.circleci/config.yml
version: 2.1
default-python-node: &default-python-node
image: cimg/python:3.6.14
environment:
CC_TEST_REPORTER_ID: b267008efa014a2c3a1ed266efebeb68bad762a948a54a443b4de581a92c45b0
COMPOSE_FILE_NAME: circleci-docker-compose.yml
DJANGO_SECRET_KEY: ci_secret_key
default-oracle-node: &default-oracle-node
image: mjoyce91/oracle193db:fast
jobs:
build:
docker:
- *default-python-node
- *default-oracle-node
steps:
- checkout
- setup_remote_docker
- restore_cache:
key: deps3-{{ .Branch }}-{{ checksum "requirements.txt" }}
- run:
command: |
python3 -m venv venv
. venv/bin/activate
pip install -r requirements.txt
pip install -r requirements-no-deps.txt --no-dependencies
- save_cache:
key: deps3-{{ .Branch }}-{{ checksum "requirements.txt" }}
paths:
- "venv"
bandit:
docker:
- *default-python-node
steps:
- checkout
- restore_cache:
key: deps3-{{ .Branch }}-{{ checksum "requirements.txt" }}
- run:
command: |
python3 -m venv venv
. venv/bin/activate
pip install -r requirements.txt
pip install -r requirements-no-deps.txt --no-dependencies
- run:
command: |
. venv/bin/activate
bandit -f txt -o bandit_results.txt -r .
- store_artifacts:
path: bandit_results.txt
destination: bandit/bandit_results.txt
pytest:
docker:
- *default-python-node
- *default-oracle-node
steps:
- checkout
- setup_remote_docker
- run: curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
- run: chmod +x ./cc-test-reporter
- run: chmod +x ./wait-for-oracle.sh
- run: ./cc-test-reporter before-build
- restore_cache:
key: deps3-{{ .Branch }}-{{ checksum "requirements.txt" }}
- run:
name: pip install
command: |
python3 -m venv venv
. venv/bin/activate
pip install -r requirements.txt
pip install -r requirements-no-deps.txt --no-dependencies
- run:
name: Install SQLPlus
command: |
cd /opt
sudo mkdir oracle
cd ./oracle
sudo apt-get update && sudo apt-get install -y libaio1 wget unzip
sudo wget https://download.oracle.com/otn_software/linux/instantclient/19800/instantclient-basiclite-linux.x64-19.8.0.0.0dbru.zip
sudo wget https://download.oracle.com/otn_software/linux/instantclient/19800/instantclient-sqlplus-linux.x64-19.8.0.0.0dbru.zip
sudo wget https://download.oracle.com/otn_software/linux/instantclient/19800/instantclient-sdk-linux.x64-19.8.0.0.0dbru.zip
sudo unzip instantclient-basiclite-linux.x64-19.8.0.0.0dbru.zip
sudo unzip instantclient-sqlplus-linux.x64-19.8.0.0.0dbru.zip
sudo unzip instantclient-sdk-linux.x64-19.8.0.0.0dbru.zip
sudo rm -f instantclient-basiclite-linux.x64-19.8.0.0.0dbru.zip
sudo rm -f instantclient-sqlplus-linux.x64-19.8.0.0.0dbru.zip
sudo rm -f instantclient-sdk-linux.x64-19.8.0.0.0dbru.zip
cd /opt/oracle/instantclient*
sudo rm -f *jdbc* *occi* *mysql* *README *jar uidrvci genezi adrci
cd /etc/ld.so.conf.d
sudo touch oracle-instantclient.conf
sudo tee oracle-instantclient.conf \<<<"/opt/oracle/instantclient_19_8"
cd /opt/oracle/instantclient*
sudo ldconfig
- run:
name: Create Oracle user
command: |
./wait-for-oracle.sh 127.0.0.1:1521/oraclesid sys oraclepwd 'as sysdba'
./create-oracle-user.sh 127.0.0.1:1521/oraclesid sys oraclepwd 'as sysdba'
- run:
name: Wait for Oracle
command: |
./wait-for-oracle.sh 127.0.0.1:1521/oraclepdb talentmap1 talentmap1 "" true
- run:
name: Python Test Coverage
command: |
. venv/bin/activate
pytest --cov=. --cov-report xml:./coverage.xml
environment:
# DATABASE_URL: postgresql://root:@127.0.0.1:5432/circle_test
DATABASE_URL: 127.0.0.1:1521/oraclepdb
DATABASE_USER: talentmap1
DATABASE_PW: talentmap1
DJANGO_LOG_DIRECTORY: ./
- run: ./cc-test-reporter after-build -t coverage.py --exit-code $?
- store_artifacts:
path: coverage.xml
destination: pytest-cov/coverage.xml
dependencies:
docker:
- *default-python-node
steps:
- checkout
- restore_cache:
key: deps3-{{ .Branch }}-{{ checksum "requirements.txt" }}
- run:
command: |
python3 -m venv venv
. venv/bin/activate
mkdir ./tmp-pip
pip install -r requirements.txt -t ./tmp-pip
pip install -r requirements-no-deps.txt --no-dependencies -t ./tmp-pip
cd ./tmp-pip
zip -r ../talentmap-api-dependencies.zip * .[^.]*
- store_artifacts:
path: talentmap-api-dependencies.zip
destination: talentmap-api-dependencies.zip
pylint:
docker:
- *default-python-node
steps:
- checkout
- restore_cache:
key: deps3-{{ .Branch }}-{{ checksum "requirements.txt" }}
- run:
command: |
python3 -m venv venv
. venv/bin/activate
pip install -r requirements.txt
pip install -r requirements-no-deps.txt --no-dependencies
- run:
name: pylint
command: |
. venv/bin/activate
pylint ./talentmap_api/ --rcfile=./.pylintrc --output-format=text || pylint-exit --error-fail $?
zap:
docker:
- *default-python-node
steps:
- checkout
- run: chmod +x wait-for-oracle.sh
- run:
name: Initialize Dummy Data Container
command: |
docker-compose -f $COMPOSE_FILE_NAME create data
docker cp . data:/app
- run:
name: Migrate DB
command: |
docker-compose -f $COMPOSE_FILE_NAME \
run app bash -c \
"./wait-for-oracle.sh oracle && python manage.py migrate"
- run:
name: Start Server
command: docker-compose -f $COMPOSE_FILE_NAME up -d
- run:
name: Run ZAP
command: |
docker run --name zap --network container:app \
-v /zap/wrk/ \
-t owasp/zap2docker-weekly \
zap-api-scan.py -d -f openapi \
-t http://app:8000/?format=openapi \
-w "zap_results.md" \
-z "-Xmx4g"
- run:
name: Pull results from container
command: docker cp zap:/zap/wrk/zap_results.md zap_results.md
- store_artifacts:
path: zap_results.md
destination: zap/zap_results.md
workflows:
build_and_test:
jobs:
- build
- pylint
- bandit:
requires:
- build
- pytest:
requires:
- build
- dependencies:
requires:
- build
- zap:
filters:
tags:
only: /^zap.*/
branches:
ignore: /.*/