-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathffgolangserversdk.yaml
306 lines (301 loc) · 11.8 KB
/
ffgolangserversdk.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
pipeline:
name: ff-golang-server-sdk
identifier: ffgolangserversdk
allowStageExecutions: false
projectIdentifier: FFPipelines
orgIdentifier: Feature_Flag
description: The Feature Flag ff-golang-server-sdk CI build
tags:
SDK: ""
properties:
ci:
codebase:
connectorRef: ffsdks
repoName: ff-golang-server-sdk
build: <+input>
stages:
- stage:
name: Build
identifier: Build
type: CI
spec:
cloneCodebase: true
infrastructure:
type: KubernetesDirect
spec:
connectorRef: ffplayci
namespace: default
automountServiceAccountToken: true
nodeSelector: {}
os: Linux
execution:
steps:
- step:
type: Run
name: Submodule Init
identifier: Submodule_Init
spec:
connectorRef: DockerHub
image: golang:1.19.9
shell: Sh
command: "mkdir -p ~/.ssh\nssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts\n\ncat <<EOF >> .gitmodules\n[submodule \"tests/ff-test-cases\"]\n\tpath = tests/ff-test-cases\n\turl = https://github.com/drone/ff-test-cases.git\nEOF\n\ngit submodule update --init --recursive"
- parallel:
- step:
type: Run
name: Build and Test
identifier: Build_and_Test
spec:
connectorRef: DockerHub
image: golang:1.19.9
shell: Sh
command: |-
go install github.com/jstemmer/go-junit-report@latest
go install github.com/axw/gocov/gocov@latest
go install github.com/matm/gocov-html/cmd/[email protected]
make tools
make tidy
make generate
make build
go test -race -v -covermode=atomic -coverprofile=cover.out ./... | tee /dev/stderr | go-junit-report -set-exit-code > junit.xml
gocov convert ./cover.out | gocov-html > coverage-report.html
ls -l
reports:
type: JUnit
spec:
paths:
- junit.xml
resources:
limits:
memory: 1G
cpu: "1"
- step:
type: Run
name: Sonarqube Scan
identifier: Sonarqube_Scan
spec:
connectorRef: DockerHub
image: sonarsource/sonar-scanner-cli:latest
shell: Bash
command: |-
sonar-scanner \
-Dsonar.projectKey=harness_ff-golang-server-sdk_AYSkVwnLWr37sP7QAgtQ \
-Dsonar.sources=. \
-Dsonar.tests=. \
-Dsonar.test.inclusions=**/*_test.go \
-Dsonar.go.coverage.reportPaths=cover.out \
-Dsonar.host.url=https://sonar.harness.io \
-Dsonar.login=<+pipeline.variables.SONAR_TOKEN>
echo "View Results Here: https://sonar.harness.io/dashboard?id=harness_ff-golang-server-sdk_AYSkVwnLWr37sP7QAgtQ"
- stepGroup:
name: Testgrid image
identifier: Testgrid_image
steps:
- step:
type: GitClone
name: Clone ff-sdk-testgrid
identifier: Clone_ffsdktestgrid
spec:
connectorRef: ffsdks
repoName: ff-sdk-testgrid
cloneDirectory: ff-sdk-testgrid
build:
type: branch
spec:
branch: main
description: Get the source code for ff-sdk-testgrid so we can build the go test grid container
- step:
type: GitClone
name: Copy SDK code
identifier: Copy_SDK_code
spec:
connectorRef: ffsdks
repoName: ff-golang-server-sdk
cloneDirectory: ff-sdk-testgrid/go/ff-golang-server-sdk
build:
type: tag
spec:
tag: <+codebase.tag>
description: Copy ff-golang-server-sdk code to the docker build context
- step:
type: BuildAndPushGCR
name: Build And Push testgrid image to GCR
identifier: Build_And_Push_testgrid_image_to_GCR
spec:
connectorRef: platform205701
host: us.gcr.io
projectID: platform-205701
imageName: ff-testgrid-go
tags:
- <+codebase.tag>
dockerfile: ff-sdk-testgrid/go/Dockerfile
context: ff-sdk-testgrid/go
buildArgs:
SDK_VERSION: <+codebase.tag>
BUILD_MODE: local
when:
stageStatus: Success
condition: "!empty(<+codebase.tag>)"
- step:
type: Run
name: CVE scan
identifier: CVE_scan
spec:
connectorRef: platform205701
image: us.gcr.io/platform-205701/ff-sdk-sto-scanner:latest
shell: Bash
command: |
/run.sh
find .
envVariables:
CONTAINER_PATH_TO_SCAN: .
imagePullPolicy: Always
- parallel:
- step:
type: AquaTrivy
name: AquaTrivy ingest
identifier: AquaTrivy_inget
spec:
mode: ingestion
config: default
target:
name: AquaTrivy
type: container
variant: main
advanced:
log:
level: info
privileged: false
ingestion:
file: ./output_trivy.json
- step:
type: Owasp
name: Owasp ingest
identifier: Owasp_injest
spec:
mode: ingestion
config: default
target:
name: OWASP
type: repository
variant: main
advanced:
log:
level: info
ingestion:
file: ./output_owasp.json
- parallel:
- step:
type: GCSUpload
name: Upload Test Coverage
identifier: Upload_Test_Coverage
spec:
connectorRef: platform205701
bucket: ff-test-coverage
sourcePath: coverage-report.html
target: ff-golang-server-sdk/coverage-report.html
- step:
type: Run
name: Setup CodeCov
identifier: Setup_CodeCov
spec:
connectorRef: DockerHub
image: golang:1.18
shell: Sh
command: |-
curl -Os https://uploader.codecov.io/latest/linux/codecov
chmod +x codecov
./codecov
envVariables:
CODECOV_TOKEN: <+pipeline.variables.FF_CODECOV_TOKEN>
- step:
type: Run
name: Make Test Coverage Public
identifier: Make_Test_Coverage_Public
spec:
connectorRef: ffplay
image: us.gcr.io/ff-play-335721/ff-ci-base:latest
shell: Sh
command: |
echo <+pipeline.variables.GCR_KEY_B64> > keyfile.b64
base64 -d keyfile.b64 > keyfile.json
gcloud auth activate-service-account [email protected] --key-file=./keyfile.json
gsutil -m acl set -R -a public-read gs://ff-test-coverage/ff-golang-server-sdk
failureStrategies:
- onFailure:
errors:
- AllErrors
action:
type: Ignore
serviceDependencies:
- identifier: docker_in_docker
name: docker in docker
type: Service
spec:
connectorRef: DockerHub
image: docker:dind
- stage:
name: Publish Release Notes
identifier: Publish_Release_Notes
description: ""
type: Approval
spec:
execution:
steps:
- step:
name: Jira Create
identifier: jiraCreate
type: JiraCreate
timeout: 5m
spec:
connectorRef: HarnessJira
projectKey: FFM
issueType: Task
fields:
- name: FF Added
value: "No"
- name: NextGen
value: "Yes"
- name: Summary
value: Release Notes for <+eventPayload.release.tag_name> ff-golang-server-sdk
serviceDependencies: []
tags: {}
when:
pipelineStatus: Success
condition: <+stage.variables.release>
variables:
- name: release
type: String
default: "false"
value: <+input>.allowedValues(true,false)
- name: pull_request
type: String
description: ""
required: false
value: <+input>.allowedValues(true,false)
variables:
- name: github_token
type: Secret
value: davejohnstonffserver
- name: GCR_KEY_B64
type: Secret
description: ""
value: Platform_GCR_KEY_b64
- name: SONAR_TOKEN
type: Secret
description: ""
value: FF_SONARQUBE_TOKEN
- name: FF_CODECOV_TOKEN
type: Secret
description: ""
value: FF_CODECOV_TOKEN
notificationRules:
- name: build failed
identifier: build_failed
pipelineEvents:
- type: PipelineFailed
notificationMethod:
type: Slack
spec:
userGroups: []
webhookUrl: <+variable.FF_SDK_BUILDS_SLACK_URL>
enabled: true