Created
May 9, 2019 09:41
-
-
Save lnikell/b7caff94900bddf1a71f9e4543ecc787 to your computer and use it in GitHub Desktop.
automated-npm-packages-fixes-drone-yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kind: pipeline | |
name: default | |
steps: | |
- name: build | |
image: plugins/docker | |
settings: | |
repo: registry.pixelpoint.io/example.com | |
registry: registry.pixelpoint.io | |
tag: [ "${DRONE_COMMIT_BRANCH}" ] | |
build_args: | |
- NODE_ENV=production | |
username: | |
from_secret: docker_username | |
password: | |
from_secret: docker_password | |
when: | |
branch: master | |
event: push | |
trigger: | |
cron: | |
exclude: [ daily, weekly ] | |
--- | |
kind: pipeline | |
name: npm audit | |
steps: | |
- name: audit | |
image: node:10-alpine | |
commands: | |
- set -o pipefail && npm audit --force 2>&1 | tee audit.log | |
- name: audit fix | |
image: node:10-alpine | |
commands: | |
- npm audit fix | |
when: | |
status: | |
- failure | |
- name: create_fix_pr | |
image: lnikell/github-hub:2.11.2 | |
environment: | |
GITHUB_TOKEN: | |
from_secret: github_token | |
commands: | |
- git config --global user.email "lnikell@gmail.com" | |
- git config --global user.name "drone" | |
- git checkout -b drone/npm-audit-fix-${DRONE_BUILD_NUMBER} | |
- git add package.json package-lock.json | |
- git commit -m 'npm audit fix' | |
- git push origin drone/npm-audit-fix-${DRONE_BUILD_NUMBER} | |
- hub pull-request -m "[Security] NPM Audit Fix" -m "$(cat audit.log | tail -2)" -m "${DRONE_BUILD_LINK}" | |
when: | |
status: | |
- failure | |
- name: slack_notification | |
image: plugins/slack | |
settings: | |
webhook: https://hooks.slack.com/services/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 | |
template: > | |
NPN detected vulnerable packages at *{{repo.name}}* for *{{build.branch}}* branch. | |
Report available by the link {{build.link}} | |
when: | |
status: | |
- failure | |
--- | |
kind: pipeline | |
name: npm outdated | |
steps: | |
- name: outdated | |
image: node:10-alpine | |
commands: | |
- npm outdated | |
- name: slack_notification | |
image: plugins/slack | |
settings: | |
webhook: https://hooks.slack.com/services/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 | |
template: > | |
NPN detected outdated packages at *{{repo.name}}* for *{{build.branch}}* branch. | |
Report available by the link {{build.link}} | |
when: | |
status: | |
- failure | |
trigger: | |
cron: [ weekly ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment