-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbitbucket-pipelines.yml
82 lines (68 loc) · 2 KB
/
bitbucket-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
image: node:[YOUR NODE VERSION HERE]
definitions:
steps:
- step: &test_lint
name: Test Lint
caches:
- node
script:
[YOUR LINT SCRIPTS GOES HERE]
- step: &test_build
name: Test Build
caches:
- node
script:
[YOUR BUILD SCRIPTS GOES HERE]
- step: &snyk_security_scan
name: Snyk Security Scan # Vulnerability Scanning
caches:
- node
script:
- npm install -g snyk
- snyk auth $SNYK_TOKEN
- snyk monitor --org=$SNYK_ORG_ID --project-name=$SNYK_PROJECT_NAME --severity-threshold=low # Sends report to Snyk WebUI
- snyk test --org=$SNYK_ORG_ID --project-name=$SNYK_PROJECT_NAME --severity-threshold=low # Stops build if fails
- step: &deploy
name: Deploy
caches:
- node
script:
[YOUR DEPLOYMENT SCRIPTS GOES HERE]
pipelines:
pull-requests:
feature/*:
- step:
name: "Trigger | Pull Request: feature/*"
script:
- echo "Detected an active PULL REQUEST involving feature/* branches"
- step: *test_lint
- step: *test_build
- step: *snyk_security_scan
develop:
- step:
name: "Trigger | Pull Request: develop"
script:
- echo "Detected an active PULL REQUEST involving DEVELOP branch."
- step: *test_lint
- step: *test_build
- step: *snyk_security_scan
branches:
develop:
- step:
name: "Trigger | Merge: branch > develop"
script:
- echo "Detected a MERGE INTO DEVELOP branch."
- step: *test_lint
- step: *test_build
- step: *snyk_security_scan
main:
- step:
name: "Trigger | Merge: develop > main"
script:
- echo "Detected a MERGE INTO MAIN branch."
- step: *test_lint
- step: *test_build
- step: *snyk_security_scan
- step: *deploy
caches:
node: node_modules