This repository has been archived by the owner on Jan 27, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
121 lines (110 loc) · 3.02 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
stages:
- test
- build
variables:
POSTGRES_DB: database_name
audit:
stage: test
image: ruby:2.5.1-alpine
script:
- gem install bundle-audit
- bundle audit check --update
sast:
stage: test
image: docker:stable
variables:
DOCKER_DRIVER: overlay2
allow_failure: true
services:
- docker:stable-dind
script:
- export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
- docker run
--env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
--volume "$PWD:/code"
--volume /var/run/docker.sock:/var/run/docker.sock
"registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
artifacts:
paths: [gl-sast-report.json]
code_quality:
stage: test
image: docker:stable
variables:
DOCKER_DRIVER: overlay2
allow_failure: true
services:
- docker:stable-dind
script:
- export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
- docker run
--env SOURCE_CODE="$PWD"
--volume "$PWD":/code
--volume /var/run/docker.sock:/var/run/docker.sock
"registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
artifacts:
reports:
codequality: gl-code-quality-report.json
test:
image: "registry.gitlab.com/prismosuite/base-images:test"
stage: test
services:
- redis:latest
- postgres:latest
variables:
DATABASE_URL: "postgresql://postgres:postgres@postgres:5432/$POSTGRES_DB"
REDIS_URL: redis://redis
script:
- export RAILS_ENV=test
- export SECRET_KEY_BASE=test
# Dependencies
- yarn install
- bundle install -j $(nproc) --path vendor
# Setup database
- bundle exec rails db:create || true
- bundle exec rake db:structure:load
# Run specs
- bundle exec rspec --exclude-pattern "spec/features/**/*"
- bundle exec rspec --pattern "spec/features/**/*.rb"
- cat log/bullet.log 2>/dev/null
cache:
paths:
- vendor/ruby
- node_modules
artifacts:
paths:
- tmp/capybara
build-latest-stable:
stage: build
image: docker:stable
services:
- docker:dind
script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
- docker build --pull -t "$CI_REGISTRY_IMAGE:latest-stable" .
- docker push "$CI_REGISTRY_IMAGE:latest-stable"
only:
- master
build-latest:
stage: build
image: docker:stable
services:
- docker:dind
script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
- docker build --pull -t "$CI_REGISTRY_IMAGE:latest" .
- docker push "$CI_REGISTRY_IMAGE:latest"
only:
- dev
build-release:
stage: build
image: docker:stable
services:
- docker:dind
script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
- docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_BUILD_REF_NAME" .
- docker push "$CI_REGISTRY_IMAGE:$CI_BUILD_REF_NAME"
only:
- /^v.*$/
except:
- branches