"
      - if [ "$(jq -r '.projectStatus.status' /tmp/result.json)" = "ERROR" ] || [ "$(jq -r '.projectStatus.status' /tmp/result.json)" = "FAILED" ]; then CODEBUILD_BUILD_SUCCEEDING=0; fi
      - echo "SonarQube code scan completed on `date`"
      - if [ "$CODEBUILD_BUILD_SUCCEEDING" -eq 0 ]; then exit 1; fi
      - echo "Update Image tag in kube-manifest..."
      - sed -i 's@CONTAINER_IMAGE@'"$REPOSITORY_URI:latest"'@' kube-manifests/01-DEVOPS-Nginx-Deployment.yml
      - echo "Login in to Amazon ECR..."
      - aws ecr get-login-password --region ca-central-1 | docker login --username AWS --password-stdin 242236232945.dkr.ecr.ca-central-1.amazonaws.com
      - export KUBECONFIG=$HOME/.kube/config

  build:
    commands:
      - docker build --tag $REPOSITORY_URI:latest .

  post_build:
    commands:
      - echo "Build completed on `date`"
      - echo "Pushing the Docker image..."
      - docker push $REPOSITORY_URI:latest
      # - echo "Setting AWS CLI environment variables"
      # - export AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID}"
      # - export AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY}"
      # - export AWS_SESSION_TOKEN="$(echo ${CREDENTIALS} | jq -r '.Credentials.SessionToken')"
      # - export AWS_EXPIRATION=$(echo ${CREDENTIALS} | jq -r '.Credentials.Expiration')
      # - aws sts assume-role --role-arn arn:aws:iam::242236232945:role/EksCodeBuildKubectlRole --role-session-name codebuild-service-role --duration-seconds 900
      # - echo "Update Kube Config"
      # - aws eks update-kubeconfig --name $EKS_CLUSTER_NAME
      # - kubectl apply -f kube-manifests/
      # - printf '[{"name":"01-DEVOPS-Nginx-Deployment.yml","imageUri":"%s"}]' $REPOSITORY_URI:latest > build.json
      # - kubectl delete pods -l app=my-app