-
Notifications
You must be signed in to change notification settings - Fork 87
/
.gitlab-ci.yml
105 lines (97 loc) · 3.28 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
variables:
GIT_STRATEGY: fetch
GIT_SUBMODULE_STRATEGY: recursive
IMAGE_REDEMPTION_ANALYZE: redemption-analyze
TESTDIR: test_tmpdir
stages:
- build-docker-images
- build
build-analyze-image:
stage: build-docker-images
image: docker.io/docker:19.03
variables:
BUILD_ANALYZE_PATH: builder/analyze/
script:
# DOCKER_AUTH_CONFIG only works when pulling images from private repo for jobs...
- echo "${WAB_PROXIES_NEXUS_TOKEN}" | docker login -u "${WAB_PROXIES_NEXUS_USER}" "${NEXUS_WAB_PROXIES_URL}" --password-stdin
- docker build -t ${IMAGE_REDEMPTION_ANALYZE} -f ${BUILD_ANALYZE_PATH}/Dockerfile ${BUILD_ANALYZE_PATH}
- docker tag ${IMAGE_REDEMPTION_ANALYZE} ${NEXUS_WAB_PROXIES_URL}/${IMAGE_REDEMPTION_ANALYZE}
- docker push ${NEXUS_WAB_PROXIES_URL}/${IMAGE_REDEMPTION_ANALYZE}
when: manual
branch-pages:
stage: build
rules:
- if: $CI_COMMIT_BRANCH =~ /^maintenance_bastion_/
when: on_success
- if: $CI_COMMIT_BRANCH == "future"
when: on_success
- when: never
image: ${NEXUS_WAB_PROXIES_URL}/${IMAGE_REDEMPTION_ANALYZE}
variables:
GITLAB_REMOTE: ci
GIT_BRANCH: pages
script:
- mkdir "tmp"
- tools/conf_migration_tool/rdp_conf_migrate.py --dump=json > tmp/migrate.json
- cp projects/redemption_configs/autogen/doc/*.json docs/theme/*.png tmp
- cp projects/redemption_configs/pages/config.html tmp/index.html
- git config user.email "cipipeline@wallix.com"
- git config user.name "CI Pipeline"
- git remote remove "${GITLAB_REMOTE}" || true
- git remote add "${GITLAB_REMOTE}" "https://${PAGES_ACCESS_NAME}:${PAGES_ACCESS_TOKEN}@gitlab.corp.wallix.com/git/redemption.git"
- git fetch "${GITLAB_REMOTE}"
- git switch "${GIT_BRANCH}" || git checkout -b "${GIT_BRANCH}" "${GITLAB_REMOTE}/${GIT_BRANCH}"
- rm -rf "public/${CI_COMMIT_BRANCH}"
- mkdir -p "public"
- mv "tmp" "public/${CI_COMMIT_BRANCH}"
- git add "public/${CI_COMMIT_BRANCH}"
- if git commit -m "Update page from ${CI_COMMIT_BRANCH} ${CI_COMMIT_SHORT_SHA}"; then
- git push "${GITLAB_REMOTE}" "${GIT_BRANCH}"
- fi
build-analyze:
stage: build
needs: []
rules:
- if: $CI_COMMIT_TAG
when: never
- when: on_success
variables:
GIT_SUBMODULE_STRATEGY: recursive
image: ${NEXUS_WAB_PROXIES_URL}/${IMAGE_REDEMPTION_ANALYZE}
script:
- mkdir -p "$TESTDIR"
- TMPDIR_TEST="$TESTDIR" ./tools/gitlab-analyze.sh full
artifacts:
when: always
paths:
- report.txt
- clang_tidy_report.txt
- gcovr_report.xml
- valgrind_reports/
- ruff_report.txt
- py_coverage.xml
- "$TESTDIR"
timeout: 2h 30m
sonarqube-check:
stage: build
needs: [build-analyze]
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
when: on_success
- if: $CI_COMMIT_BRANCH == "future"
when: on_success
- when: never
image:
name: sonarsource/sonar-scanner-cli:latest
entrypoint: [""]
variables:
GIT_SUBMODULE_STRATEGY: normal
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
cache:
key: "${CI_JOB_NAME}"
paths:
- .sonar/cache
script:
- sonar-scanner
allow_failure: true