diff options
Diffstat (limited to '.gitlab/ci')
21 files changed, 1303 insertions, 485 deletions
diff --git a/.gitlab/ci/_skip.yml b/.gitlab/ci/_skip.yml new file mode 100644 index 00000000000..27a3ff5b836 --- /dev/null +++ b/.gitlab/ci/_skip.yml @@ -0,0 +1,11 @@ +# no-op pipeline template for skipping whole child pipeline execution + +no-op: + image: ${GITLAB_DEPENDENCY_PROXY}alpine:latest + stage: test + variables: + GIT_STRATEGY: none + script: + - echo "${SKIP_MESSAGE:-no-op run, nothing will be executed!}" + rules: + - when: always diff --git a/.gitlab/ci/build-images.gitlab-ci.yml b/.gitlab/ci/build-images.gitlab-ci.yml index 3b360d66b7f..1b041c9af38 100644 --- a/.gitlab/ci/build-images.gitlab-ci.yml +++ b/.gitlab/ci/build-images.gitlab-ci.yml @@ -2,15 +2,11 @@ extends: .use-kaniko variables: GIT_LFS_SKIP_SMUDGE: 1 - script: - - scripts/checkout-mr-source-sha retry: 2 # This image is used by: # - The `review-qa-*` jobs -# - The downstream `omnibus-gitlab-mirror` pipeline triggered by `package-and-qa` so that it doesn't have to rebuild it again. -# The downstream `omnibus-gitlab-mirror` pipeline itself passes the image name to the `gitlab-qa-mirror` pipeline so that -# it can use it instead of inferring an end-to-end imag from the GitLab image built by the downstream `omnibus-gitlab-mirror` pipeline. +# - The `e2e:package-and-test` child pipeline test stage jobs # See https://docs.gitlab.com/ee/development/testing_guide/end_to_end/index.html#testing-code-in-merge-requests for more details. build-qa-image: extends: @@ -19,15 +15,23 @@ build-qa-image: stage: build-images needs: [] script: - - !reference [.base-image-build, script] + # Tag with commit SHA by default + - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_SHA}" + # For branches, tag with slugified branch name. For tags, use the tag directly + - export QA_IMAGE_BRANCH="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_TAG:-$CI_COMMIT_REF_SLUG}" + # Auto-deploy tag format uses first 12 letters of commit SHA. Tag with that + # reference also + - export QA_IMAGE_FOR_AUTO_DEPLOY="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_SHA:0:11}" - echo $QA_IMAGE - echo $QA_IMAGE_BRANCH + - echo $QA_IMAGE_FOR_AUTO_DEPLOY - | /kaniko/executor \ --context=${CI_PROJECT_DIR} \ --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile \ --destination=${QA_IMAGE} \ --destination=${QA_IMAGE_BRANCH} \ + --destination=${QA_IMAGE_FOR_AUTO_DEPLOY} \ --build-arg=CHROME_VERSION=${CHROME_VERSION} \ --build-arg=DOCKER_VERSION=${DOCKER_VERSION} \ --build-arg=QA_BUILD_TARGET=${QA_BUILD_TARGET:-qa} \ @@ -35,7 +39,7 @@ build-qa-image: # This image is used by: # - The `CNG` pipelines (via the `review-build-cng` job): https://gitlab.com/gitlab-org/build/CNG/-/blob/cfc67136d711e1c8c409bf8e57427a644393da2f/.gitlab-ci.yml#L335 -# - The `omnibus-gitlab` pipelines (via the `package-and-qa` job): https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/dfd1ad475868fc84e91ab7b5706aa03e46dc3a86/.gitlab-ci.yml#L130 +# - The `omnibus-gitlab` pipelines (via the `e2e:package-and-test` job): https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/dfd1ad475868fc84e91ab7b5706aa03e46dc3a86/.gitlab-ci.yml#L130 build-assets-image: extends: - .base-image-build @@ -43,7 +47,6 @@ build-assets-image: stage: build-images needs: ["compile-production-assets"] script: - - !reference [.base-image-build, script] # TODO: Change the image tag to be the MD5 of assets files and skip image building if the image exists # We'll also need to pass GITLAB_ASSETS_TAG to the trigerred omnibus-gitlab pipeline similarly to how we do it for trigerred CNG pipelines # https://gitlab.com/gitlab-org/gitlab/issues/208389 diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 3af156e9bd0..7e157171183 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -44,7 +44,7 @@ docs-lint markdown: - .default-retry - .docs:rules:docs-lint # When updating the image version here, update it in /scripts/lint-doc.sh too. - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.16-vale-2.17.0-markdownlint-0.31.1 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.16-vale-2.20.1-markdownlint-0.32.2 stage: lint needs: [] script: diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 1d0218f4bd7..3bd65b565e4 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -18,6 +18,7 @@ # Disable warnings in browserslist which can break on backports # https://github.com/browserslist/browserslist/blob/a287ec6/node.js#L367-L384 BROWSERSLIST_IGNORE_OLD_DATA: "true" + WEBPACK_COMPILE_LOG_PATH: "tmp/webpack-output.log" stage: prepare script: - *yarn-install @@ -31,7 +32,6 @@ compile-production-assets: variables: NODE_ENV: "production" RAILS_ENV: "production" - WEBPACK_REPORT: "true" artifacts: name: webpack-report expire_in: 31d @@ -40,10 +40,9 @@ compile-production-assets: # - in `build-assets-image` job to create assets image for packaging systems # - GitLab UI for integration tests: https://gitlab.com/gitlab-org/gitlab-ui/-/blob/e88493b3c855aea30bf60baee692a64606b0eb1e/.storybook/preview-head.pug#L1 - public/assets/ - - webpack-report/ + - "${WEBPACK_COMPILE_LOG_PATH}" when: always before_script: - - scripts/checkout-mr-source-sha - !reference [.default-before_script, before_script] after_script: - rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here @@ -57,6 +56,7 @@ compile-test-assets: paths: - public/assets/ - node_modules/@gitlab/svgs/dist/icons.json # app/helpers/icons_helper.rb uses this file + - "${WEBPACK_COMPILE_LOG_PATH}" when: always compile-test-assets as-if-foss: @@ -213,7 +213,15 @@ jest minimal: - !reference [jest, needs] - "detect-tests" script: - - run_timed_command "yarn jest:ci:minimal" + - if [[ -s "$RSPEC_CHANGED_FILES_PATH" ]]; then run_timed_command "yarn jest:ci:minimal"; fi + +jest as-if-foss: + extends: + - .jest-base + - .frontend:rules:jest:as-if-foss + - .as-if-foss + needs: ["rspec-all frontend_fixture as-if-foss"] + parallel: 2 jest minimal as-if-foss: extends: @@ -224,7 +232,7 @@ jest minimal as-if-foss: - "rspec-all frontend_fixture as-if-foss" - "detect-tests" script: - - run_timed_command "yarn jest:ci:minimal" + - if [[ -s "$RSPEC_CHANGED_FILES_PATH" ]]; then run_timed_command "yarn jest:ci:minimal"; fi jest-integration: extends: @@ -236,19 +244,11 @@ jest-integration: - job: "rspec-all frontend_fixture" - job: "graphql-schema-dump" -jest-as-if-foss: - extends: - - .jest-base - - .frontend:rules:default-frontend-jobs-as-if-foss - - .as-if-foss - needs: ["rspec-all frontend_fixture as-if-foss"] - parallel: 2 - coverage-frontend: extends: - .default-retry - .yarn-cache - - .frontend:rules:ee-mr-and-default-branch-only + - .frontend:rules:coverage-frontend needs: - job: "jest" optional: true @@ -260,7 +260,9 @@ coverage-frontend: script: - run_timed_command "yarn node scripts/frontend/merge_coverage_frontend.js" # Removing the individual coverage results, as we just merged them. - - rm -r coverage-frontend/jest-* + - if ls coverage-frontend/jest-* > /dev/null 2>&1; then + rm -r coverage-frontend/jest-*; + fi coverage: '/^Statements\s*:\s*?(\d+(?:\.\d+)?)%/' artifacts: name: coverage-frontend @@ -320,24 +322,20 @@ webpack-dev-server: bundle-size-review: extends: - .default-retry + - .assets-compile-cache - .frontend:rules:bundle-size-review image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:danger stage: test - needs: ["compile-production-assets"] + needs: [] script: - - source scripts/utils.sh - - mkdir -p bundle-size-review - - cp webpack-report/index.html bundle-size-review/bundle-report.html - - yarn global add https://gitlab.com/gitlab-org/frontend/playground/webpack-memory-metrics.git - - | - danger_id=$(echo -n ${DANGER_GITLAB_API_TOKEN} | md5sum | awk '{print $1}' | cut -c5-10) - run_timed_command "danger --dangerfile=danger/Dangerfile-bundle_size --fail-on-errors=true --verbose --danger_id=bundle-size-review-${danger_id}" + - *yarn-install + - scripts/bundle_size_review artifacts: when: always name: bundle-size-review expire_in: 31d paths: - - bundle-size-review + - bundle-size-review/ .startup-css-check-base: extends: diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index 9c92b11d4fd..7bdca62b68e 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -290,7 +290,7 @@ - name: postgres:12 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - name: redis:6.0-alpine - - name: elasticsearch:8.2.0 + - name: elasticsearch:8.3.3 variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "12" diff --git a/.gitlab/ci/notify.gitlab-ci.yml b/.gitlab/ci/notify.gitlab-ci.yml index a8c156c7dba..95318d5ce08 100644 --- a/.gitlab/ci/notify.gitlab-ci.yml +++ b/.gitlab/ci/notify.gitlab-ci.yml @@ -7,6 +7,8 @@ MERGE_REQUEST_URL: ${CI_MERGE_REQUEST_PROJECT_URL}/-/merge_requests/${CI_MERGE_REQUEST_IID} before_script: - apk update && apk add git curl bash + - echo "NOTIFY_CHANNEL is ${NOTIFY_CHANNEL}" + - echo "CI_PIPELINE_URL is ${CI_PIPELINE_URL}" notify-update-gitaly: extends: @@ -16,11 +18,9 @@ notify-update-gitaly: when: on_failure allow_failure: true variables: - NOTIFY_CHANNEL: g_create_gitaly + NOTIFY_CHANNEL: g_gitaly GITALY_UPDATE_BRANCH: release-tools/update-gitaly script: - - echo "NOTIFY_CHANNEL is ${NOTIFY_CHANNEL}" - - echo "CI_PIPELINE_URL is ${CI_PIPELINE_URL}" - scripts/slack ${NOTIFY_CHANNEL} "☠️ \`${GITALY_UPDATE_BRANCH}\` failed! ☠️ See ${CI_PIPELINE_URL} (triggered from ${MERGE_REQUEST_URL})" ci_failing "GitLab QA Bot" notify-security-pipeline: @@ -30,7 +30,17 @@ notify-security-pipeline: variables: NOTIFY_CHANNEL: f_upcoming_release script: - - echo "NOTIFY_CHANNEL is ${NOTIFY_CHANNEL}" - - echo "CI_PIPELINE_URL is ${CI_PIPELINE_URL}" # <!subteam^S0127FU8PDE> mentions the `@release-managers` group - scripts/slack ${NOTIFY_CHANNEL} "<!subteam^S0127FU8PDE> ☠️ Pipeline for merged result failed! ☠️ See ${CI_PIPELINE_URL} (triggered from ${MERGE_REQUEST_URL})" ci_failing "GitLab Release Tools Bot" + +notify-pipeline-failure: + extends: + - .notify-slack + rules: + - if: '$NOTIFY_PIPELINE_FAILURE_CHANNEL' + when: on_failure + allow_failure: true + variables: + NOTIFY_CHANNEL: "${NOTIFY_PIPELINE_FAILURE_CHANNEL}" + script: + - scripts/slack ${NOTIFY_CHANNEL} "❌ \`${CI_COMMIT_REF_NAME}\` pipeline failed! See ${CI_PIPELINE_URL}" ci_failing "notify-pipeline-failure" diff --git a/.gitlab/ci/package-and-test/main.gitlab-ci.yml b/.gitlab/ci/package-and-test/main.gitlab-ci.yml new file mode 100644 index 00000000000..d96da7744ab --- /dev/null +++ b/.gitlab/ci/package-and-test/main.gitlab-ci.yml @@ -0,0 +1,600 @@ +# E2E tests pipeline loaded dynamically by script: scripts/generate-e2e-pipeline + +include: + - local: .gitlab/ci/global.gitlab-ci.yml + - local: .gitlab/ci/package-and-test/rules.gitlab-ci.yml + - local: .gitlab/ci/package-and-test/variables.gitlab-ci.yml + - project: gitlab-org/quality/pipeline-common + ref: 1.2.1 + file: + - /ci/base.gitlab-ci.yml + - /ci/allure-report.yml + - /ci/knapsack-report.yml + +stages: + - test + - report + - notify + +# ========================================== +# Templates +# ========================================== +.parallel: + parallel: 5 + variables: + QA_KNAPSACK_REPORT_PATH: $CI_PROJECT_DIR/qa/knapsack + +.ruby-image: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 + +.bundle-install: + extends: + - .gitlab-qa-install + - .qa-cache + variables: + RUN_WITH_BUNDLE: "true" # installs and runs gitlab-qa via bundler + QA_PATH: qa + +.omnibus-env: + variables: + BUILD_ENV: build.env + script: + - | + SECURITY_SOURCES=$([[ ! "$CI_PROJECT_NAMESPACE" =~ ^gitlab-org\/security ]] || echo "true") + echo "SECURITY_SOURCES=${SECURITY_SOURCES:-false}" > $BUILD_ENV + echo "OMNIBUS_GITLAB_CACHE_UPDATE=${OMNIBUS_GITLAB_CACHE_UPDATE:-false}" >> $BUILD_ENV + for version_file in *_VERSION; do echo "$version_file=$(cat $version_file)" >> $BUILD_ENV; done + echo "Built environment file for omnibus build:" + cat $BUILD_ENV + artifacts: + reports: + dotenv: $BUILD_ENV + +.update-script: + script: + - export QA_COMMAND="bundle exec gitlab-qa Test::Omnibus::UpdateFromPrevious $RELEASE $GITLAB_VERSION $UPDATE_TYPE -- $QA_RSPEC_TAGS $RSPEC_REPORT_OPTS" + - echo "Running - '$QA_COMMAND'" + - eval "$QA_COMMAND" + +.qa: + extends: + - .qa-base + - .bundle-install + - .gitlab-qa-report + stage: test + tags: + - e2e + needs: + - trigger-omnibus + - download-knapsack-report + variables: + QA_GENERATE_ALLURE_REPORT: "true" + QA_CAN_TEST_PRAEFECT: "false" + QA_INTERCEPT_REQUESTS: "true" + QA_RUN_TYPE: e2e-package-and-test + TEST_LICENSE_MODE: $QA_TEST_LICENSE_MODE + EE_LICENSE: $QA_EE_LICENSE + GITHUB_ACCESS_TOKEN: $QA_GITHUB_ACCESS_TOKEN + GITLAB_QA_ADMIN_ACCESS_TOKEN: $QA_ADMIN_ACCESS_TOKEN + +# ========================================== +# Prepare stage +# ========================================== +trigger-omnibus-env: + extends: + - .omnibus-env + - .rules:prepare + stage: .pre + +trigger-omnibus: + extends: .rules:prepare + stage: .pre + needs: + - trigger-omnibus-env + inherit: + variables: false + variables: + GITALY_SERVER_VERSION: $GITALY_SERVER_VERSION + GITLAB_ELASTICSEARCH_INDEXER_VERSION: $GITLAB_ELASTICSEARCH_INDEXER_VERSION + GITLAB_KAS_VERSION: $GITLAB_KAS_VERSION + GITLAB_METRICS_EXPORTER_VERSION: $GITLAB_METRICS_EXPORTER_VERSION + GITLAB_PAGES_VERSION: $GITLAB_PAGES_VERSION + GITLAB_SHELL_VERSION: $GITLAB_SHELL_VERSION + GITLAB_WORKHORSE_VERSION: $GITLAB_WORKHORSE_VERSION + GITLAB_VERSION: $CI_COMMIT_SHA + IMAGE_TAG: $CI_COMMIT_SHA + TOP_UPSTREAM_SOURCE_PROJECT: $CI_PROJECT_PATH + SECURITY_SOURCES: $SECURITY_SOURCES + CACHE_UPDATE: $OMNIBUS_GITLAB_CACHE_UPDATE + SKIP_QA_DOCKER: "true" + SKIP_QA_TEST: "true" + ee: "true" + trigger: + project: gitlab-org/build/omnibus-gitlab-mirror + strategy: depend + +download-knapsack-report: + extends: + - .bundle-install + - .ruby-image + - .rules:prepare + stage: .pre + script: + - bundle exec rake "knapsack:download[test]" + allow_failure: true + artifacts: + paths: + - qa/knapsack/ee-*.json + expire_in: 1 day + +# e2e test jobs run on separate runner which has separate cache setup +cache-gems: + extends: + - .bundle-install + - .ruby-image + - .qa-cache-push + - .rules:prepare + stage: .pre + tags: + - e2e + script: + - echo "Populated qa cache" + +# ========================================== +# Test stage +# ========================================== + +# ------------------------------------------ +# Manual jobs +# ------------------------------------------ + +# Run manual quarantine job +# this job requires passing QA_SCENARIO variable +# and optionally QA_TESTS to run specific quarantined tests +_ee:quarantine: + extends: + - .qa + - .rules:test:quarantine + needs: + - trigger-omnibus + stage: test + allow_failure: true + variables: + QA_RSPEC_TAGS: --tag quarantine + +# ------------------------------------------ +# FF changes +# ------------------------------------------ + +# Run specs with feature flags set to the opposite of the default state +ee:instance-parallel-ff-inverse: + extends: + - .qa + - .parallel + variables: + QA_SCENARIO: Test::Instance::Image + QA_KNAPSACK_REPORT_NAME: ee-instance-parallel + GITLAB_QA_OPTS: --set-feature-flags $QA_FEATURE_FLAGS + rules: + - !reference [.rules:test:feature-flags-deleted, rules] # skip job when only change is ff deletion + - !reference [.rules:test:feature-flags-set, rules] + +# ------------------------------------------ +# Jobs with parallel variant +# ------------------------------------------ +ee:instance: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:instance-parallel: + extends: + - .parallel + - ee:instance + rules: + - !reference [.rules:test:feature-flags-set, rules] # always run instance-parallel to validate ff change + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:praefect: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Praefect + QA_CAN_TEST_PRAEFECT: "true" + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:praefect-parallel: + extends: + - .parallel + - ee:praefect + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:relative-url: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::RelativeUrl + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:relative-url-parallel: + extends: + - .parallel + - ee:relative-url + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:decomposition-single-db: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + GITLAB_QA_OPTS: --omnibus-config decomposition_single_db + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:decomposition-single-db-parallel: + extends: + - .parallel + - ee:decomposition-single-db + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:decomposition-multiple-db: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + GITLAB_QA_OPTS: --omnibus-config decomposition_multiple_db + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:decomposition-multiple-db-parallel: + extends: + - .parallel + - ee:decomposition-multiple-db + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:object-storage: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + QA_RSPEC_TAGS: --tag object_storage + GITLAB_QA_OPTS: --omnibus-config object_storage + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::ObjectStorage/ +ee:object-storage-parallel: + extends: ee:object-storage + parallel: 2 + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::ObjectStorage/ + +ee:object-storage-aws: + extends: ee:object-storage + variables: + AWS_S3_ACCESS_KEY: $QA_AWS_S3_ACCESS_KEY + AWS_S3_BUCKET_NAME: $QA_AWS_S3_BUCKET_NAME + AWS_S3_KEY_ID: $QA_AWS_S3_KEY_ID + AWS_S3_REGION: $QA_AWS_S3_REGION + GITLAB_QA_OPTS: --omnibus-config object_storage_aws +ee:object-storage-aws-parallel: + extends: ee:object-storage-aws + parallel: 2 + rules: + - !reference [ee:object-storage-parallel, rules] + +ee:object-storage-gcs: + extends: ee:object-storage + variables: + GCS_BUCKET_NAME: $QA_GCS_BUCKET_NAME + GOOGLE_PROJECT: $QA_GOOGLE_PROJECT + GOOGLE_JSON_KEY: $QA_GOOGLE_JSON_KEY + GOOGLE_CLIENT_EMAIL: $QA_GOOGLE_CLIENT_EMAIL + GITLAB_QA_OPTS: --omnibus-config object_storage_gcs +ee:object-storage-gcs-parallel: + extends: ee:object-storage-gcs + parallel: 2 + rules: + - !reference [ee:object-storage-parallel, rules] + +ee:packages: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + QA_RSPEC_TAGS: --tag packages + GITLAB_QA_OPTS: --omnibus-config packages + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::Packages/ +ee:packages-parallel: + extends: ee:packages + parallel: 2 + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::Packages/ + +# ------------------------------------------ +# Non parallel jobs +# ------------------------------------------ +ee:update-minor: + extends: + - .qa + - .update-script + variables: + UPDATE_TYPE: minor + QA_RSPEC_TAGS: --tag smoke + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::Smoke/ + +ee:update-major: + extends: + - .qa + - .update-script + variables: + UPDATE_TYPE: major + QA_RSPEC_TAGS: --tag smoke + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::Smoke/ + +ee:gitaly-cluster: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::GitalyCluster + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::GitalyCluster/ + +ee:group-saml: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::GroupSAML + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::GroupSAML/ + +ee:instance-saml: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::InstanceSAML + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::InstanceSAML/ + +ee:jira: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Jira + JIRA_ADMIN_USERNAME: $QA_JIRA_ADMIN_USERNAME + JIRA_ADMIN_PASSWORD: $QA_JIRA_ADMIN_PASSWORD + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::Jira/ + +ee:ldap-no-server: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::LDAPNoServer + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::LDAPNoServer/ + +ee:ldap-tls: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::LDAPTLS + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::LDAPTLS/ + +ee:ldap-no-tls: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::LDAPNoTLS + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::LDAPNoTLS/ + +ee:mtls: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::MTLS + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::MTLS/ + +ee:mattermost: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Mattermost + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::Mattermost/ + +ee:registry: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Registry + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::Registry/ + +ee:registry-with-cdn: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::RegistryWithCDN + GCS_CDN_BUCKET_NAME: $QA_GCS_CDN_BUCKET_NAME + GOOGLE_CDN_LB: $QA_GOOGLE_CDN_LB + GOOGLE_CDN_JSON_KEY: $QA_GOOGLE_CDN_JSON_KEY + GOOGLE_CDN_SIGNURL_KEY: $QA_GOOGLE_CDN_SIGNURL_KEY + GOOGLE_CDN_SIGNURL_KEY_NAME: $QA_GOOGLE_CDN_SIGNURL_KEY_NAME + before_script: + - unset GITLAB_QA_ADMIN_ACCESS_TOKEN + - !reference [.qa, before_script] + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::RegistryWithCDN/ + +ee:repository-storage: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::RepositoryStorage + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::RepositoryStorage/ + +ee:service-ping-disabled: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::ServicePingDisabled + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::ServicePingDisabled/ + +ee:smtp: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::SMTP + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::SMTP/ + +ee:cloud-activation: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + QA_RSPEC_TAGS: --tag cloud_activation + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::CloudActivation/ + +ee:large-setup: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + QA_RSPEC_TAGS: --tag can_use_large_setup + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::LargeSetup/ + +ee:metrics: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Metrics + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::Metrics/ + +ee:elasticsearch: + extends: .qa + variables: + QA_SCENARIO: "Test::Integration::Elasticsearch" + before_script: + - unset ELASTIC_URL # unset url which is globally defined in .gitlab-ci.yml + - !reference [.qa, before_script] + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::Elasticsearch/ + +ee:registry-object-storage-tls: + extends: ee:object-storage-aws + variables: + QA_SCENARIO: Test::Integration::RegistryTLS + QA_RSPEC_TAGS: "" + GITLAB_TLS_CERTIFICATE: $QA_GITLAB_TLS_CERTIFICATE + GITLAB_QA_OPTS: --omnibus-config registry_object_storage + +# ========================================== +# Post test stage +# ========================================== +e2e-test-report: + extends: + - .generate-allure-report-base + - .rules:report:allure-report + stage: report + variables: + GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN + ALLURE_PROJECT_PATH: $CI_PROJECT_PATH + ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID + ALLURE_JOB_NAME: e2e-package-and-test + GIT_STRATEGY: none + artifacts: # save rspec results for displaying in parent pipeline + expire_in: 1 day + when: always + paths: + - gitlab-qa-run-*/**/rspec-*.xml + +upload-knapsack-report: + extends: + - .generate-knapsack-report-base + - .bundle-install + - .ruby-image + - .rules:report:process-results + stage: report + when: always + +relate-test-failures: + extends: + - .bundle-install + - .ruby-image + - .rules:report:process-results + stage: report + variables: + QA_FAILURES_REPORTING_PROJECT: gitlab-org/gitlab + QA_FAILURES_MAX_DIFF_RATIO: "0.15" + GITLAB_QA_ACCESS_TOKEN: $GITLAB_QA_PRODUCTION_ACCESS_TOKEN + when: on_failure + script: + - | + bundle exec gitlab-qa-report \ + --relate-failure-issue "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.json" \ + --project "$QA_FAILURES_REPORTING_PROJECT" \ + --max-diff-ratio "$QA_FAILURES_MAX_DIFF_RATIO" + +generate-test-session: + extends: + - .bundle-install + - .ruby-image + - .rules:report:process-results + stage: report + variables: + QA_TESTCASE_SESSIONS_PROJECT: gitlab-org/quality/testcase-sessions + GITLAB_QA_ACCESS_TOKEN: $QA_TEST_SESSION_TOKEN + GITLAB_CI_API_TOKEN: $QA_GITLAB_CI_TOKEN + when: always + script: + - | + bundle exec gitlab-qa-report \ + --generate-test-session "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.json" \ + --project "$QA_TESTCASE_SESSIONS_PROJECT" + artifacts: + when: always + expire_in: 1d + paths: + - qa/REPORT_ISSUE_URL + +notify-slack: + extends: + - .notify-slack-qa + - .bundle-install + - .ruby-image + - .rules:report:process-results + stage: notify + variables: + ALLURE_JOB_NAME: e2e-package-and-test + SLACK_ICON_EMOJI: ci_failing + STATUS_SYM: ☠️ + STATUS: failed + when: on_failure + script: + - bundle exec gitlab-qa-report --prepare-stage-reports "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.xml" # generate summary + - !reference [.notify-slack-qa, script] diff --git a/.gitlab/ci/package-and-test/rules.gitlab-ci.yml b/.gitlab/ci/package-and-test/rules.gitlab-ci.yml new file mode 100644 index 00000000000..d866dec1cd0 --- /dev/null +++ b/.gitlab/ci/package-and-test/rules.gitlab-ci.yml @@ -0,0 +1,99 @@ +# Specific specs passed +.specific-specs: &specific-specs + if: $QA_TESTS != "" + +# No specific specs passed +.all-specs: &all-specs + if: $QA_TESTS == "" + +# FF changes +.feature-flags-set: &feature-flags-set + if: $QA_FEATURE_FLAGS != "" + +# Only deleted feature flags +.feature-flags-deleted: &feature-flags-deleted + if: $QA_FEATURE_FLAGS != "" && $QA_FEATURE_FLAGS !~ /enabled|disabled/ + +# Manually trigger job on ff changes but with default ff state instead of inverted +.feature-flags-set-manual: &feature-flags-set-manual + <<: *feature-flags-set + when: manual + allow_failure: true + +# QA framework changes present +.qa-framework-changes: &qa-framework-changes + if: $QA_FRAMEWORK_CHANGES == "true" + +# Process test results (notify failure to slack, create test session report, relate test failures) +.process-test-results: &process-test-results + if: $PROCESS_TEST_RESULTS == "true" + +# Selective test execution against omnibus instance have following execution scenarios: +# * only e2e spec files changed - runs only changed specs +# * qa framework changes - runs full test suite +# * feature flag changed - runs full test suite with base gitlab instance configuration with both ff states +# * quarantined e2e spec - skips execution of e2e tests by creating a no-op pipeline + +# ------------------------------------------ +# Prepare +# ------------------------------------------ +.rules:prepare: + rules: + - when: always + +# ------------------------------------------ +# Test +# ------------------------------------------ +.rules:test:quarantine: + rules: + - when: manual + variables: + QA_TESTS: "" + +.rules:test:feature-flags-set: + rules: + # unset specific specs if pipeline has feature flag changes and run full suite + - <<: *feature-flags-set + variables: + QA_TESTS: "" + +.rules:test:feature-flags-deleted: + rules: + - <<: *feature-flags-deleted + when: never + +# parallel and non parallel rules are used for jobs that require parallel execution and thus need to switch +# between parallel and non parallel when only certain specs are executed +.rules:test:qa-non-parallel: + rules: + # always run parallel with full suite when framework changes present or ff state changed + - <<: *qa-framework-changes + when: never + - <<: *all-specs + when: never + - <<: *feature-flags-set + when: never + +.rules:test:qa-parallel: + rules: + - *qa-framework-changes + - <<: *specific-specs + when: never + - *feature-flags-set-manual + +# general qa job rule for jobs without the need to run in parallel +.rules:test:qa: + rules: + - *qa-framework-changes + - *feature-flags-set-manual + +# ------------------------------------------ +# Report +# ------------------------------------------ +.rules:report:allure-report: + rules: + - when: always + +.rules:report:process-results: + rules: + - *process-test-results diff --git a/.gitlab/ci/package-and-test/variables.gitlab-ci.yml b/.gitlab/ci/package-and-test/variables.gitlab-ci.yml new file mode 100644 index 00000000000..324092c80f4 --- /dev/null +++ b/.gitlab/ci/package-and-test/variables.gitlab-ci.yml @@ -0,0 +1,9 @@ +# Default variables for package-and-test + +variables: + RELEASE: "${REGISTRY_HOST}/${REGISTRY_GROUP}/build/omnibus-gitlab-mirror/gitlab-ee:${CI_COMMIT_SHA}" + SKIP_REPORT_IN_ISSUES: "true" + OMNIBUS_GITLAB_CACHE_UPDATE: "false" + QA_LOG_LEVEL: "info" + QA_TESTS: "" + QA_FEATURE_FLAGS: "" diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml index a71aac4225e..c5a182b055a 100644 --- a/.gitlab/ci/qa.gitlab-ci.yml +++ b/.gitlab/ci/qa.gitlab-ci.yml @@ -1,5 +1,5 @@ .qa-job-base: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-2.7:bundler-2.3-chrome-103-docker-20.10.14 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION} extends: - .default-retry - .qa-cache @@ -57,7 +57,7 @@ qa:selectors-as-if-foss: - .qa:rules:as-if-foss - .as-if-foss -update-qa-cache: +qa:update-qa-cache: extends: - .qa-job-base - .qa-cache-push @@ -66,103 +66,40 @@ update-qa-cache: script: - echo "Cache has been updated and ready to be uploaded." -populate-qa-tests-var: +e2e:package-and-test: extends: - - .qa:rules:determine-qa-tests - image: ${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine - stage: prepare - script: - - export QA_TESTS=$(scripts/determine-qa-tests --files $CHANGES_FILE --labels "$CI_MERGE_REQUEST_LABELS") - - 'echo "QA_TESTS=$QA_TESTS" >> qa_tests_var.env' - - 'echo "QA_TESTS: $QA_TESTS"' - artifacts: - expire_in: 2d - reports: - dotenv: qa_tests_var.env - paths: - - ${CHANGES_FILE} - - qa_tests_var.env - variables: - CHANGES_FILE: tmp/changed_files.txt - needs: - - detect-tests - -.package-and-qa-base: - image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION}-alpine + - .qa:rules:package-and-test stage: qa - retry: 0 - before_script: - - source scripts/utils.sh - - install_gitlab_gem - - tooling/bin/find_change_diffs ${CHANGES_DIFFS_DIR} - script: - - 'echo "QA_TESTS: $QA_TESTS"' - - exit_code=0 && tooling/bin/qa/run_qa_check ${CHANGES_DIFFS_DIR} || exit_code=$? - - echo $exit_code - - | - if [ $exit_code -eq 0 ]; then - ./scripts/trigger-build.rb omnibus - elif [ $exit_code -eq 1 ]; then - exit 1 - else - echo "Downstream jobs will not be triggered because run_qa_check exited with code: $exit_code" - fi - # These jobs often time out, so temporarily use private runners and a long timeout: https://gitlab.com/gitlab-org/gitlab/-/issues/238563 - tags: - - prm - timeout: 4h needs: - - job: build-qa-image - artifacts: false - - job: build-assets-image - artifacts: false - - job: populate-qa-tests-var - - detect-tests - artifacts: - expire_in: 7d - paths: - - ${CHANGES_DIFFS_DIR}/* + - build-assets-image + - build-qa-image + - e2e-test-pipeline-generate variables: - CHANGES_DIFFS_DIR: tmp/diffs - ALLURE_JOB_NAME: $CI_JOB_NAME - -.package-and-qa-ff-base: - script: - - | - feature_flags=$(scripts/changed-feature-flags --files $CHANGES_DIFFS_DIR --state $QA_FF_STATE) - if [[ $feature_flags ]]; then - export GITLAB_QA_OPTIONS="--set-feature-flags $feature_flags" - echo $GITLAB_QA_OPTIONS - ./scripts/trigger-build.rb omnibus - else - echo "No changed feature flag found to test as $QA_FF_STATE." - fi - -package-and-qa: - extends: - - .package-and-qa-base - - .qa:rules:package-and-qa + SKIP_MESSAGE: Skipping package-and-test due to mr containing only quarantine changes! + trigger: + strategy: depend + include: + - artifact: package-and-test-pipeline.yml + job: e2e-test-pipeline-generate -package-and-qa-ff-enabled: +# Fetch child pipeline test results and store in parent pipeline +# workaround until natively implemented: https://gitlab.com/groups/gitlab-org/-/epics/8205 +e2e:package-and-test-results: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 extends: - - .package-and-qa-base - - .package-and-qa-ff-base - - .qa:rules:package-and-qa:feature-flags - variables: - QA_FF_STATE: "enabled" - -package-and-qa-ff-disabled: - extends: - - .package-and-qa-base - - .package-and-qa-ff-base - - .qa:rules:package-and-qa:feature-flags - variables: - QA_FF_STATE: "disabled" - -package-and-qa-ff-deleted: - extends: - - .package-and-qa-base - - .package-and-qa-ff-base - - .qa:rules:package-and-qa:feature-flags + - .qa-job-base + - .qa:rules:package-and-test + stage: qa + needs: + - e2e:package-and-test variables: - QA_FF_STATE: "deleted" + COLORIZED_LOGS: "true" + QA_LOG_LEVEL: "debug" + when: always + allow_failure: true + script: + - bundle exec rake "ci:download_test_results[e2e:package-and-test,e2e-test-report,${CI_PROJECT_DIR}]" + artifacts: + when: always + reports: + junit: gitlab-qa-run-*/**/rspec-*.xml diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index 50c86313d29..0f524f03188 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -8,11 +8,13 @@ .base-script: script: + - source ./scripts/rspec_helpers.sh # Only install knapsack after bundle install! Otherwise oddly some native # gems could not be found under some circumstance. No idea why, hours wasted. - run_timed_command "gem install knapsack --no-document" - - run_timed_command "scripts/gitaly-test-spawn" - - source ./scripts/rspec_helpers.sh + - echo -e "\e[0Ksection_start:`date +%s`:gitaly-test-spawn[collapsed=true]\r\e[0KStarting Gitaly" + - run_timed_command "scripts/gitaly-test-spawn" # Do not use 'bundle exec' here + - echo -e "\e[0Ksection_end:`date +%s`:gitaly-test-spawn\r\e[0K" .minimal-rspec-tests: variables: @@ -129,28 +131,28 @@ ############################ # rspec job parallel configs .rspec-migration-parallel: - parallel: 9 + parallel: 12 .rspec-ee-migration-parallel: - parallel: 3 + parallel: 4 .rspec-unit-parallel: - parallel: 22 + parallel: 28 .rspec-ee-unit-parallel: - parallel: 16 + parallel: 18 .rspec-integration-parallel: - parallel: 10 + parallel: 12 .rspec-ee-integration-parallel: - parallel: 4 + parallel: 6 .rspec-system-parallel: - parallel: 24 + parallel: 28 .rspec-ee-system-parallel: - parallel: 6 + parallel: 10 # rspec job parallel configs ############################ @@ -165,6 +167,7 @@ setup-test-env: variables: SETUP_DB: "false" script: + - echo $CI_MERGE_REQUEST_APPROVED - source scripts/gitlab_workhorse_component_helpers.sh - run_timed_command "download_and_extract_gitlab_workhorse_package" || true - run_timed_command "scripts/setup-test-env" @@ -175,14 +178,10 @@ setup-test-env: artifacts: expire_in: 7d paths: - - config/secrets.yml - ${TMP_TEST_FOLDER}/gitaly/_build/bin/ - - ${TMP_TEST_FOLDER}/gitaly/_build/deps/git/install - ${TMP_TEST_FOLDER}/gitaly/config.toml - ${TMP_TEST_FOLDER}/gitaly/gitaly2.config.toml - ${TMP_TEST_FOLDER}/gitaly/internal/ - - ${TMP_TEST_FOLDER}/gitaly/run/ - - ${TMP_TEST_FOLDER}/gitaly/run2/ - ${TMP_TEST_FOLDER}/gitaly/Makefile - ${TMP_TEST_FOLDER}/gitaly/praefect.config.toml - ${TMP_TEST_FOLDER}/gitaly/praefect-db.config.toml @@ -379,51 +378,19 @@ db:migrate:reset single-db: - .single-db - .rails:rules:single-db -db:migrate-from-previous-major-version: - extends: .db-job-base - variables: - USE_BUNDLE_INSTALL: "false" - SETUP_DB: "false" - PROJECT_TO_CHECKOUT: "gitlab-foss" - TAG_TO_CHECKOUT: "v14.10.2" - before_script: - - !reference [.default-before_script, before_script] - - '[[ -d "ee/" ]] || export PROJECT_TO_CHECKOUT="gitlab"' - - '[[ -d "ee/" ]] || export TAG_TO_CHECKOUT="${TAG_TO_CHECKOUT}-ee"' - - retry 'git fetch https://gitlab.com/gitlab-org/$PROJECT_TO_CHECKOUT.git $TAG_TO_CHECKOUT' - - git checkout -f FETCH_HEAD - - SETUP_DB=false USE_BUNDLE_INSTALL=true ENABLE_BOOTSNAP=false bash scripts/prepare_build.sh - - run_timed_command "ENABLE_BOOTSNAP=false bundle exec rake db:drop db:create db:structure:load db:migrate db:seed_fu" - - git checkout -f $CI_COMMIT_SHA - - SETUP_DB=false USE_BUNDLE_INSTALL=true bash scripts/prepare_build.sh - script: - - run_timed_command "scripts/db_tasks db:migrate" - -db:migrate-from-previous-major-version-single-db: - extends: - - db:migrate-from-previous-major-version - - .single-db - - .rails:rules:single-db - -.db:check-schema-base: +db:check-schema: extends: + - .db-job-base - .rails:rules:ee-mr-and-default-branch-only - variables: - TAG_TO_CHECKOUT: "v14.7.0" # this version updated grpc to 1.42.0, which supports Ruby 2 & 3 script: + - run_timed_command "bundle exec rake db:drop db:create" - run_timed_command "scripts/db_tasks db:migrate" - - scripts/schema_changed.sh - - scripts/validate_migration_timestamps - -db:check-schema: - extends: - - db:migrate-from-previous-major-version - - .db:check-schema-base db:check-schema-single-db: extends: - - db:migrate-from-previous-major-version-single-db - - .db:check-schema-base + - db:check-schema + - .single-db + - .rails:rules:single-db db:check-migrations: extends: @@ -624,7 +591,7 @@ rspec:feature-flags: stage: post-test needs: - job: "feature-flags-usage" - - job: "haml-lint foss" + - job: "haml-lint" - job: "haml-lint ee" optional: true script: @@ -970,7 +937,7 @@ rspec fail-fast: needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets", "detect-tests"] script: - !reference [.base-script, script] - - rspec_fail_fast tmp/matching_tests.txt "--tag ~quarantine" + - rspec_fail_fast "${RSPEC_MATCHING_TESTS_PATH}" "--tag ~quarantine" artifacts: expire_in: 7d paths: @@ -980,10 +947,10 @@ rspec foss-impact: extends: - .rspec-base-pg12-as-if-foss - .rails:rules:rspec-foss-impact - needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets as-if-foss", "detect-tests as-if-foss"] + needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets as-if-foss", "detect-tests"] script: - !reference [.base-script, script] - - rspec_matched_foss_tests tmp/matching_foss_tests.txt "--tag ~quarantine" + - rspec_matched_foss_tests "${RSPEC_MATCHING_TESTS_PATH}" "--tag ~quarantine" artifacts: expire_in: 7d paths: diff --git a/.gitlab/ci/review-apps/main.gitlab-ci.yml b/.gitlab/ci/review-apps/main.gitlab-ci.yml index 37ccecc0562..e28ffc82811 100644 --- a/.gitlab/ci/review-apps/main.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/main.gitlab-ci.yml @@ -8,6 +8,7 @@ stages: include: - local: .gitlab/ci/global.gitlab-ci.yml - local: .gitlab/ci/rules.gitlab-ci.yml + - local: .gitlab/ci/review-apps/rules.gitlab-ci.yml - local: .gitlab/ci/review-apps/qa.gitlab-ci.yml - local: .gitlab/ci/review-apps/dast.gitlab-ci.yml @@ -94,6 +95,7 @@ review-deploy: - export GITALY_VERSION=$(<GITALY_SERVER_VERSION) - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION) - echo "${CI_ENVIRONMENT_URL}" > environment_url.txt + - echo "QA_GITLAB_URL=${CI_ENVIRONMENT_URL}" > environment.env - *base-before_script script: - check_kube_domain @@ -102,7 +104,6 @@ review-deploy: - deploy || (display_deployment_debug && exit 1) - verify_deploy || exit 1 - disable_sign_ups || (delete_release && exit 1) - - create_sample_projects after_script: # Run seed-dast-test-data.sh only when DAST_RUN is set to true. This is to pupulate review app with data for DAST scan. # Set DAST_RUN to true when jobs are manually scheduled. @@ -110,9 +111,27 @@ review-deploy: artifacts: paths: - environment_url.txt + reports: + dotenv: environment.env expire_in: 7 days when: always +review-deploy-sample-projects: + extends: + - .review-workflow-base + - .review:rules:review-deploy + stage: deploy + needs: ["review-deploy"] + before_script: + - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION) + - export GITALY_VERSION=$(<GITALY_SERVER_VERSION) + - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION) + - echo "${CI_ENVIRONMENT_URL}" > environment_url.txt + - *base-before_script + script: + - date + - create_sample_projects + .review-stop-base: extends: .review-workflow-base environment: diff --git a/.gitlab/ci/review-apps/qa.gitlab-ci.yml b/.gitlab/ci/review-apps/qa.gitlab-ci.yml index 631fe7fef30..21e6a8e42fb 100644 --- a/.gitlab/ci/review-apps/qa.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/qa.gitlab-ci.yml @@ -1,6 +1,6 @@ include: - project: gitlab-org/quality/pipeline-common - ref: 0.13.0 + ref: 1.2.2 file: - /ci/allure-report.yml - /ci/knapsack-report.yml @@ -8,85 +8,57 @@ include: .test-variables: variables: QA_GENERATE_ALLURE_REPORT: "true" - COLORIZED_LOGS: "true" + QA_CAN_TEST_PRAEFECT: "false" GITLAB_USERNAME: "root" GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" GITLAB_ADMIN_USERNAME: "root" GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" GITLAB_QA_ADMIN_ACCESS_TOKEN: "${REVIEW_APPS_ROOT_TOKEN}" - GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}" + GITHUB_ACCESS_TOKEN: "${QA_GITHUB_ACCESS_TOKEN}" .bundle-base: extends: - .qa-cache image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 before_script: - - export QA_GITLAB_URL="$(cat environment_url.txt)" - cd qa && bundle install .review-qa-base: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3-git-2.33-lfs-2.9-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION}-gcloud-383-kubectl-1.23 extends: - .use-docker-in-docker - .bundle-base - .test-variables - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3-git-2.33-lfs-2.9-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION}-gcloud-383-kubectl-1.23 stage: qa needs: - review-deploy - download-knapsack-report variables: - DOCKER_HOST: tcp://docker:2376 - DOCKER_TLS_CERTDIR: /certs - DOCKER_CERT_PATH: /certs/client - DOCKER_TLS_VERIFY: 1 GIT_LFS_SKIP_SMUDGE: 1 WD_INSTALL_DIR: /usr/local/bin - before_script: - - scripts/checkout-mr-source-sha - - !reference [.bundle-base, before_script] + RSPEC_REPORT_OPTS: --force-color --order random --format documentation --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml script: - export EE_LICENSE="$(cat $REVIEW_APPS_EE_LICENSE_FILE)" - - qa_run_status=0 + - QA_COMMAND="bundle exec bin/qa ${QA_SCENARIO} ${QA_GITLAB_URL} -- ${QA_TESTS} ${RSPEC_REPORT_OPTS}" + - echo "Running - '${QA_COMMAND}'" + - eval "$QA_COMMAND" + after_script: - | - bundle exec rake "knapsack:rspec[\ - ${RSPEC_TAGS} \ - --tag ~orchestrated \ - --tag ~transient \ - --tag ~skip_signup_disabled \ - --tag ~requires_git_protocol_v2 \ - --tag ~requires_praefect \ - --force-color \ - --order random \ - --format documentation \ - --format RspecJunitFormatter --out tmp/rspec.xml \ - ]" || qa_run_status=$? - - if [ ${qa_run_status} -ne 0 ]; then - release_sha=$(echo "${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA:-${CI_COMMIT_SHA}}" | cut -c1-11); - echo "Errors can be found at https://sentry.gitlab.net/gitlab/gitlab-review-apps/releases/${release_sha}/all-events/."; - fi - - exit ${qa_run_status} + echo "Sentry errors for the current review-app test run can be found via following url:" + echo "https://sentry.gitlab.net/gitlab/gitlab-review-apps/releases/$(echo "${CI_COMMIT_SHA}" | cut -c1-11)/all-events/." artifacts: paths: - qa/tmp reports: - junit: qa/tmp/rspec.xml + junit: qa/tmp/rspec-*.xml expire_in: 7 days when: always -.allure-report-base: - extends: .generate-allure-report-base - stage: post-qa - variables: - GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN - ALLURE_PROJECT_PATH: $CI_PROJECT_PATH - ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID - ALLURE_RESULTS_GLOB: qa/tmp/allure-results/* - # Store knapsack report as artifact so the same report is reused across all jobs download-knapsack-report: extends: - .bundle-base - - .review:rules:review-qa-reliable + - .rules:app-or-qa-framework-changes-or-review-scenarios stage: prepare script: - bundle exec rake "knapsack:download[qa]" @@ -99,30 +71,39 @@ download-knapsack-report: review-qa-smoke: extends: - .review-qa-base - - .review:rules:review-qa-smoke - retry: 1 + - .rules:qa-smoke variables: + QA_SCENARIO: Test::Instance::Smoke QA_RUN_TYPE: review-qa-smoke - RSPEC_TAGS: --tag smoke + retry: 1 -review-qa-reliable: +review-qa-blocking: extends: - .review-qa-base - - .review:rules:review-qa-reliable + - .rules:qa-blocking + variables: + QA_SCENARIO: Test::Instance::ReviewBlocking + QA_RUN_TYPE: review-qa-blocking retry: 1 +review-qa-blocking-parallel: + extends: + - review-qa-blocking + - .rules:qa-blocking-parallel parallel: 10 - variables: - QA_RUN_TYPE: review-qa-reliable - RSPEC_TAGS: --tag reliable --tag sanity_feature_flags -review-qa-all: +review-qa-non-blocking: extends: - .review-qa-base - - .review:rules:review-qa-all - parallel: 5 + - .rules:qa-non-blocking variables: - QA_RUN_TYPE: review-qa-all - RSPEC_TAGS: --tag ~reliable --tag ~smoke --tag ~sanity_feature_flags + QA_SCENARIO: Test::Instance::ReviewNonBlocking + QA_RUN_TYPE: review-qa-non-blocking + allow_failure: true +review-qa-non-blocking-parallel: + extends: + - review-qa-non-blocking + - .rules:qa-non-blocking-parallel + parallel: 5 review-performance: extends: @@ -150,27 +131,25 @@ review-performance: performance: performance.json expire_in: 31d -# Generate single report for both smoke and reliable test jobs -# Both job types are essentially the same: -# * always executed -# * always blocking -allure-report-qa-blocking: - extends: - - .allure-report-base - - .review:rules:review-qa-blocking-report - needs: - - review-qa-smoke - - review-qa-reliable - variables: - ALLURE_JOB_NAME: review-qa-blocking - -allure-report-qa-all: +e2e-test-report: extends: - - .allure-report-base - - .review:rules:review-qa-all-report - needs: ["review-qa-all"] + - .generate-allure-report-base + - .rules:app-or-qa-framework-changes-or-review-scenarios + stage: post-qa variables: - ALLURE_JOB_NAME: review-qa-all + ALLURE_JOB_NAME: e2e-review-qa + ALLURE_PROJECT_PATH: $CI_PROJECT_PATH + ALLURE_RESULTS_GLOB: qa/tmp/allure-results/* + ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID + GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN + GIT_STRATEGY: none + allow_failure: true + when: always + artifacts: # re-save rspec results for displaying in parent pipeline + expire_in: 1 day + when: always + paths: + - qa/tmp/rspec-*.xml upload-knapsack-report: extends: @@ -183,13 +162,13 @@ upload-knapsack-report: delete-test-resources: extends: - .bundle-base - - .review:rules:review-qa-cleanup + - .rules:app-or-qa-framework-changes-or-review-scenarios stage: post-qa variables: QA_TEST_RESOURCES_FILE_PATTERN: $CI_PROJECT_DIR/qa/tmp/test-resources-*.json GITLAB_QA_ACCESS_TOKEN: $REVIEW_APPS_ROOT_TOKEN - COLORIZED_LOGS: "true" script: - export GITLAB_ADDRESS="$QA_GITLAB_URL" - bundle exec rake "test_resources:delete[$QA_TEST_RESOURCES_FILE_PATTERN]" allow_failure: true + when: always diff --git a/.gitlab/ci/review-apps/rules.gitlab-ci.yml b/.gitlab/ci/review-apps/rules.gitlab-ci.yml new file mode 100644 index 00000000000..56d3731bb56 --- /dev/null +++ b/.gitlab/ci/review-apps/rules.gitlab-ci.yml @@ -0,0 +1,81 @@ +# Specific specs passed +.specific-specs: &specific-specs + if: $QA_TESTS != "" + +# No specific specs passed +.all-specs: &all-specs + if: $QA_TESTS == "" + +# No specific specs in mr pipeline +.all-specs-mr: &all-specs-mr + if: $CI_MERGE_REQUEST_IID && $QA_TESTS == "" + when: manual + +# Triggered by change pattern +.app-changes: &app-changes + if: $APP_CHANGE_TRIGGER == "true" + +# QA framework changes present +.qa-framework-changes: &qa-framework-changes + if: $QA_FRAMEWORK_CHANGES == "true" + +.never-when-qa-framework-changes-or-no-specific-specs: + - <<: *qa-framework-changes + when: never + - <<: *all-specs + when: never + +.never-when-specific-specs-always-when-qa-framework-changes: + - <<: *specific-specs + when: never + - *qa-framework-changes + +# ------------------------------------------ +# Test +# ------------------------------------------ +.rules:qa-smoke: + rules: + # always trigger smoke suite if review pipeline got triggered by specific changes in application code + - <<: *app-changes + variables: + QA_TESTS: "" # unset QA_TESTS even if specific tests were inferred from stage label + - *qa-framework-changes + - if: $QA_SUITES =~ /Test::Instance::Smoke/ + +.rules:qa-blocking: + rules: + - <<: *app-changes + when: never + - !reference [.never-when-qa-framework-changes-or-no-specific-specs] + - if: $QA_SUITES =~ /Test::Instance::ReviewBlocking/ +.rules:qa-blocking-parallel: + rules: + # always trigger blocking suite if review pipeline got triggered by specific changes in application code + - <<: *app-changes + variables: + QA_TESTS: "" # unset QA_TESTS even if specific tests were inferred from stage label + - !reference [.never-when-specific-specs-always-when-qa-framework-changes] + - if: $QA_SUITES =~ /Test::Instance::ReviewBlocking/ + +.rules:qa-non-blocking: + rules: + - !reference [.never-when-qa-framework-changes-or-no-specific-specs] + - if: $QA_SUITES =~ /Test::Instance::ReviewNonBlocking/ +.rules:qa-non-blocking-parallel: + rules: + - !reference [.never-when-specific-specs-always-when-qa-framework-changes] + - *all-specs-mr # set full suite to manual when no specific specs passed in mr + - if: $QA_SUITES =~ /Test::Instance::ReviewNonBlocking/ + +# ------------------------------------------ +# Prepare/Report +# ------------------------------------------ +# if no rules for test execution are matched, pipeline will not have e2e test jobs +# so we need to skip knapsack, allure and test resource deletion jobs as well +.rules:app-or-qa-framework-changes-or-review-scenarios: + rules: + - *app-changes + - *qa-framework-changes + - if: $QA_SUITES =~ /Test::Instance::Smoke/ + - if: $QA_SUITES =~ /Test::Instance::ReviewBlocking/ + - if: $QA_SUITES =~ /Test::Instance::ReviewNonBlocking/ diff --git a/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml b/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml deleted file mode 100644 index 1305673a4d8..00000000000 --- a/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml +++ /dev/null @@ -1,13 +0,0 @@ -stages: - - review - -include: - - local: .gitlab/ci/global.gitlab-ci.yml - - local: .gitlab/ci/rules.gitlab-ci.yml - -no-op: - extends: - - .review:rules:start-review-app-pipeline - stage: review - script: - - echo "Skip Review App because the MR includes only quarantine changes" diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index 4f51409d6a8..46e62829394 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -23,42 +23,13 @@ review-cleanup: - ruby -rrubygems scripts/review_apps/automated_cleanup.rb - gcp_cleanup -review-app-pipeline-generate: - image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION} - stage: prepare - extends: - - .review:rules:start-review-app-pipeline - artifacts: - expire_in: 7d - paths: - - ${CHANGES_DIFFS_DIR}/* - - review-app-pipeline.yml - variables: - CHANGES_DIFFS_DIR: tmp/diffs - before_script: - - source scripts/utils.sh - - install_gitlab_gem - - tooling/bin/find_change_diffs ${CHANGES_DIFFS_DIR} - script: - - exit_code=0 && tooling/bin/qa/run_qa_check ${CHANGES_DIFFS_DIR} || exit_code=$? - - | - if [ $exit_code -eq 0 ]; then - echo "Review App will use the full pipeline" - cp .gitlab/ci/review-apps/main.gitlab-ci.yml review-app-pipeline.yml - elif [ $exit_code -eq 2 ]; then - echo "Skip Review App because the MR includes only quarantine changes" - cp .gitlab/ci/review-apps/skip-qa.gitlab-ci.yml review-app-pipeline.yml - else - exit $exit_code - fi - start-review-app-pipeline: extends: - .review:rules:start-review-app-pipeline resource_group: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE} # CI_ENVIRONMENT_SLUG is not available here and we want this to be the same as the environment stage: review needs: - - review-app-pipeline-generate + - job: e2e-test-pipeline-generate - job: build-assets-image artifacts: false # These variables are set in the pipeline schedules. @@ -67,11 +38,36 @@ start-review-app-pipeline: variables: SCHEDULE_TYPE: $SCHEDULE_TYPE DAST_RUN: $DAST_RUN + SKIP_MESSAGE: Skipping review-app due to mr containing only quarantine changes! trigger: + strategy: depend include: - artifact: review-app-pipeline.yml - job: review-app-pipeline-generate - strategy: depend + job: e2e-test-pipeline-generate + +# Fetch child pipeline test results and store in parent pipeline +# workaround until natively implemented: https://gitlab.com/groups/gitlab-org/-/epics/8205 +review-app-test-results: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 + stage: review + extends: + - .qa-cache + - .review:rules:start-review-app-pipeline + needs: + - start-review-app-pipeline + variables: + COLORIZED_LOGS: "true" + QA_LOG_LEVEL: "debug" + before_script: + - cd qa && bundle install + script: + - bundle exec rake "ci:download_test_results[start-review-app-pipeline,e2e-test-report,${CI_PROJECT_DIR}]" + when: always + allow_failure: true + artifacts: + when: always + reports: + junit: qa/tmp/rspec-*.xml danger-review: extends: diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index fcb853a7bd2..9dc2f5eff23 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -20,13 +20,7 @@ if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_MERGE_REQUEST_IID || $CI_COMMIT_TAG || $FORCE_GITLAB_CI' .if-default-branch-refs: &if-default-branch-refs - if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH' - -.if-stable-branch-refs: &if-stable-branch-refs - if: '$CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/' - -.if-default-branch-push: &if-default-branch-push - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "push"' + if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_MERGE_REQUEST_IID == null' .if-auto-deploy-branches: &if-auto-deploy-branches if: '$CI_COMMIT_BRANCH =~ /^\d+-\d+-auto-deploy-\d+$/' @@ -130,7 +124,7 @@ .if-dot-com-gitlab-org-and-security-merge-request-and-qa-tests-specified: &if-dot-com-gitlab-org-and-security-merge-request-and-qa-tests-specified if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_MERGE_REQUEST_IID && $QA_TESTS' -.if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-qa: &if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-qa +.if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e: &if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_MERGE_REQUEST_IID && $QA_MANUAL_FF_PACKAGE_AND_QA' .if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag @@ -173,6 +167,9 @@ - ".gitlab/ci/frontend.gitlab-ci.yml" - ".gitlab/ci/build-images.gitlab-ci.yml" - ".gitlab/ci/qa.gitlab-ci.yml" + - ".gitlab/ci/package-and-test/*.yml" + - ".gitlab/ci/review-apps/qa.gitlab-ci.yml" + - ".gitlab/ci/review-apps/rules.gitlab-ci.yml" .gitaly-patterns: &gitaly-patterns - "GITALY_SERVER_VERSION" @@ -261,7 +258,7 @@ - "Dockerfile.assets" - "config/**/*.js" - "vendor/assets/**/*" - - "{app/assets,app/helpers,app/presenters,app/views,locale,public,spec/frontend,symbol}/**/*" + - "{app/assets,app/components,app/helpers,app/presenters,app/views,locale,public,spec/frontend,symbol}/**/*" .controllers-patterns: &controllers-patterns - "{,ee/,jh/}{app/controllers}/**/*" @@ -281,7 +278,7 @@ - "Rakefile" - "config.ru" # List explicitly all the app/ dirs that are backend (i.e. all except app/assets). - - "{,ee/,jh/}{app/channels,app/controllers,app/finders,app/graphql,app/helpers,app/mailers,app/models,app/policies,app/presenters,app/serializers,app/services,app/uploaders,app/validators,app/views,app/workers}/**/*" + - "{,ee/,jh/}{app/channels,app/components,app/controllers,app/finders,app/graphql,app/helpers,app/mailers,app/models,app/policies,app/presenters,app/serializers,app/services,app/uploaders,app/validators,app/views,app/workers}/**/*" - "{,ee/,jh/}{bin,config,db,generator_templates,lib}/**/*" - "{,ee/,jh/}spec/**/*" # CI changes @@ -296,7 +293,7 @@ - "{,jh/}Gemfile.lock" - "GITLAB_ELASTICSEARCH_INDEXER_VERSION" # List explicitly all the app/ dirs that are backend (i.e. all except app/assets). - - "{,ee/,jh/}{app/channels,app/controllers,app/finders,app/graphql,app/helpers,app/mailers,app/models,app/policies,app/presenters,app/serializers,app/services,app/uploaders,app/validators,app/views,app/workers}/**/*" + - "{,ee/,jh/}{app/channels,app/components,app/controllers,app/finders,app/graphql,app/helpers,app/mailers,app/models,app/policies,app/presenters,app/serializers,app/services,app/uploaders,app/validators,app/views,app/workers}/**/*" - "{,ee/,jh/}{bin,config,db,generator_templates,lib}/**/*" - "{,ee/,jh/}spec/**/*" @@ -309,6 +306,8 @@ - "{,ee/,jh/}{,spec/}lib/{,ee/,jh/}gitlab/background_migration{,_spec}.rb" - "{,ee/,jh/}spec/support/helpers/database/**/*" - "lib/gitlab/markdown_cache/active_record/**/*" + - "lib/api/admin/batched_background_migrations.rb" + - "spec/requests/api/admin/batched_background_migrations_spec.rb" - "config/prometheus/common_metrics.yml" # Used by Gitlab::DatabaseImporters::CommonMetrics::Importer - "{,ee/,jh/}app/models/project_statistics.rb" # Used to calculate sizes in migration specs # Gitaly has interactions with background migrations: https://gitlab.com/gitlab-org/gitlab/-/issues/336538 @@ -333,7 +332,7 @@ .qa-patterns: &qa-patterns - ".dockerignore" - - "qa/**/*" + - "{,jh/}qa/**/*" # Code patterns + .ci-patterns .code-patterns: &code-patterns @@ -411,7 +410,7 @@ - ".gitlab/ci/**/*" # QA changes - ".dockerignore" - - "qa/**/*" + - "{,jh/}qa/**/*" # Mapped patterns (see tests.yml) - "data/whats_new/*.yml" @@ -445,7 +444,7 @@ - "{,spec/}tooling/**/*" # QA changes - ".dockerignore" - - "qa/**/*" + - "{,jh/}qa/**/*" # Mapped patterns (see tests.yml) - "data/whats_new/*.yml" @@ -480,7 +479,7 @@ - "{,spec/}tooling/**/*" # QA changes - ".dockerignore" - - "qa/**/*" + - "{,jh/}qa/**/*" # Workhorse changes - "GITLAB_WORKHORSE_VERSION" - "workhorse/**/*" @@ -491,9 +490,14 @@ .static-analysis-patterns: &static-analysis-patterns - ".{codeclimate,eslintrc,haml-lint,haml-lint_todo}.yml" - - ".rubocop.yml" - - ".rubocop_todo.yml" + +.rubocop-patterns: &rubocop-patterns + - ".{rubocop,rubocop_todo}.yml" - ".rubocop_todo/**/*.yml" + - "{,ee/,jh/}rubocop/**/*" # We might be changing custom cops + - "{,ee/,jh/}Gemfile.lock" # This should include gitlab-styles, rubocop itself, and any plugins we might be using + - "lib/gitlab_edition.rb" # This is required in RuboCop::CodeReuseHelpers + - ".gitlab/ci/static-analysis.gitlab-ci.yml" .danger-patterns: &danger-patterns - "Dangerfile" @@ -528,6 +532,9 @@ rules: - <<: *if-merge-request-approved when: never + # Temporarily disabled minimal rspec jobs before and after approval because of https://gitlab.com/gitlab-org/gitlab/-/issues/373064. + - <<: *if-merge-request-not-approved + when: never - <<: *if-automated-merge-request when: never - <<: *if-security-merge-request @@ -549,8 +556,6 @@ changes: *backend-patterns - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-not-approved - when: never .rails:rules:as-if-foss-migration-unit-integration:minimal-default-rules: rules: @@ -580,8 +585,6 @@ changes: *code-backstage-patterns - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-not-approved - when: never .rails:rules:system:minimal-default-rules: rules: @@ -628,14 +631,16 @@ rules: - <<: *if-not-ee when: never + - <<: *if-not-canonical-namespace + when: never - <<: *if-merge-request-targeting-stable-branch - <<: *if-merge-request-labels-run-review-app - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *ci-build-images-patterns - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *code-qa-patterns - - <<: *if-dot-com-gitlab-org-default-branch - changes: *code-qa-patterns + - <<: *if-auto-deploy-branches + - <<: *if-default-branch-or-tag - <<: *if-dot-com-gitlab-org-schedule - <<: *if-force-ci @@ -714,6 +719,14 @@ ################## # Frontend rules # ################## + +.frontend:rules:minimal-default-rules: + rules: + - <<: *if-automated-merge-request + when: never + - <<: *if-security-merge-request + when: never + .frontend:rules:compile-production-assets: rules: - <<: *if-not-canonical-namespace @@ -762,31 +775,28 @@ rules: - !reference [".strict-ee-only-rules", rules] - !reference [".frontend:rules:default-frontend-jobs-as-if-foss", rules] - - !reference [".frontend:rules:jest:minimal:as-if-foss", rules] + - <<: *if-merge-request + changes: *frontend-patterns-for-as-if-foss .frontend:rules:jest: rules: - <<: *if-fork-merge-request when: never - <<: *if-merge-request-labels-run-all-jest - - <<: *if-default-refs - changes: *core-frontend-patterns - <<: *if-merge-request - changes: *ci-patterns + changes: [".gitlab/ci/rules.gitlab-ci.yml", ".gitlab/ci/frontend.gitlab-ci.yml"] - <<: *if-automated-merge-request changes: *code-backstage-patterns - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-not-approved - when: never - - <<: *if-default-refs + - <<: *if-default-branch-refs changes: *code-backstage-patterns .frontend:rules:jest:minimal: rules: - <<: *if-fork-merge-request changes: *code-backstage-patterns - - !reference [".rails:rules:minimal-default-rules", rules] + - !reference [".frontend:rules:minimal-default-rules", rules] - <<: *if-merge-request-labels-run-all-jest when: never - changes: *core-frontend-patterns @@ -797,30 +807,24 @@ - <<: *if-merge-request changes: *code-backstage-patterns -.frontend:rules:jest:minimal:as-if-foss: +.frontend:rules:jest:as-if-foss: rules: - !reference [".strict-ee-only-rules", rules] + - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-run-all-jest - <<: *if-security-merge-request changes: *code-backstage-patterns - when: never - - <<: *if-merge-request-labels-as-if-foss - when: never + +.frontend:rules:jest:minimal:as-if-foss: + rules: + - !reference [".strict-ee-only-rules", rules] + - !reference [".frontend:rules:minimal-default-rules", rules] - <<: *if-merge-request-labels-run-all-jest when: never - - <<: *if-merge-request-labels-run-all-rspec - when: never - - <<: *if-merge-request - changes: *startup-css-patterns - when: never - - <<: *if-merge-request - changes: *ci-patterns - when: never - <<: *if-fork-merge-request when: never - <<: *if-merge-request - changes: *core-frontend-patterns - - <<: *if-merge-request - changes: *code-backstage-patterns + changes: *frontend-patterns-for-as-if-foss .frontend:rules:eslint-as-if-foss: rules: @@ -829,13 +833,14 @@ - <<: *if-merge-request changes: *frontend-patterns-for-as-if-foss -.frontend:rules:ee-mr-and-default-branch-only: +.frontend:rules:coverage-frontend: rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-revert + when: never - <<: *if-merge-request changes: *code-backstage-patterns - when: always - <<: *if-default-branch-refs changes: *code-backstage-patterns @@ -859,6 +864,9 @@ rules: - <<: *if-not-canonical-namespace when: never + - <<: *if-default-branch-refs + changes: *frontend-build-patterns + allow_failure: true - if: '$DANGER_GITLAB_API_TOKEN && $CI_MERGE_REQUEST_IID && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH' changes: *frontend-build-patterns allow_failure: true @@ -907,7 +915,7 @@ - <<: *if-default-refs changes: *qa-patterns -.qa:rules:determine-qa-tests: +.qa:rules:determine-e2e-tests: rules: - <<: *if-not-ee when: never @@ -921,14 +929,23 @@ - <<: *if-force-ci allow_failure: true -.qa:rules:package-and-qa: +.qa:rules:package-and-test: rules: + - <<: *if-not-canonical-namespace + when: never - <<: *if-not-ee when: never - <<: *if-merge-request-labels-pipeline-revert when: never - <<: *if-merge-request-targeting-stable-branch allow_failure: true + - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e + changes: *feature-flag-development-config-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-and-security-merge-request + changes: *feature-flag-development-config-patterns + allow_failure: true - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *nodejs-patterns allow_failure: true @@ -947,24 +964,14 @@ allow_failure: true - <<: *if-dot-com-gitlab-org-schedule allow_failure: true + variables: + SKIP_REPORT_IN_ISSUES: "false" + PROCESS_TEST_RESULTS: "true" + KNAPSACK_GENERATE_REPORT: "true" - <<: *if-force-ci when: manual allow_failure: true -.qa:rules:package-and-qa:feature-flags: - rules: - - <<: *if-not-ee - when: never - - <<: *if-merge-request-labels-pipeline-revert - when: never - - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-qa - changes: *feature-flag-development-config-patterns - when: manual - allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request - changes: *feature-flag-development-config-patterns - allow_failure: true - ############### # Rails rules # ############### @@ -1012,8 +1019,6 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns - - <<: *if-merge-request-not-approved - when: never - changes: *db-patterns .rails:rules:ee-and-foss-migration:minimal: @@ -1117,8 +1122,6 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns - - <<: *if-merge-request-not-approved - when: never - changes: *db-patterns .rails:rules:ee-only-migration:minimal: @@ -1208,8 +1211,6 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns - - <<: *if-merge-request-not-approved - when: never .rails:rules:as-if-foss-migration:minimal: rules: @@ -1365,12 +1366,12 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-revert + when: never - <<: *if-merge-request changes: *code-backstage-patterns - when: always - <<: *if-default-branch-schedule-maintenance - <<: *if-merge-request-labels-run-all-rspec - when: always .rails:rules:rspec-undercoverage: rules: @@ -1410,6 +1411,8 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-revert + when: never - if: '$SKIP_FLAKY_TESTS_AUTOMATICALLY == "true" || $RETRY_FAILED_TESTS_IN_NEW_PROCESS == "true"' changes: *code-backstage-patterns when: always @@ -1421,24 +1424,42 @@ # Static analysis rules # ######################### -.static-analysis:rules:ee-and-foss: +.static-analysis:rules:static-analysis: rules: - changes: *code-backstage-qa-patterns - changes: *static-analysis-patterns -.static-analysis:rules:ee-and-foss-qa: +.static-analysis:rules:static-verification-with-database: + rules: + - changes: *code-backstage-qa-patterns + +.static-analysis:rules:rubocop: + rules: + - changes: *rubocop-patterns + variables: + RUN_ALL_RUBOCOP: "true" + - changes: *code-backstage-qa-patterns + +.static-analysis:rules:qa:metadata-lint: rules: - changes: *qa-patterns + - changes: [".gitlab/ci/static-analysis.gitlab-ci.yml"] + +.static-analysis:rules:haml-lint: + rules: + - changes: *rubocop-patterns - changes: *static-analysis-patterns + - changes: *code-backstage-qa-patterns -.static-analysis:rules:ee: +.static-analysis:rules:haml-lint-ee: rules: - <<: *if-not-ee when: never - - changes: *code-backstage-qa-patterns + - changes: *rubocop-patterns - changes: *static-analysis-patterns + - changes: *code-backstage-qa-patterns -.static-analysis:rules:as-if-foss: +.static-analysis:rules:static-analysis-as-if-foss: rules: - <<: *if-not-ee when: never @@ -1447,7 +1468,7 @@ - <<: *if-security-merge-request changes: *code-backstage-qa-patterns - <<: *if-merge-request - changes: *ci-patterns + changes: [".gitlab/ci/static-analysis.gitlab-ci.yml"] - <<: *if-merge-request changes: *static-analysis-patterns @@ -1461,6 +1482,12 @@ changes: ["vendor/gems/mail-smtp_pool/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:microsoft_graph_mailer: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/microsoft_graph_mailer/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + .vendor:rules:ipynbdiff: rules: - <<: *if-merge-request @@ -1491,12 +1518,30 @@ changes: ["vendor/gems/omniauth-gitlab/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:omniauth-google-oauth2: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/omniauth-google-oauth2/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + +.vendor:rules:omniauth-salesforce: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/omniauth-salesforce/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + .vendor:rules:devise-pbkdf2-encryptable: rules: - <<: *if-merge-request changes: ["vendor/gems/devise-pbkdf2-encryptable/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:bundler-checksum: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/bundler-checksum/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + ################## # Releases rules # ################## @@ -1620,6 +1665,13 @@ ################ # Review rules # ################ +.review-change-pattern: &review-change-pattern + APP_CHANGE_TRIGGER: "true" + +# The following rules needs to be the same as the one for .review:rules:review-cleanup +# except that: +# - most rules re automatic here (i.e. no `when: manual`) and not allowed to fail (i.e. no `allow_failure: true`) here +# - several rules have `variables: *review-change-pattern` here .review:rules:start-review-app-pipeline: rules: - <<: *if-not-ee @@ -1631,12 +1683,16 @@ changes: *ci-review-patterns - <<: *if-dot-com-gitlab-org-merge-request changes: *frontend-build-patterns + variables: *review-change-pattern - <<: *if-dot-com-gitlab-org-merge-request changes: *controllers-patterns + variables: *review-change-pattern - <<: *if-dot-com-gitlab-org-merge-request changes: *models-patterns + variables: *review-change-pattern - <<: *if-dot-com-gitlab-org-merge-request changes: *lib-gitlab-patterns + variables: *review-change-pattern - <<: *if-dot-com-gitlab-org-merge-request changes: *qa-patterns - <<: *if-dot-com-gitlab-org-merge-request @@ -1670,54 +1726,44 @@ rules: - when: on_success -.review:rules:review-qa-smoke: - rules: - - when: on_success - -# If the needed job isn't allowed to fail, we need to use `when: always` in -# order to keep the job always running after it. -# -# If the needed job is allowed to fail, we need to use both -# `when: on_success` and `when: on_failure` in order to keep -# the job always running after it. -# Not that if the needed job has `when: on_success` we can use `when: always` -# for the depending job. -# -# See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/76756 - -.review:rules:review-qa-reliable: - rules: - - when: on_success - -# Since `review-qa-reliable` isn't allowed to fail, we need to use `when: always`for `review-qa-reliable-report`. -.review:rules:review-qa-blocking-report: - rules: - - when: always - -.review:rules:review-qa-all: - rules: - - <<: *if-dot-com-gitlab-org-merge-request - changes: *code-patterns - when: manual - allow_failure: true # manual jobs needs to be allowed to fail, otherwise they block the pipeline - - when: on_success - allow_failure: true - -# Since `review-qa-all` is allowed to fail (and potentially manual), we need to use `when: on_success` and `when: on_failure` for `review-qa-all-report`. -.review:rules:review-qa-all-report: - rules: - - when: on_success - - when: on_failure - -.review:rules:review-qa-cleanup: - rules: - - when: always - +# The following rules needs to be the same as the one for .review:rules:start-review-app-pipeline +# except that: +# - all rules have `when: manual` and `allow_failure: true` here .review:rules:review-cleanup: rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-revert + when: never + - <<: *if-merge-request-labels-run-review-app + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *ci-review-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *frontend-build-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *controllers-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *models-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *lib-gitlab-patterns + when: manual + allow_failure: true - <<: *if-dot-com-gitlab-org-merge-request + changes: *qa-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *code-patterns when: manual allow_failure: true - <<: *if-dot-com-gitlab-org-schedule @@ -1754,6 +1800,10 @@ when: never - <<: *if-default-branch-or-tag changes: *code-backstage-qa-patterns + - <<: *if-dot-com-gitlab-org-merge-request + changes: [".gitlab/ci/setup.gitlab-ci.yml"] + when: manual + allow_failure: true .setup:rules:dont-interrupt-me: rules: diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 17113b1245c..4f3111de2bf 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -3,16 +3,20 @@ cache gems: extends: - .default-retry - - .rails-cache + - .ruby-cache - .default-before_script - .setup:rules:cache-gems - stage: test - needs: ["setup-test-env"] + stage: prepare + needs: [] variables: - BUNDLE_INSTALL_FLAGS: --with=production --with=development --with=test --jobs=2 --path=vendor --retry=3 --quiet + BUNDLE_WITHOUT: "" + BUNDLE_WITH: "production:development:test" SETUP_DB: "false" script: - - bundle package --all --all-platforms + - echo -e "\e[0Ksection_start:`date +%s`:bundle-package[collapsed=true]\r\e[0KPackaging gems" + - bundle config set cache_all true + - run_timed_command "bundle package --all-platforms" + - echo -e "\e[0Ksection_end:`date +%s`:bundle-package\r\e[0K" artifacts: paths: - vendor/cache @@ -110,10 +114,13 @@ generate-frontend-fixtures-mapping: paths: - ${FRONTEND_FIXTURES_MAPPING_PATH} -.detect-test-base: +detect-tests: + extends: .rails:rules:detect-tests image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION} needs: [] stage: prepare + variables: + RSPEC_TESTS_MAPPING_ENABLED: "true" script: - source ./scripts/utils.sh - source ./scripts/rspec_helpers.sh @@ -123,42 +130,23 @@ generate-frontend-fixtures-mapping: - retrieve_frontend_fixtures_mapping - | if [ -n "$CI_MERGE_REQUEST_IID" ]; then - tooling/bin/find_changes ${CHANGES_FILE}; - tooling/bin/find_tests ${CHANGES_FILE} ${MATCHED_TESTS_FILE}; - tooling/bin/find_changes ${CHANGES_FILE} ${MATCHED_TESTS_FILE} ${FRONTEND_FIXTURES_MAPPING_PATH}; - echo "Changed files: $(cat $CHANGES_FILE)"; - echo "Related rspec tests: $(cat $MATCHED_TESTS_FILE)"; + mkdir -p $(dirname "$RSPEC_CHANGED_FILES_PATH") + tooling/bin/find_changes ${RSPEC_CHANGED_FILES_PATH}; + tooling/bin/find_tests ${RSPEC_CHANGED_FILES_PATH} ${RSPEC_MATCHING_TESTS_PATH}; + tooling/bin/find_changes ${RSPEC_CHANGED_FILES_PATH} ${RSPEC_MATCHING_TESTS_PATH} ${FRONTEND_FIXTURES_MAPPING_PATH}; + echo "Changed files: $(cat $RSPEC_CHANGED_FILES_PATH)"; + echo "Related rspec tests: $(cat $RSPEC_MATCHING_TESTS_PATH)"; fi artifacts: expire_in: 7d paths: - - ${CHANGES_FILE} - - ${MATCHED_TESTS_FILE} + - ${RSPEC_CHANGED_FILES_PATH} + - ${RSPEC_MATCHING_TESTS_PATH} - ${FRONTEND_FIXTURES_MAPPING_PATH} -detect-tests: - extends: - - .detect-test-base - - .rails:rules:detect-tests - variables: - RSPEC_TESTS_MAPPING_ENABLED: "true" - CHANGES_FILE: tmp/changed_files.txt - MATCHED_TESTS_FILE: tmp/matching_tests.txt - -detect-tests as-if-foss: - extends: - - .detect-test-base - - .rails:rules:detect-tests - - .as-if-foss - variables: - CHANGES_FILE: tmp/changed_foss_files.txt - MATCHED_TESTS_FILE: tmp/matching_foss_tests.txt - before_script: - - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' - detect-previous-failed-tests: extends: - - .detect-test-base + - detect-tests - .rails:rules:detect-previous-failed-tests variables: PREVIOUS_FAILED_TESTS_DIR: tmp/previous_failed_tests/ @@ -172,3 +160,23 @@ detect-previous-failed-tests: expire_in: 7d paths: - ${PREVIOUS_FAILED_TESTS_DIR} + +e2e-test-pipeline-generate: + extends: + - .qa-job-base + - .minimal-job + - .qa:rules:determine-e2e-tests + stage: prepare + variables: + ENV_FILE: $CI_PROJECT_DIR/qa_tests_vars.env + OMNIBUS_PIPELINE_YML: package-and-test-pipeline.yml + REVIEW_PIPELINE_YML: review-app-pipeline.yml + COLORIZED_LOGS: "true" + script: + - bundle exec rake "ci:detect_changes[$ENV_FILE]" + - cd $CI_PROJECT_DIR && scripts/generate-e2e-pipeline + artifacts: + expire_in: 1 day + paths: + - $OMNIBUS_PIPELINE_YML + - $REVIEW_PIPELINE_YML diff --git a/.gitlab/ci/static-analysis.gitlab-ci.yml b/.gitlab/ci/static-analysis.gitlab-ci.yml index b4efd9e49bf..e845e7eb88b 100644 --- a/.gitlab/ci/static-analysis.gitlab-ci.yml +++ b/.gitlab/ci/static-analysis.gitlab-ci.yml @@ -19,13 +19,16 @@ update-static-analysis-cache: - .shared:rules:update-cache stage: prepare script: - - run_timed_command "bundle exec rubocop --parallel" # For the moment we only cache `tmp/rubocop_cache` so we don't need to run all the tasks. + # Silence cop offenses for rules with "grace period". + # This will notify Slack if offenses were silenced. + # For the moment we only cache `tmp/rubocop_cache` so we don't need to run all the tasks. + - run_timed_command "bundle exec rake rubocop:check:graceful" static-analysis: extends: - .static-analysis-base - .static-analysis-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:static-analysis parallel: 2 script: - run_timed_command "retry yarn install --frozen-lockfile" @@ -34,14 +37,14 @@ static-analysis: static-analysis as-if-foss: extends: - static-analysis - - .static-analysis:rules:as-if-foss + - .static-analysis:rules:static-analysis-as-if-foss - .as-if-foss static-verification-with-database: extends: - .static-analysis-base - .rubocop-job-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:static-verification-with-database - .use-pg12 script: - bundle exec rake lint:static_verification_with_database @@ -91,13 +94,13 @@ eslint as-if-foss: - .as-if-foss needs: ['generate-apollo-graphql-schema as-if-foss'] -haml-lint foss: +haml-lint: extends: - .static-analysis-base - .ruby-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:haml-lint script: - - run_timed_command "bin/rake 'haml_lint[app/views]'" + - run_timed_command "bundle exec haml-lint --parallel app/views" artifacts: expire_in: 31d when: always @@ -106,23 +109,37 @@ haml-lint foss: haml-lint ee: extends: - - "haml-lint foss" - - .static-analysis:rules:ee + - "haml-lint" + - .static-analysis:rules:haml-lint-ee script: - - run_timed_command "bin/rake 'haml_lint[ee/app/views]'" + - run_timed_command "bundle exec haml-lint --parallel ee/app/views" rubocop: extends: - .static-analysis-base - .rubocop-job-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:rubocop + needs: + - job: detect-tests + optional: true script: - - run_timed_command "bundle exec rubocop --parallel" + - | + # For non-merge request, or when RUN_ALL_RUBOCOP is 'true', run all RuboCop rules + if [ -z "${CI_MERGE_REQUEST_IID}" ] || [ "${RUN_ALL_RUBOCOP}" == "true" ]; then + # Silence cop offenses for rules with "grace period". + # We won't notify Slack if offenses were silenced to avoid frequent messages. + # Job `update-static-analysis-cache` takes care of Slack notifications every 2 hours. + unset CI_SLACK_WEBHOOK_URL + run_timed_command "bundle exec rake rubocop:check:graceful" + else + cat ${RSPEC_CHANGED_FILES_PATH} | ruby -e 'puts $stdin.read.split(" ").select { |f| File.exist?(f) }.join(" ")' > tmp/rubocop_target_files.txt + run_timed_command "bundle exec rubocop --parallel --force-exclusion $(cat tmp/rubocop_target_files.txt)" + fi qa:metadata-lint: extends: - .static-analysis-base - - .static-analysis:rules:ee-and-foss-qa + - .static-analysis:rules:qa:metadata-lint before_script: - !reference [.default-before_script, before_script] - cd qa/ @@ -149,7 +166,7 @@ feature-flags-usage: extends: - .static-analysis-base - .rubocop-job-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:rubocop script: # We need to disable the cache for this cop since it creates files under tmp/feature_flags/*.used, # the cache would prevent these files from being created. diff --git a/.gitlab/ci/vendored-gems.gitlab-ci.yml b/.gitlab/ci/vendored-gems.gitlab-ci.yml index 4408a6e4624..577bd37ca9e 100644 --- a/.gitlab/ci/vendored-gems.gitlab-ci.yml +++ b/.gitlab/ci/vendored-gems.gitlab-ci.yml @@ -6,6 +6,14 @@ vendor mail-smtp_pool: include: vendor/gems/mail-smtp_pool/.gitlab-ci.yml strategy: depend +vendor microsoft_graph_mailer: + extends: + - .vendor:rules:microsoft_graph_mailer + needs: [] + trigger: + include: vendor/gems/microsoft_graph_mailer/.gitlab-ci.yml + strategy: depend + vendor ipynbdiff: extends: - .vendor:rules:ipynbdiff @@ -46,6 +54,22 @@ vendor omniauth-gitlab: include: vendor/gems/omniauth-gitlab/.gitlab-ci.yml strategy: depend +vendor omniauth-google-oauth2: + extends: + - .vendor:rules:omniauth-google-oauth2 + needs: [] + trigger: + include: vendor/gems/omniauth-google-oauth2/.gitlab-ci.yml + strategy: depend + +vendor omniauth-salesforce: + extends: + - .vendor:rules:omniauth-salesforce + needs: [] + trigger: + include: vendor/gems/omniauth-salesforce/.gitlab-ci.yml + strategy: depend + vendor devise-pbkdf2-encryptable: extends: - .vendor:rules:devise-pbkdf2-encryptable @@ -53,3 +77,11 @@ vendor devise-pbkdf2-encryptable: trigger: include: vendor/gems/devise-pbkdf2-encryptable/.gitlab-ci.yml strategy: depend + +vendor bundler-checksum: + extends: + - .vendor:rules:bundler-checksum + needs: [] + trigger: + include: vendor/gems/bundler-checksum/.gitlab-ci.yml + strategy: depend diff --git a/.gitlab/ci/workhorse.gitlab-ci.yml b/.gitlab/ci/workhorse.gitlab-ci.yml index ade2f65441f..efd37b2247b 100644 --- a/.gitlab/ci/workhorse.gitlab-ci.yml +++ b/.gitlab/ci/workhorse.gitlab-ci.yml @@ -9,23 +9,38 @@ workhorse:verify: .workhorse:test: extends: .workhorse:rules:workhorse + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-golang-${GO_VERSION}:git-2.36 variables: GITALY_ADDRESS: "tcp://127.0.0.1:8075" + GO_VERSION: "1.17" stage: test needs: - setup-test-env - script: + before_script: - go version - apt-get update && apt-get -y install libimage-exiftool-perl - scripts/gitaly-test-build + script: - make -C workhorse test -workhorse:test using go 1.17: +workhorse:test go: extends: .workhorse:test - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-golang-1.17-git-2.31 + parallel: + matrix: + - GO_VERSION: ["1.17", "1.18"] + script: + - make -C workhorse test-coverage + coverage: '/\d+.\d+%/' + artifacts: + paths: + - workhorse/coverage.html -workhorse:test using go 1.17 with FIPS: +workhorse:test fips: extends: .workhorse:test variables: WORKHORSE_TEST_FIPS_ENABLED: 1 - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-golang-1.17-git-2.31 + +workhorse:test race: + extends: .workhorse:test + script: + - make -C workhorse test-race |