forked from andresriancho/w3af
-
Notifications
You must be signed in to change notification settings - Fork 0
/
circle.yml
144 lines (114 loc) · 5.79 KB
/
circle.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
#
# This file is used to configure the continuous integration for w3af
# see http://w3af.org/how-w3af-uses-continuous-integration-to-improve
#
# As a user you don't need to understand this file.
#
machine:
services:
- docker
python:
version: 2.7.3
post:
# This was required to avoid issues with different builds of python being
# used between the gtk libs installed in /usr/lib/python2.7/dist-packages/
# and the python which was put inside my virtualenv
- pyenv global system
checkout:
post:
# Since the auto_update feature needs the git repository history, we run
# this command which will retrieve it (since CircleCI doesn't for perf).
# In our case it is fine, and it will get cached.
- if [[ -e .git/shallow ]]; then git fetch --unshallow; fi
dependencies:
cache_directories:
# These are inside the w3af directory
- "xpresser"
pre:
- docker info
- docker version
- docker images
- sudo apt-get update
- sudo apt-get install -y python-gtksourceview2 python-gtk2 gir1.2-notify-0.7 python-pyatspi2
python-dbus python-pygame python-opencv python-scipy python-numpy
stunnel4 libffi-dev tcpdump joe python-webkit
# ClamAV installation for grep.clamav testing
- sudo apt-get install clamav-daemon clamav-freshclam clamav-unofficial-sigs
- sudo service clamav-daemon start
# Install the core/console dependencies
- pip install --upgrade pip
- w3af/core/controllers/ci/install_scripts/install_core_dependencies.sh
# Install GUI dependencies
- w3af/core/controllers/ci/install_scripts/install_gui_dependencies.sh
# Link the GUI stuff to the venv
- w3af/core/controllers/ci/install_scripts/install_c_extensions_venv.sh
# Install the test dependencies
- w3af/core/controllers/ci/install_scripts/install_test_dependencies.sh
# Run the test servers/dependencies
- cd w3af/tests/ && docker-compose up -d
- w3af/tests/add-test-routes.sh
post:
- pip --version
- pip freeze
test:
override:
- w3af/core/controllers/ci/nosetests_wrapper/main.py:
timeout: 360
- nosetests w3af/core/data/constants/tests/test_vulns.py:TestVulnsConstants.test_vuln_updated
# Dump the container logs for debugging
- for c in `docker ps -q`; do docker logs $c > $CIRCLE_ARTIFACTS/docker-$c.log; done
# https://bitbucket.org/ned/coveragepy/issue/282/coverage-combine-consumes-a-lot-of-memory
# post:
# - coverage combine
# - coveralls
deployment:
production:
branch: master
owner: andresriancho
commands:
# Save docker hub credentials to file
- sed "s/<EMAIL>/$DOCKER_EMAIL/;s/<AUTH>/$DOCKER_AUTH/" < extras/docker/dockercfg.template > ~/.dockercfg
# Note the master in the URLs
- "curl --header 'Content-Type: application/json' --request POST https://circleci.com/api/v1/project/andresriancho/w3af-module/tree/master?circle-token=$W3AF_MODULE_TOKEN"
- "curl --header 'Content-Type: application/json' --request POST https://circleci.com/api/v1/project/andresriancho/w3af-kali-ci/tree/master?circle-token=$W3AF_KALI_TOKEN"
- "curl --header 'Content-Type: application/json' --request POST https://circleci.com/api/v1/project/andresriancho/w3af-api-client/tree/master?circle-token=$W3AF_API_CLIENT_TOKEN"
# Nasty hack required for docker cache sanity: Because we get a new clone
# of the repo, timestamps don't correspond any more to when the file was
# last changed. To rectify this, first set everything to a timestamp in
# the past and then update the timestamp for all git-tracked files based
# on their last committed change.
#
# This takes ~1min to run, so we're doing it here in order to run it only
# when the build is successful AND we're in master/develop where it's
# really needed
- find . -exec touch -t 201401010000 {} \;
- for x in $(git ls-tree --full-tree --name-only -r HEAD); do touch -t $(date -d "$(git log -1 --format=%ci "${x}")" +%y%m%d%H%M.%S) "${x}"; done
- docker pull andresriancho/w3af:latest; true
- ./docker-build.sh master:
pwd: extras/docker/
- docker push andresriancho/w3af:latest
- w3af/core/controllers/ci/circleci/trigger-w3af-api-build.py
staging:
branch: develop
owner: andresriancho
commands:
# Save docker hub credentials to file
- sed "s/<EMAIL>/$DOCKER_EMAIL/;s/<AUTH>/$DOCKER_AUTH/" < extras/docker/dockercfg.template > ~/.dockercfg
# Note the develop in the URLs
- "curl --header 'Content-Type: application/json' --request POST https://circleci.com/api/v1/project/andresriancho/w3af-module/tree/develop?circle-token=$W3AF_MODULE_TOKEN"
- "curl --header 'Content-Type: application/json' --request POST https://circleci.com/api/v1/project/andresriancho/w3af-api-client/tree/develop?circle-token=$W3AF_API_CLIENT_TOKEN"
# Nasty hack required for docker cache sanity: Because we get a new clone
# of the repo, timestamps don't correspond any more to when the file was
# last changed. To rectify this, first set everything to a timestamp in
# the past and then update the timestamp for all git-tracked files based
# on their last committed change.
#
# This takes ~1min to run, so we're doing it here in order to run it only
# when the build is successful AND we're in master/develop where it's
# really needed
- find . -exec touch -t 201401010000 {} \;
- for x in $(git ls-tree --full-tree --name-only -r HEAD); do touch -t $(date -d "$(git log -1 --format=%ci "${x}")" +%y%m%d%H%M.%S) "${x}"; done
- docker pull andresriancho/w3af:develop; true
- ./docker-build.sh develop:
pwd: extras/docker/
- w3af/core/controllers/ci/circleci/trigger-w3af-api-build.py