-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudbuild.yaml
59 lines (53 loc) · 1.76 KB
/
cloudbuild.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
steps:
# Let Git recognize "/workspace" as a safe directory, otherwise it would throw the following error
# Error: failed to get git context: exit status 128
# -- git output --
# fatal: detected dubious ownership in repository at '/workspace'
# To add an exception for this directory, call:
# git config --global --add safe.directory /workspace
- name: 'gcr.io/cloud-builders/git'
entrypoint: 'bash'
args: ['-c', 'git config --global --add safe.directory /workspace']
id: 'Configure Git'
# Authenticate the service account with GCP to have access to the Artifact Registry to download private packages
- name: 'node:lts'
waitFor: ['Configure Git']
entrypoint: npx
args: ['google-artifactregistry-auth']
id: 'Authenticate'
- name: 'node:lts'
waitFor: ['Authenticate']
entrypoint: npm
args: ['install', '--force']
id: 'Install'
- name: 'node:lts'
waitFor: ['Install']
entrypoint: npm
args: ['run', 'build']
id: 'Build'
# Scan the application on CWE's
- name: 'bearer/bearer'
waitFor: ['Install']
entrypoint: bearer
args: ['scan', './src']
id: 'Scan'
# Download the Firebase tool package in a container
- name: 'gcr.io/cloud-builders/wget'
waitFor: ['Install']
args:
- '--quiet'
- '-O'
- 'firebase'
- 'https://firebase.tools/bin/linux/latest'
id: 'Download Firebase'
# Change the rights to the tool through chmod & deploy the project with Firebase
- name: 'debian:11'
waitFor: ['Download Firebase', 'Scan', 'Build']
args:
- 'bash'
- '-c'
- |
mv firebase /tmp
chmod 755 /tmp/firebase
/tmp/firebase deploy --project ${PROJECT_ID} --non-interactive -m "Build ${BUILD_ID}" --debug
id: 'Deploy to Firebase'