image: node:alpine # Use latest version of Node.js on Alpine cache: # add cache to 'node_modules' for speeding up builds paths: - node_modules/ # Node modules and dependencies variables: NODE_ENV: "production" test: before_script: - apk update && apk add git - npm install script: - npm install snyk && npm run snyk # Refer to "scripts" in package.json - npm run hexo rules: # Skip in renovate job - if: '$RENOVATE == "true"' when: never # Only trigger through push event in master branch - if: '$CI_COMMIT_REF_NAME == "master" && $CI_PIPELINE_SOURCE == "push"' when: always # Only trigger through "Run pipeline" in master branch - if: '$CI_COMMIT_REF_NAME == "master" && $CI_PIPELINE_SOURCE == "web"' when: always renovate: # Check dependency update before_script: - apk update && apk add git - npm install script: - npm install renovate - npm run renovate rules: # Only trigger when environment variable matches and through schedule in master branch - if: '$RENOVATE == "true" && $CI_COMMIT_REF_NAME == "master" && $CI_PIPELINE_SOURCE == "schedule"' when: always # Only trigger when environment variable matches and through "Run pipeline" in master branch - if: '$RENOVATE == "true" && $CI_COMMIT_REF_NAME == "master" && $CI_PIPELINE_SOURCE == "web"' when: always # # Uncomment below (and comment/remove above) lines for gitlab pages # image: node:latest # Use latest version of Node.js # pages: # cache: # add cache to 'node_modules' for speeding up builds # paths: # - node_modules/ # Node modules and dependencies # script: # - npm install -g snyk hexo-cli # - npm install # install node modules # - snyk auth $SNYK_TOKEN # - snyk protect # Apply patches to node modules # - snyk test # Check node modules for vulnerability # - hexo deploy # deploy the site. # artifacts: # paths: # - public # deploy to the 'public' folder. # only: # - master # this job will affect only the 'master' branch