From 032658e0b53f6a25e7266a687655dff628abfe1a Mon Sep 17 00:00:00 2001 From: Joshua Lambert Date: Wed, 20 Dec 2017 08:03:28 -0500 Subject: [PATCH 1/6] Update Auto DevOps template --- .../gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml | 70 +++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml index 275487071f3..c169d4eff2e 100644 --- a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml +++ b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml @@ -41,6 +41,7 @@ stages: - staging - canary - production + - performance - cleanup build: @@ -83,6 +84,21 @@ codequality: artifacts: paths: [codeclimate.json] +performance: + stage: performance + image: + name: sitespeedio/sitespeed.io:6.0.3 + entrypoint: [""] + script: + - performance + artifacts: + paths: + - performance.json + only: + refs: + - branches + kubernetes: active + sast: image: registry.gitlab.com/gitlab-org/gl-sast:latest variables: @@ -92,6 +108,19 @@ sast: - sast . artifacts: paths: [gl-sast-report.json] + +sast:image: + image: docker:latest + variables: + DOCKER_DRIVER: overlay2 + allow_failure: true + services: + - docker:dind + script: + - setup_docker + - sast_image + artifacts: + paths: [gl-sast-image-report.json] review: stage: review @@ -103,10 +132,13 @@ review: - install_tiller - create_secret - deploy + - persist_environment_url environment: name: review/$CI_COMMIT_REF_NAME url: http://$CI_PROJECT_PATH_SLUG-$CI_ENVIRONMENT_SLUG.$AUTO_DEVOPS_DOMAIN on_stop: stop_review + artifacts: + paths: [environment_url.txt] only: refs: - branches @@ -201,9 +233,12 @@ production: - create_secret - deploy - delete canary + - persist_environment_url environment: name: production url: http://$CI_PROJECT_PATH_SLUG.$AUTO_DEVOPS_DOMAIN + artifacts: + paths: [environment_url.txt] # when: manual only: refs: @@ -221,6 +256,18 @@ production: export CI_APPLICATION_TAG=$CI_COMMIT_SHA export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} export TILLER_NAMESPACE=$KUBE_NAMESPACE + + function sast_image() { + docker run -d --name db arminc/clair-db:latest + docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1 + apk add -U wget ca-certificates + docker pull ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} + wget https://github.com/arminc/clair-scanner/releases/download/v6/clair-scanner_linux_386 + mv clair-scanner_linux_386 clair-scanner + chmod +x clair-scanner + touch clair-whitelist.yml + ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-image-report.json -l clair.log -w clair-whitelist.yml ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} || true + } function codeclimate() { cc_opts="--env CODECLIMATE_CODE="$PWD" \ @@ -415,6 +462,29 @@ production: --docker-email="$GITLAB_USER_EMAIL" \ -o yaml --dry-run | kubectl replace -n "$KUBE_NAMESPACE" --force -f - } + + function performance() { + export CI_ENVIRONMENT_URL=$(cat environment_url.txt) + + mkdir gitlab-exporter + wget -O gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/10-3/index.js + + mkdir sitespeed-results + + if [ -f .gitlab-urls.txt ] + then + sed -i -e 's@^@'"$CI_ENVIRONMENT_URL"'@' .gitlab-urls.txt + /start.sh --plugins.add gitlab-exporter --outputFolder sitespeed-results .gitlab-urls.txt + else + /start.sh --plugins.add gitlab-exporter --outputFolder sitespeed-results $CI_ENVIRONMENT_URL + fi + + mv sitespeed-results/data/performance.json performance.json + } + + function persist_environment_url() { + echo $CI_ENVIRONMENT_URL > environment_url.txt + } function delete() { track="${1-stable}" From ab8138a7cc5eab87aab808f0af8a461d5c079116 Mon Sep 17 00:00:00 2001 From: Joshua Lambert Date: Wed, 20 Dec 2017 15:41:26 +0000 Subject: [PATCH 2/6] Remove SAST:Image for now. --- .../gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml | 25 ------------------- 1 file changed, 25 deletions(-) diff --git a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml index c169d4eff2e..18910a46d11 100644 --- a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml +++ b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml @@ -108,19 +108,6 @@ sast: - sast . artifacts: paths: [gl-sast-report.json] - -sast:image: - image: docker:latest - variables: - DOCKER_DRIVER: overlay2 - allow_failure: true - services: - - docker:dind - script: - - setup_docker - - sast_image - artifacts: - paths: [gl-sast-image-report.json] review: stage: review @@ -256,18 +243,6 @@ production: export CI_APPLICATION_TAG=$CI_COMMIT_SHA export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} export TILLER_NAMESPACE=$KUBE_NAMESPACE - - function sast_image() { - docker run -d --name db arminc/clair-db:latest - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1 - apk add -U wget ca-certificates - docker pull ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} - wget https://github.com/arminc/clair-scanner/releases/download/v6/clair-scanner_linux_386 - mv clair-scanner_linux_386 clair-scanner - chmod +x clair-scanner - touch clair-whitelist.yml - ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-image-report.json -l clair.log -w clair-whitelist.yml ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} || true - } function codeclimate() { cc_opts="--env CODECLIMATE_CODE="$PWD" \ From 6f01e7e3ea3e5e3c49f26ae42d0dba68141069f5 Mon Sep 17 00:00:00 2001 From: Joshua Lambert Date: Wed, 20 Dec 2017 08:03:28 -0500 Subject: [PATCH 3/6] Update Auto DevOps template --- .../gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml | 70 +++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml index 275487071f3..c169d4eff2e 100644 --- a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml +++ b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml @@ -41,6 +41,7 @@ stages: - staging - canary - production + - performance - cleanup build: @@ -83,6 +84,21 @@ codequality: artifacts: paths: [codeclimate.json] +performance: + stage: performance + image: + name: sitespeedio/sitespeed.io:6.0.3 + entrypoint: [""] + script: + - performance + artifacts: + paths: + - performance.json + only: + refs: + - branches + kubernetes: active + sast: image: registry.gitlab.com/gitlab-org/gl-sast:latest variables: @@ -92,6 +108,19 @@ sast: - sast . artifacts: paths: [gl-sast-report.json] + +sast:image: + image: docker:latest + variables: + DOCKER_DRIVER: overlay2 + allow_failure: true + services: + - docker:dind + script: + - setup_docker + - sast_image + artifacts: + paths: [gl-sast-image-report.json] review: stage: review @@ -103,10 +132,13 @@ review: - install_tiller - create_secret - deploy + - persist_environment_url environment: name: review/$CI_COMMIT_REF_NAME url: http://$CI_PROJECT_PATH_SLUG-$CI_ENVIRONMENT_SLUG.$AUTO_DEVOPS_DOMAIN on_stop: stop_review + artifacts: + paths: [environment_url.txt] only: refs: - branches @@ -201,9 +233,12 @@ production: - create_secret - deploy - delete canary + - persist_environment_url environment: name: production url: http://$CI_PROJECT_PATH_SLUG.$AUTO_DEVOPS_DOMAIN + artifacts: + paths: [environment_url.txt] # when: manual only: refs: @@ -221,6 +256,18 @@ production: export CI_APPLICATION_TAG=$CI_COMMIT_SHA export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} export TILLER_NAMESPACE=$KUBE_NAMESPACE + + function sast_image() { + docker run -d --name db arminc/clair-db:latest + docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1 + apk add -U wget ca-certificates + docker pull ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} + wget https://github.com/arminc/clair-scanner/releases/download/v6/clair-scanner_linux_386 + mv clair-scanner_linux_386 clair-scanner + chmod +x clair-scanner + touch clair-whitelist.yml + ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-image-report.json -l clair.log -w clair-whitelist.yml ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} || true + } function codeclimate() { cc_opts="--env CODECLIMATE_CODE="$PWD" \ @@ -415,6 +462,29 @@ production: --docker-email="$GITLAB_USER_EMAIL" \ -o yaml --dry-run | kubectl replace -n "$KUBE_NAMESPACE" --force -f - } + + function performance() { + export CI_ENVIRONMENT_URL=$(cat environment_url.txt) + + mkdir gitlab-exporter + wget -O gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/10-3/index.js + + mkdir sitespeed-results + + if [ -f .gitlab-urls.txt ] + then + sed -i -e 's@^@'"$CI_ENVIRONMENT_URL"'@' .gitlab-urls.txt + /start.sh --plugins.add gitlab-exporter --outputFolder sitespeed-results .gitlab-urls.txt + else + /start.sh --plugins.add gitlab-exporter --outputFolder sitespeed-results $CI_ENVIRONMENT_URL + fi + + mv sitespeed-results/data/performance.json performance.json + } + + function persist_environment_url() { + echo $CI_ENVIRONMENT_URL > environment_url.txt + } function delete() { track="${1-stable}" From 06175be1a646a7f9a531239079e7350847443ef1 Mon Sep 17 00:00:00 2001 From: Joshua Lambert Date: Wed, 20 Dec 2017 15:41:26 +0000 Subject: [PATCH 4/6] Remove SAST:Image for now. --- .../gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml | 25 ------------------- 1 file changed, 25 deletions(-) diff --git a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml index c169d4eff2e..18910a46d11 100644 --- a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml +++ b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml @@ -108,19 +108,6 @@ sast: - sast . artifacts: paths: [gl-sast-report.json] - -sast:image: - image: docker:latest - variables: - DOCKER_DRIVER: overlay2 - allow_failure: true - services: - - docker:dind - script: - - setup_docker - - sast_image - artifacts: - paths: [gl-sast-image-report.json] review: stage: review @@ -256,18 +243,6 @@ production: export CI_APPLICATION_TAG=$CI_COMMIT_SHA export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} export TILLER_NAMESPACE=$KUBE_NAMESPACE - - function sast_image() { - docker run -d --name db arminc/clair-db:latest - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1 - apk add -U wget ca-certificates - docker pull ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} - wget https://github.com/arminc/clair-scanner/releases/download/v6/clair-scanner_linux_386 - mv clair-scanner_linux_386 clair-scanner - chmod +x clair-scanner - touch clair-whitelist.yml - ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-image-report.json -l clair.log -w clair-whitelist.yml ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} || true - } function codeclimate() { cc_opts="--env CODECLIMATE_CODE="$PWD" \ From 3deb4e694d4dc68cf9d9548f9c101876fea4fdad Mon Sep 17 00:00:00 2001 From: Joshua Lambert Date: Thu, 21 Dec 2017 10:16:53 -0500 Subject: [PATCH 5/6] Add docs for AutoDevOps --- doc/topics/autodevops/index.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md index 0b48596006d..4056469e6c4 100644 --- a/doc/topics/autodevops/index.md +++ b/doc/topics/autodevops/index.md @@ -20,6 +20,7 @@ project in an easy and automatic way: 1. [Auto Test](#auto-test) 1. [Auto Code Quality](#auto-code-quality) 1. [Auto SAST (Static Application Security Testing)](#auto-sast) +1. [Auto Browser Performance Testing](#auto-browser-performance-testing) 1. [Auto Review Apps](#auto-review-apps) 1. [Auto Deploy](#auto-deploy) 1. [Auto Monitoring](#auto-monitoring) @@ -215,6 +216,20 @@ check out. Any security warnings are also [shown in the merge request widget](https://docs.gitlab.com/ee/user/project/merge_requests/sast.html). +### Auto Browser Performance Testing + +> Introduced in [GitLab Enterprise Edition Premium][ee] 10.3. + +Auto Browser Performance Testing utilizes the [Sitespeed.io container](https://hub.docker.com/r/sitespeedio/sitespeed.io/) to measure the performance of a web page. A JSON report is created and uploaded as an artifact, which includes the overall performance score for each page. By default, the root page of Review and Production environments will be tested. If you would like to add additional URL's to test, simply add the paths to a file named `.gitlab-urls.txt` in the root directory, one per line. For example: + +``` +/ +/features +/direction +``` + +In GitLab Enterprise Edition Premium, performance differences between the source and target branches are [shown in the merge request widget](https://docs.gitlab.com/ee/user/project/merge_requests/browser_performance_testing.html). + ### Auto Review Apps NOTE: **Note:** From 5be9a521df57d8dba6c4520220fe5f8a6a001dfa Mon Sep 17 00:00:00 2001 From: Joshua Lambert Date: Thu, 21 Dec 2017 19:51:53 +0000 Subject: [PATCH 6/6] Set Auto Browser Performance Testing to 10.4 --- doc/topics/autodevops/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md index 4056469e6c4..7863252dc17 100644 --- a/doc/topics/autodevops/index.md +++ b/doc/topics/autodevops/index.md @@ -218,7 +218,7 @@ Any security warnings are also [shown in the merge request widget](https://docs. ### Auto Browser Performance Testing -> Introduced in [GitLab Enterprise Edition Premium][ee] 10.3. +> Introduced in [GitLab Enterprise Edition Premium][ee] 10.4. Auto Browser Performance Testing utilizes the [Sitespeed.io container](https://hub.docker.com/r/sitespeedio/sitespeed.io/) to measure the performance of a web page. A JSON report is created and uploaded as an artifact, which includes the overall performance score for each page. By default, the root page of Review and Production environments will be tested. If you would like to add additional URL's to test, simply add the paths to a file named `.gitlab-urls.txt` in the root directory, one per line. For example: