72 lines
2.3 KiB
YAML
72 lines
2.3 KiB
YAML
steps:
|
|
audit_dependencies:
|
|
image: node:20
|
|
environment:
|
|
DISCORD_WEBHOOK:
|
|
from_secret: discord_webhook
|
|
commands:
|
|
- npm install --package-lock-only
|
|
- npm audit --audit-level=moderate || AUDIT_EXIT=$?
|
|
- |
|
|
if [ ! -z "$AUDIT_EXIT" ]; then
|
|
echo ""
|
|
echo "=========================================="
|
|
echo "⚠️ WARNING: npm audit found vulnerabilities!"
|
|
echo "⚠️ Please review the security issues above"
|
|
echo "⚠️ Build continues despite vulnerabilities"
|
|
echo "=========================================="
|
|
echo ""
|
|
|
|
# Discord Benachrichtigung senden
|
|
if [ ! -z "$DISCORD_WEBHOOK" ]; then
|
|
curl -H "Content-Type: application/json" \
|
|
-d "{
|
|
\"embeds\": [{
|
|
\"title\": \"⚠️ npm audit Warnung\",
|
|
\"description\": \"Es wurden Sicherheitslücken in den Dependencies gefunden!\",
|
|
\"color\": 16744448,
|
|
\"fields\": [
|
|
{
|
|
\"name\": \"Repository\",
|
|
\"value\": \"Gallus_Pub\",
|
|
\"inline\": true
|
|
},
|
|
{
|
|
\"name\": \"Branch\",
|
|
\"value\": \"${CI_COMMIT_BRANCH}\",
|
|
\"inline\": true
|
|
},
|
|
{
|
|
\"name\": \"Commit\",
|
|
\"value\": \"${CI_COMMIT_SHA:0:7}\",
|
|
\"inline\": true
|
|
}
|
|
],
|
|
\"footer\": {
|
|
\"text\": \"Build läuft trotzdem durch\"
|
|
},
|
|
\"timestamp\": \"$(date -u +%Y-%m-%dT%H:%M:%S.000Z)\"
|
|
}]
|
|
}" \
|
|
"$DISCORD_WEBHOOK"
|
|
fi
|
|
else
|
|
echo "✓ No vulnerabilities found"
|
|
fi
|
|
- exit 0
|
|
when:
|
|
branch: main
|
|
event: push
|
|
|
|
deploy_frontend:
|
|
image: node:20
|
|
environment:
|
|
FLY_API_TOKEN:
|
|
from_secret: FLY_API_TOKEN
|
|
commands:
|
|
- curl -L https://fly.io/install.sh | sh
|
|
- export PATH="$HOME/.fly/bin:$PATH"
|
|
- flyctl deploy --config fly.toml --app gallus-pub --remote-only
|
|
when:
|
|
branch: main
|
|
event: push |