Commit a7fd09f4 authored by Ahmed A's avatar Ahmed A Committed by Pierre Smeyers
Browse files

feat: add npm-outdated job

parent ca451e8c

README.md

+15 −1
Original line number Diff line number Diff line
@@ -315,6 +315,20 @@ exports.config = { 
}

```



### `ng-outdated` job



This job performs outdated analysis ([npm outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated)), to find dependencies that might be updated.



It is bound to the `test` stage.



| Input / Variable | Description                                                                                                                                                           | Default value                      |

|---------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------|

| `outdated-disabled` / `NG_OUTDATED_DISABLED` | Set to `true` to disable npm outdated job                                                                                                                                | _none_ (enabled)                   |

| `outdated-args` / `NG_OUTDATED_ARGS` | npm [outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated) arguments     | `--long`                           |

| `outdated-allow-failure` / `NG_OUTDATED_ALLOW_FAILURE` | Allow the job to fail and therefore not block the pipeline  | `true` |



The job generates an outdated report that you will find here: `NG_WORKSPACE_DIR/reports/ng-outdated.txt`.



### `ng-sbom` job



This job generates a [SBOM](https://cyclonedx.org/) file listing installed packages using [@cyclonedx/cyclonedx-npm](https://www.npmjs.com/package/@cyclonedx/cyclonedx-npm).

kicker.json

+20 −0
Original line number Diff line number Diff line
@@ -103,6 +103,26 @@ 
        }

      ]

    },

    {

      "id": "ng-outdated",

      "name": "ng-outdated",

      "description": "This job performs outdated analysis ([npm outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated)), to find dependencies that might be updated.",

      "disable_with": "NG_OUTDATED_DISABLED",

      "variables": [

        {

          "name": "NG_OUTDATED_ARGS",

          "description": "npm [outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated) arguments",

          "default": "--long"

        },

        {

          "name": "NG_OUTDATED_ALLOW_FAILURE",

          "description": "Allow the job to fail and therefore not block the pipeline",

          "type": "boolean",

          "default" : "true",

          "advanced": true

        }

      ]

    },

    {

      "id": "sbom",

      "name": "Software Bill of Materials",

templates/gitlab-ci-angular.yml

+51 −0
Original line number Diff line number Diff line
@@ -60,6 +60,17 @@ spec: 
    e2e-args:

      description: ng [e2e](https://angular.io/cli/e2e) arguments

      default: e2e

    outdated-disabled:

      description: Set to `true` to disable npm outdated job

      type: boolean

      default: false

    outdated-allow-failure:

      description: Allow the job to fail and therefore not block the pipeline

      type: boolean

      default: true

    outdated-args:

      description: npm [outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated) arguments

      default: --long

    sbom-disabled:

      description: Disable Software Bill of Materials

      type: boolean
@@ -133,6 +144,12 @@ variables: 


  NG_E2E_ARGS: $[[ inputs.e2e-args ]]



  NG_OUTDATED_DISABLED: $[[ inputs.outdated-disabled ]]



  NG_OUTDATED_ALLOW_FAILURE: $[[ inputs.outdated-allow-failure ]]

  

  NG_OUTDATED_ARGS: $[[ inputs.outdated-args ]]



  # Angular Build

  NG_BUILD_ARGS: $[[ inputs.build-args ]]
@@ -618,6 +635,7 @@ ng-build: 
#                                      test stage:                                            #

#                                        - ng-e2e                                             #

#                                        - ng-sbom                                            #

#                                        - ng-outdated                                        #

###############################################################################################

ng-e2e:

  extends: .ng-cli-base
@@ -638,6 +656,39 @@ ng-e2e: 
      when: never

    - !reference [.test-policy, rules]



# outdated

ng-outdated:

  extends: .ng-cli-base

  stage: test

  needs: []

  script:

    - |

      mkdir -p -m 777 reports

      if [[ "$DEFECTDOJO_NPMAUDIT_REPORTS" ]]

      then

        npm outdated --json $NG_OUTDATED_ARGS > reports/ng-outdated.native.json || true

      fi

    - npm outdated $NG_OUTDATED_ARGS > reports/ng-outdated.txt

    - cat reports/ng-outdated.txt

  artifacts:

    when: always

    name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"

    paths:

      - $NG_WORKSPACE_DIR/reports/ng-outdated.*

    expire_in: 1 day

  rules:

    # exclude if $ NG_OUTDATED_DISABLED set

    - if: '$NG_OUTDATED_DISABLED == "true"'

      when: never

    # on production or integration branch(es): auto & non-blocking

    - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'

      allow_failure: true

    - if: '$NG_OUTDATED_ALLOW_FAILURE=="true"'

      allow_failure: true

    # on non-production, non-integration branches: manual & non-blocking

    - when: manual

      allow_failure: true



ng-sbom:

  extends: .ng-cli-base

  stage: test