From 7b3cc6d0b1a926a9b11334f6c229986472c56c2c Mon Sep 17 00:00:00 2001 From: Sven Aas Date: Tue, 7 May 2024 11:00:24 -0400 Subject: [PATCH] Add audit-dependencies to pipeline.yml --- ci/pipeline.yml | 59 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/ci/pipeline.yml b/ci/pipeline.yml index 3d135b5..a19fc14 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -215,6 +215,65 @@ jobs: username: ((slack-username)) icon_url: ((slack-icon-url)) + - name: audit-dependencies + plan: + - get: src + resource: pr-((git-branch)) + trigger: true + passed: [set-pipeline] + + - put: src + resource: pr-((git-branch)) + params: + path: src + status: pending + base_context: concourse + context: audit-dependencies + + - task: pip-audit + config: + <<: *python-image + inputs: [name: src] + outputs: [name: src] + run: + dir: src + path: ci/tasks/pip-audit.sh + + on_failure: + in_parallel: + - put: src + resource: pr-((git-branch)) + params: + path: src + status: failure + base_context: concourse + context: audit-dependencies + - put: slack + params: + text: | + :x: FAILED: pages build container dependency audit on ((git-branch)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"&vars.git-branch="((git-branch))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) + + on_success: + in_parallel: + - put: src + resource: pr-((git-branch)) + params: + path: src + status: success + base_context: concourse + context: audit-dependencies + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully passed pages build container dependency audit on ((git-branch)) + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) + ############################ # RESOURCES