diff options
Diffstat (limited to '.gitlab')
-rw-r--r-- | .gitlab/ci/prepare.yml | 48 | ||||
-rw-r--r-- | .gitlab/ci/test.yml | 72 |
2 files changed, 120 insertions, 0 deletions
diff --git a/.gitlab/ci/prepare.yml b/.gitlab/ci/prepare.yml new file mode 100644 index 00000000..33082984 --- /dev/null +++ b/.gitlab/ci/prepare.yml @@ -0,0 +1,48 @@ +include: + - template: Security/License-Scanning.gitlab-ci.yml + - template: Security/SAST.gitlab-ci.yml + - template: Security/Dependency-Scanning.gitlab-ci.yml + +# workflow rules are not extended by scanner jobs +# TODO: remove when https://gitlab.com/gitlab-org/gitlab/-/issues/218444 is done +.rules-for-scanners: + stage: prepare + rules: + # For merge requests, create a pipeline. + - if: '$CI_MERGE_REQUEST_IID' + # For `master` branch, create a pipeline (this includes on schedules, pushes, merges, etc.). + - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + # For tags, create a pipeline. + - if: '$CI_COMMIT_TAG' + # For stable, and security branches, create a pipeline. + - if: '$CI_COMMIT_BRANCH =~ /^[\d-]+-stable(-ee)?$/' + - if: '$CI_COMMIT_BRANCH =~ /^security\//' + +license_scanning: + variables: + LICENSE_MANAGEMENT_SETUP_CMD: go mod vendor + extends: .rules-for-scanners + +dependency_scanning: + extends: .rules-for-scanners + +# disable eslint-sast since html files are fixtures for testing +eslint-sast: + rules: + - when: never + +secrets-sast: + extends: .rules-for-scanners + +gosec-sast: + extends: .rules-for-scanners + +download deps: + extends: .go-mod-cache + stage: prepare + script: + - make deps-download + artifacts: + paths: + - go.mod + - go.sum diff --git a/.gitlab/ci/test.yml b/.gitlab/ci/test.yml new file mode 100644 index 00000000..8c4e757b --- /dev/null +++ b/.gitlab/ci/test.yml @@ -0,0 +1,72 @@ +.tests: + extends: .go-mod-cache + stage: test + tags: + - gitlab-org-docker + needs: ['download deps'] + script: + - echo "Running all tests without daemonizing..." + - make test + - echo "Running just the acceptance tests daemonized (tmpdir)...." + - TEST_DAEMONIZE=tmpdir make acceptance + - echo "Running just the acceptance tests daemonized (inplace)...." + - TEST_DAEMONIZE=inplace make acceptance + artifacts: + paths: + - bin/gitlab-pages + +test:1.13: + extends: .tests + image: golang:1.13 + +test:1.14: + extends: .tests + image: golang:1.14 + +race: + extends: .go-mod-cache + stage: test + needs: ['download deps'] + tags: + - gitlab-org-docker + script: + - echo "Running race detector" + - make race + +cover: + stage: test + extends: .go-mod-cache + needs: ['download deps'] + script: + - make setup + - make generate-mocks + - make cover + coverage: '/total:.+\(statements\).+\d+\.\d+/' + artifacts: + paths: + - coverage.html + +code_quality: + stage: test + extends: .go-mod-cache + needs: ['download deps'] + image: golangci/golangci-lint:v1.27.0 + variables: + REPORT_FILE: gl-code-quality-report.json + LINT_FLAGS: "--color never --deadline 15m" + OUT_FORMAT: code-climate + script: + - golangci-lint run ./... --out-format ${OUT_FORMAT} ${LINT_FLAGS} | tee ${REPORT_FILE} + timeout: 15 minutes + artifacts: + reports: + codequality: ${REPORT_FILE} + paths: + - ${REPORT_FILE} + +check deps: + stage: test + extends: .go-mod-cache + needs: ['download deps'] + script: + - make deps-check |