Skip to content

Commit

Permalink
Merge pull request #99 from snyk/develop
Browse files Browse the repository at this point in the history 
feat: use compressed CLI downloads and update orb [HEAD-332]
  • Loading branch information
@bastiandoetsch
bastiandoetsch authored May 30, 2023
2 parents 5f5563d + 8a829c0 commit 9ad1fa4
Show file tree
Hide file tree
Showing 3 changed files with 94 additions and 34 deletions.
70 changes: 40 additions & 30 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
version: 2.1

setup: true
orbs:
node: circleci/node@4.0.0
orb-tools: circleci/orb-tools@12.0.3
node: circleci/node@5.1.0

defaults: &defaults
docker:
- image: cimg/base:stable-20.04
- image: cimg/base:current
working_directory: ~/repo

commands:
Expand All @@ -19,50 +20,41 @@ commands:
# this succesfully installs the new cci CLI to /usr/local/bin/circleci
# however, the orig (/usr/bin/circleci) remains in the path
# so need to use the full path to circleci
which /usr/local/bin/circleci
/usr/local/bin/circleci version
/usr/local/bin/circleci

jobs:

# This renders all the relavent Orb files into a single file - packed/orb.yml
pack-orb:
<<: *defaults
untar_orb:
description: Untar the orb
steps:
- checkout
- run:
name: See files after checkout
command: |
ls -la
- install_cci_cli
- run:
name: Pack the Orb
name: Untar Orb
command: |
mkdir packed
/usr/local/bin/circleci orb pack src >> packed/orb.yml
- persist_to_workspace:
root: .
paths:
- .
- store_artifacts:
path: packed/orb.yml
TMP_SRC_DIR=$(mktemp -d)
ORB_DIR=packed
tar -xzf "orb_source.tar.gz" -C "${TMP_SRC_DIR}"
mkdir -p "${ORB_DIR}"
mv "${TMP_SRC_DIR}/"* "${ORB_DIR}/"
rm -rf "${TMP_SRC_DIR}"
jobs:
# This deploys a dev version
dev:
deploy-to-dev:
<<: *defaults
steps:
- attach_workspace:
at: ~/repo
- install_cci_cli
- untar_orb
- run:
name: Deploy dev version of Orb
command: |
dev_orb_ref="snyk/snyk@dev:${CIRCLE_BRANCH}"
echo "dev_orb_ref: ${dev_orb_ref}"
ls -Rl
/usr/local/bin/circleci orb publish packed/orb.yml $dev_orb_ref --token ${CIRCLE_TOKEN}
# This deploys a prod version with the REPLACE_ORB_VERSION rendered in the actualy Orb yaml
# and uses semantic-release to handle the versioning.
# It bases the new version of the latest git tag and the usual fix/feat/chore commit message prefixes
Expand All @@ -83,6 +75,7 @@ jobs:
echo node version: $(node --version)
echo npx version: $(npx --version)
- install_cci_cli
- untar_orb
- run:
name: See the packed Orb # make sure it's here because of the attach_workspace
command: |
Expand Down Expand Up @@ -126,18 +119,35 @@ jobs:
workflows:
btd:
jobs:
- pack-orb
- dev:
- orb-tools/pack:
orb_dir: packed
orb_file_name: orb.yml
- orb-tools/continue:
requires:
- orb-tools/pack
orb_name: snyk
orb_dir: packed
orb_file_name: orb.yml
pipeline_number: << pipeline.number >>
vcs_type: github
filters:
branches:
ignore: master
- deploy-to-dev:
context:
- orb-publishing
requires:
- pack-orb
- orb-tools/continue
filters:
branches:
ignore: master

- prod-release:
context:
- nodejs-lib-release
- orb-publishing
requires:
- pack-orb
- orb-tools/pack
filters:
branches:
only: master
49 changes: 49 additions & 0 deletions .circleci/test-deploy.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
version: 2.1
orbs:
orb-tools: circleci/orb-tools@12.0
node: circleci/node@5.1.0

# Use this tag to ensure test jobs always run,
# even though the downstream publish job will only run on release tags.
filters: &filters
tags:
only: /.*/

jobs:
installation-test:
docker:
- image: cimg/base:current
steps:
- checkout
- snyk/install
scan-test:
docker:
- image: cimg/base:current
steps:
- node/install
- run:
name: Setup test repository
command: |
git clone https://github.com/snyk-labs/nodejs-goof
cd nodejs-goof
npm install
- snyk/scan:
fail-on-issues: false
monitor-on-build: false
target-file: nodejs-goof/package.json



workflows:
test-deploy:
jobs:
# Make sure to include "filters: *filters" in every test job you want to run as part of your deployment.
- installation-test:
context:
- hammerhead-snyk-orb-snyk-creds
filters: *filters
- scan-test:
requires: [installation-test]
context:
- hammerhead-snyk-orb-snyk-creds
filters: *filters
9 changes: 5 additions & 4 deletions src/commands/install.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,11 @@ steps:
SNYK_CLI_VERSION: <<parameters.cli-version>>
command: |
if [[ -z "${SNYK_CLI_VERSION}" ]]; then
curl https://static.snyk.io/cli/latest/version > /tmp/.snyk-version
curl --compressed --retry 6 --retry-all-errors https://static.snyk.io/cli/latest/version > /tmp/.snyk-version
else
echo "${SNYK_CLI_VERSION}" >> /tmp/.snyk-version
fi
fi
cat /tmp/.snyk-version
- restore_cache:
keys:
- v0-snyk-cli-install-{{ arch }}-<<parameters.os>>-{{ checksum "/tmp/.snyk-version" }}
Expand All @@ -50,8 +51,8 @@ steps:
if [[ ! -x "/tmp/snyk" ]]; then
SNYK_CLI_VERSION=$(cat "/tmp/.snyk-version")
echo "Downloading Snyk CLI version ${SNYK_CLI_VERSION}"
curl -sO --retry 6 https://static.snyk.io/cli/v${SNYK_CLI_VERSION}/snyk-<<parameters.os>>
curl -sO --retry 6 https://static.snyk.io/cli/v${SNYK_CLI_VERSION}/snyk-<<parameters.os>>.sha256
curl -O --compressed --retry 6 --retry-all-errors https://static.snyk.io/cli/v${SNYK_CLI_VERSION}/snyk-<<parameters.os>>
curl -O --compressed --retry 6 --retry-all-errors https://static.snyk.io/cli/v${SNYK_CLI_VERSION}/snyk-<<parameters.os>>.sha256
sha256sum -c snyk-<<parameters.os>>.sha256
sudo mv snyk-<<parameters.os>> /tmp/snyk
sudo chmod +x /tmp/snyk
Expand Down

0 comments on commit 9ad1fa4

Please sign in to comment.