...@@ -10,9 +10,6 @@ globals: ...@@ -10,9 +10,6 @@ globals:
localStorage: false localStorage: false
IS_EE: false IS_EE: false
plugins: plugins:
- import
- "@gitlab/i18n"
- "@gitlab/vue-i18n"
- no-jquery - no-jquery
settings: settings:
import/resolver: import/resolver:
...@@ -51,8 +48,10 @@ rules: ...@@ -51,8 +48,10 @@ rules:
no-jquery/no-serialize: error no-jquery/no-serialize: error
promise/always-return: off promise/always-return: off
promise/no-callback-in-promise: off promise/no-callback-in-promise: off
# Make update to eslint@6 smoother:
prefer-object-spread: off
overrides: overrides:
files: - files:
- '**/spec/**/*' - '**/spec/**/*'
rules: rules:
"@gitlab/i18n/no-non-i18n-strings": off "@gitlab/i18n/no-non-i18n-strings": off
...@@ -83,7 +83,9 @@ package-lock.json ...@@ -83,7 +83,9 @@ package-lock.json
jsdoc/ jsdoc/
**/tmp/rubocop_cache/** **/tmp/rubocop_cache/**
.overcommit.yml .overcommit.yml
.overcommit.yml.backup
.projections.json .projections.json
/qa/.rakeTasks /qa/.rakeTasks
webpack-dev-server.json webpack-dev-server.json
/.nvimrc /.nvimrc
.solargraph.yml
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.16-postgresql-9.6-graphicsmagick-1.3.33" image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-9.6-graphicsmagick-1.3.34"
stages: stages:
- sync - sync
- prepare - prepare
- quick-test
- test - test
- post-test - post-test
- review-prepare - review-prepare
...@@ -25,9 +24,6 @@ variables: ...@@ -25,9 +24,6 @@ variables:
ES_JAVA_OPTS: "-Xms256m -Xmx256m" ES_JAVA_OPTS: "-Xms256m -Xmx256m"
ELASTIC_URL: "http://elastic:changeme@elasticsearch:9200" ELASTIC_URL: "http://elastic:changeme@elasticsearch:9200"
after_script:
- date
include: include:
- local: .gitlab/ci/cache-repo.gitlab-ci.yml - local: .gitlab/ci/cache-repo.gitlab-ci.yml
- local: .gitlab/ci/cng.gitlab-ci.yml - local: .gitlab/ci/cng.gitlab-ci.yml
...@@ -40,6 +36,7 @@ include: ...@@ -40,6 +36,7 @@ include:
- local: .gitlab/ci/reports.gitlab-ci.yml - local: .gitlab/ci/reports.gitlab-ci.yml
- local: .gitlab/ci/rails.gitlab-ci.yml - local: .gitlab/ci/rails.gitlab-ci.yml
- local: .gitlab/ci/review.gitlab-ci.yml - local: .gitlab/ci/review.gitlab-ci.yml
- local: .gitlab/ci/rules.gitlab-ci.yml
- local: .gitlab/ci/setup.gitlab-ci.yml - local: .gitlab/ci/setup.gitlab-ci.yml
- local: .gitlab/ci/dev-fixtures.gitlab-ci.yml - local: .gitlab/ci/dev-fixtures.gitlab-ci.yml
- local: .gitlab/ci/test-metadata.gitlab-ci.yml - local: .gitlab/ci/test-metadata.gitlab-ci.yml
... ...
......
# When adding a group as a code owner, make sure to invite the group to the
# project here: https://gitlab.com/gitlab-org/gitlab/-/project_members
# As described in https://docs.gitlab.com/ee/user/project/code_owners.html
# Backend Maintainers are the default for all ruby files # Backend Maintainers are the default for all ruby files
*.rb @gitlab-org/maintainers/rails-backend *.rb @gitlab-org/maintainers/rails-backend
*.rake @gitlab-org/maintainers/rails-backend *.rake @gitlab-org/maintainers/rails-backend
# Technical writing team are the default reviewers for everything in `doc/` # Technical writing team are the default reviewers for all markdown docs
*.md @gl-docsteam *.md @gl-docsteam
doc/ @gl-docsteam
# Frontend maintainers should see everything in `app/assets/` # Frontend maintainers should see everything in `app/assets/`
app/assets/ @gitlab-org/maintainers/frontend app/assets/ @gitlab-org/maintainers/frontend
...@@ -29,10 +32,17 @@ lib/gitlab/github_import/ @gitlab-org/maintainers/database ...@@ -29,10 +32,17 @@ lib/gitlab/github_import/ @gitlab-org/maintainers/database
/ee/app/models/project_alias.rb @patrickbajao /ee/app/models/project_alias.rb @patrickbajao
/ee/lib/api/project_aliases.rb @patrickbajao /ee/lib/api/project_aliases.rb @patrickbajao
# Quality owned files
/qa/ @gl-quality
# Engineering Productivity owned files # Engineering Productivity owned files
/.gitlab-ci.yml @gl-quality/eng-prod /.gitlab-ci.yml @gl-quality/eng-prod
/.gitlab/ci/ @gl-quality/eng-prod /.gitlab/ci/ @gl-quality/eng-prod
/.gitlab/CODEOWNERS @gl-quality/eng-prod
Dangerfile @gl-quality/eng-prod Dangerfile @gl-quality/eng-prod
/danger/ @gl-quality/eng-prod /danger/ @gl-quality/eng-prod
/lib/gitlab/danger/ @gl-quality/eng-prod /lib/gitlab/danger/ @gl-quality/eng-prod
/scripts/ @gl-quality/eng-prod /scripts/ @gl-quality/eng-prod
# Delivery owner files
/.gitlab/ci/releases.gitlab-ci.yml @gitlab-org/delivery
...@@ -18,6 +18,7 @@ ...@@ -18,6 +18,7 @@
# runner, or network egress charges will apply: # runner, or network egress charges will apply:
# https://cloud.google.com/storage/pricing # https://cloud.google.com/storage/pricing
cache-repo: cache-repo:
extends: .cache-repo:rules
image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
stage: sync stage: sync
allow_failure: true allow_failure: true
...@@ -30,11 +31,7 @@ cache-repo: ...@@ -30,11 +31,7 @@ cache-repo:
- git clone --progress $CI_REPOSITORY_URL $CI_PROJECT_NAME - git clone --progress $CI_REPOSITORY_URL $CI_PROJECT_NAME
- cd $CI_PROJECT_NAME - cd $CI_PROJECT_NAME
- gcloud auth activate-service-account --key-file=$CI_REPO_CACHE_CREDENTIALS - gcloud auth activate-service-account --key-file=$CI_REPO_CACHE_CREDENTIALS
- git remote rm origin
- tar cf $TAR_FILENAME . - tar cf $TAR_FILENAME .
- gzip $TAR_FILENAME - gzip $TAR_FILENAME
- gsutil cp $TAR_FILENAME.gz gs://gitlab-ci-git-repo-cache/project-$CI_PROJECT_ID/gitlab-master.tar.gz - gsutil cp $TAR_FILENAME.gz gs://gitlab-ci-git-repo-cache/project-$CI_PROJECT_ID/gitlab-master.tar.gz
only:
variables:
- $CI_REPO_CACHE_CREDENTIALS
refs:
- schedules
cloud-native-image: cloud-native-image:
extends: .only:variables-canonical-dot-com extends: .cng:rules
image: ruby:2.6-alpine image: ruby:2.6-alpine
dependencies: [] dependencies: []
stage: post-test stage: post-test
allow_failure: true allow_failure: true
variables: variables:
GIT_DEPTH: "1" GIT_DEPTH: "1"
when: manual
script: script:
- install_gitlab_gem - install_gitlab_gem
- CNG_PROJECT_PATH="gitlab-org/build/CNG" BUILD_TRIGGER_TOKEN=$CI_JOB_TOKEN ./scripts/trigger-build cng - CNG_PROJECT_PATH="gitlab-org/build/CNG" BUILD_TRIGGER_TOKEN=$CI_JOB_TOKEN ./scripts/trigger-build cng
only:
refs:
- tags
.run-dev-fixtures: .run-dev-fixtures:
extends: extends:
- .only-code-rails-job-base - .default-tags
- .default-retry
- .default-cache
- .default-before_script
- .use-pg9 - .use-pg9
stage: test stage: test
needs: ["setup-test-env"] needs: ["setup-test-env"]
...@@ -13,17 +16,19 @@ ...@@ -13,17 +16,19 @@
SIZE: 0 # number of external projects to fork, requires network connection SIZE: 0 # number of external projects to fork, requires network connection
# SEED_NESTED_GROUPS: "false" # requires network connection # SEED_NESTED_GROUPS: "false" # requires network connection
run-dev-fixtures-foss: run-dev-fixtures:
extends: .run-dev-fixtures extends:
- .run-dev-fixtures
- .dev-fixtures:rules:ee-and-foss
script: script:
- scripts/gitaly-test-spawn - scripts/gitaly-test-spawn
- RAILS_ENV=test bundle exec rake db:seed_fu - RAILS_ENV=test bundle exec rake db:seed_fu
run-dev-fixtures-ee: run-dev-fixtures-ee:
extends: extends:
- .only-ee
- .use-pg9-ee
- .run-dev-fixtures - .run-dev-fixtures
- .dev-fixtures:rules:ee-only
- .use-pg9-ee
script: script:
- scripts/gitaly-test-spawn - scripts/gitaly-test-spawn
- cp ee/db/fixtures/development/* $FIXTURE_PATH - cp ee/db/fixtures/development/* $FIXTURE_PATH
... ...
......
...@@ -2,11 +2,8 @@ ...@@ -2,11 +2,8 @@
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .only:variables-canonical-dot-com - .docs:rules:review-docs
- .only:changes-docs allow_failure: true
only:
refs:
- merge_requests
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: review stage: review
dependencies: [] dependencies: []
...@@ -32,7 +29,6 @@ review-docs-deploy: ...@@ -32,7 +29,6 @@ review-docs-deploy:
extends: .review-docs extends: .review-docs
script: script:
- ./scripts/trigger-build-docs deploy - ./scripts/trigger-build-docs deploy
when: manual
# Cleanup remote environment of gitlab-docs # Cleanup remote environment of gitlab-docs
review-docs-cleanup: review-docs-cleanup:
...@@ -42,14 +38,12 @@ review-docs-cleanup: ...@@ -42,14 +38,12 @@ review-docs-cleanup:
action: stop action: stop
script: script:
- ./scripts/trigger-build-docs cleanup - ./scripts/trigger-build-docs cleanup
when: manual
docs lint: docs lint:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .docs:rules:docs-lint
- .only:changes-docs
image: "registry.gitlab.com/gitlab-org/gitlab-docs:docs-lint" image: "registry.gitlab.com/gitlab-org/gitlab-docs:docs-lint"
stage: test stage: test
dependencies: [] dependencies: []
...@@ -69,13 +63,11 @@ docs lint: ...@@ -69,13 +63,11 @@ docs lint:
graphql-reference-verify: graphql-reference-verify:
extends: extends:
- .only-ee
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only
- .default-before_script - .default-before_script
- .only:changes-code-backstage-qa - .docs:rules:graphql-reference-verify
- .use-pg9 - .use-pg9
stage: test stage: test
needs: ["setup-test-env"] needs: ["setup-test-env"]
... ...
......
# Make sure to update all the similar conditions in other CI config files if you modify these conditions
.if-default: &if-default
if: '$CI_COMMIT_REF_NAME == "master" || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_MERGE_REQUEST_IID || $CI_COMMIT_TAG'
# Make sure to update all the similar conditions in other CI config files if you modify these conditions
.if-default-ee: &if-default-ee
if: '($CI_COMMIT_REF_NAME == "master" || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_MERGE_REQUEST_IID || $CI_COMMIT_TAG) && $CI_PROJECT_NAME =~ /^gitlab(-ee)?$/'
# Make sure to update all the similar conditions in other CI config files if you modify these conditions
.if-master: &if-master
if: '$CI_COMMIT_REF_NAME == "master"'
# Make sure to update all the similar patterns in other CI config files if you modify these patterns
.code-backstage-patterns: &code-backstage-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# Backstage changes
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file
.assets-compile-cache: .assets-compile-cache:
cache: cache:
paths: paths:
...@@ -46,11 +11,9 @@ ...@@ -46,11 +11,9 @@
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only
- .default-before_script - .default-before_script
- .assets-compile-cache - .assets-compile-cache
- .only:changes-code-backstage-qa image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-graphicsmagick-1.3.34-docker-19.03.1
image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.16-graphicsmagick-1.3.33-docker-19.03.1
stage: prepare stage: prepare
services: services:
- docker:19.03.0-dind - docker:19.03.0-dind
...@@ -65,7 +28,7 @@ ...@@ -65,7 +28,7 @@
DOCKER_DRIVER: overlay2 DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375 DOCKER_HOST: tcp://docker:2375
cache: cache:
key: "assets-compile:production:vendor_ruby:.yarn-cache:tmp_cache_assets_sprockets:tmp_cache_webpack:v7" key: "assets-compile:production:vendor_ruby:.yarn-cache:tmp_cache_assets_sprockets:tmp_cache_webpack:v9"
artifacts: artifacts:
name: webpack-report name: webpack-report
expire_in: 31d expire_in: 31d
...@@ -80,24 +43,21 @@ ...@@ -80,24 +43,21 @@
- time scripts/build_assets_image - time scripts/build_assets_image
- scripts/clean-old-cached-assets - scripts/clean-old-cached-assets
- rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here - rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here
only:
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/)/ # Matches the gitlab-org group and its subgroups
- $CI_SERVER_HOST == "dev.gitlab.org"
tags: tags:
- gitlab-org - gitlab-org
- docker - docker
gitlab:assets:compile pull-push-cache: gitlab:assets:compile pull-push-cache:
extends: .gitlab:assets:compile-metadata extends:
only: - .gitlab:assets:compile-metadata
refs: - .frontend:rules:gitlab-assets-compile-pull-push-cache
- master
cache: cache:
policy: pull-push policy: pull-push
gitlab:assets:compile pull-cache: gitlab:assets:compile pull-cache:
extends: .gitlab:assets:compile-metadata extends:
- .gitlab:assets:compile-metadata
- .frontend:rules:gitlab-assets-compile-pull-cache
cache: cache:
policy: pull policy: pull
...@@ -105,10 +65,8 @@ gitlab:assets:compile pull-cache: ...@@ -105,10 +65,8 @@ gitlab:assets:compile pull-cache:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only
- .default-before_script - .default-before_script
- .assets-compile-cache - .assets-compile-cache
- .only:changes-code-backstage-qa
stage: prepare stage: prepare
script: script:
- node --version - node --version
...@@ -121,7 +79,7 @@ gitlab:assets:compile pull-cache: ...@@ -121,7 +79,7 @@ gitlab:assets:compile pull-cache:
# we override the max_old_space_size to prevent OOM errors # we override the max_old_space_size to prevent OOM errors
NODE_OPTIONS: --max_old_space_size=3584 NODE_OPTIONS: --max_old_space_size=3584
cache: cache:
key: "assets-compile:v8" key: "assets-compile:v9"
artifacts: artifacts:
expire_in: 7d expire_in: 7d
paths: paths:
...@@ -129,47 +87,49 @@ gitlab:assets:compile pull-cache: ...@@ -129,47 +87,49 @@ gitlab:assets:compile pull-cache:
- public/assets - public/assets
compile-assets pull-push-cache: compile-assets pull-push-cache:
extends: .compile-assets-metadata extends:
only: - .compile-assets-metadata
refs: - .frontend:rules:compile-assets-pull-push-cache
- master
cache: cache:
policy: pull-push policy: pull-push
compile-assets pull-push-cache foss: compile-assets pull-push-cache as-if-foss:
extends: [".compile-assets-metadata", ".only-ee-as-if-foss"] extends:
only: - .compile-assets-metadata
refs: - .frontend:rules:compile-assets-pull-push-cache-as-if-foss
- master - .as-if-foss
cache: cache:
policy: pull-push policy: pull-push
key: "assets-compile:v8:foss" key: "assets-compile:v9:foss"
compile-assets pull-cache: compile-assets pull-cache:
extends: .compile-assets-metadata extends:
- .compile-assets-metadata
- .frontend:rules:compile-assets-pull-cache
cache: cache:
policy: pull policy: pull
compile-assets pull-cache foss: compile-assets pull-cache as-if-foss:
extends: [".compile-assets-metadata", ".only-ee-as-if-foss"] extends:
- .compile-assets-metadata
- .frontend:rules:compile-assets-pull-cache-as-if-foss
- .as-if-foss
cache: cache:
policy: pull policy: pull
key: "assets-compile:v8:foss" key: "assets-compile:v9:foss"
.only-code-frontend-job-base: .frontend-job-base:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only
- .default-before_script - .default-before_script
- .only:changes-code-backstage
- .use-pg9 - .use-pg9
stage: test stage: test
needs: ["setup-test-env", "compile-assets pull-cache"] needs: ["setup-test-env", "compile-assets pull-cache"]
.karma-base: .karma-base:
extends: .only-code-frontend-job-base extends: .frontend-job-base
variables: variables:
# we override the max_old_space_size to prevent OOM errors # we override the max_old_space_size to prevent OOM errors
NODE_OPTIONS: --max_old_space_size=3584 NODE_OPTIONS: --max_old_space_size=3584
...@@ -181,7 +141,9 @@ compile-assets pull-cache foss: ...@@ -181,7 +141,9 @@ compile-assets pull-cache foss:
- bundle exec rake karma - bundle exec rake karma
karma: karma:
extends: .karma-base extends:
- .karma-base
- .frontend:rules:default-frontend-jobs
coverage: '/^Statements *: (\d+\.\d+%)/' coverage: '/^Statements *: (\d+\.\d+%)/'
artifacts: artifacts:
name: coverage-javascript name: coverage-javascript
...@@ -194,13 +156,14 @@ karma: ...@@ -194,13 +156,14 @@ karma:
reports: reports:
junit: junit_karma.xml junit: junit_karma.xml
karma-foss: karma-as-if-foss:
extends: extends:
- .karma-base - .karma-base
- .only-ee-as-if-foss - .frontend:rules:default-frontend-jobs-as-if-foss
- .as-if-foss
.jest-base: .jest-base:
extends: .only-code-frontend-job-base extends: .frontend-job-base
script: script:
- scripts/gitaly-test-spawn - scripts/gitaly-test-spawn
- date - date
...@@ -214,7 +177,9 @@ karma-foss: ...@@ -214,7 +177,9 @@ karma-foss:
policy: pull-push policy: pull-push
jest: jest:
extends: .jest-base extends:
- .jest-base
- .frontend:rules:default-frontend-jobs
artifacts: artifacts:
name: coverage-frontend name: coverage-frontend
expire_in: 31d expire_in: 31d
...@@ -226,10 +191,11 @@ jest: ...@@ -226,10 +191,11 @@ jest:
reports: reports:
junit: junit_jest.xml junit: junit_jest.xml
jest-foss: jest-as-if-foss:
extends: extends:
- .jest-base - .jest-base
- .only-ee-as-if-foss - .frontend:rules:default-frontend-jobs-as-if-foss
- .as-if-foss
cache: cache:
policy: pull policy: pull
...@@ -238,10 +204,8 @@ jest-foss: ...@@ -238,10 +204,8 @@ jest-foss:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-cache - .default-cache
- .frontend:rules:qa-frontend-node
stage: test stage: test
rules:
- <<: *if-master
when: on_success
dependencies: [] dependencies: []
cache: cache:
key: "$CI_JOB_NAME" key: "$CI_JOB_NAME"
...@@ -272,11 +236,8 @@ webpack-dev-server: ...@@ -272,11 +236,8 @@ webpack-dev-server:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-cache - .default-cache
- .frontend:rules:default-frontend-jobs
stage: test stage: test
rules:
- <<: *if-default
changes: *code-backstage-patterns
when: on_success
needs: ["setup-test-env", "compile-assets pull-cache"] needs: ["setup-test-env", "compile-assets pull-cache"]
variables: variables:
WEBPACK_MEMORY_TEST: "true" WEBPACK_MEMORY_TEST: "true"
... ...
......
...@@ -9,10 +9,13 @@ ...@@ -9,10 +9,13 @@
- unknown_failure - unknown_failure
- api_failure - api_failure
- runner_system_failure - runner_system_failure
- job_execution_timeout
- stuck_or_timeout_failure
.default-before_script: .default-before_script:
before_script: before_script:
- date - date
- '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb'
- export GOPATH=$CI_PROJECT_DIR/.go - export GOPATH=$CI_PROJECT_DIR/.go
- mkdir -p $GOPATH - mkdir -p $GOPATH
- source scripts/utils.sh - source scripts/utils.sh
...@@ -22,7 +25,7 @@ ...@@ -22,7 +25,7 @@
# Jobs that only need to pull cache # Jobs that only need to pull cache
.default-cache: .default-cache:
cache: cache:
key: "debian-stretch-ruby-2.6.5-node-12.x" key: "debian-stretch-ruby-2.6.5-pg9.6-node-12.x"
paths: paths:
- .go/pkg/mod - .go/pkg/mod
- vendor/ruby - vendor/ruby
...@@ -30,183 +33,18 @@ ...@@ -30,183 +33,18 @@
- vendor/gitaly-ruby - vendor/gitaly-ruby
policy: pull policy: pull
.default-only:
only:
refs:
- master
- /^[\d-]+-stable(-ee)?$/
- /^\d+-\d+-auto-deploy-\d+$/
- /^security\//
- merge_requests
- tags
.only:variables-canonical-dot-com:
only:
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/)/ # Matches the gitlab-org group or its subgroups
.only:variables_refs-canonical-dot-com-schedules:
extends: .only:variables-canonical-dot-com
only:
refs:
- schedules
.except:refs-deploy:
except:
refs:
- /^\d+-\d+-auto-deploy-\d+$/
.except:refs-master-tags-stable-deploy:
except:
refs:
- master
- tags
- /^[\d-]+-stable(-ee)?$/
- /^\d+-\d+-auto-deploy-\d+$/
.only:kubernetes:
only:
kubernetes: active
.only-review:
extends:
- .only:variables-canonical-dot-com
- .only:kubernetes
- .except:refs-master-tags-stable-deploy
.only-review-schedules:
extends:
- .only:variables_refs-canonical-dot-com-schedules
- .only:kubernetes
- .except:refs-deploy
.code-patterns: &code-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
.backstage-patterns: &backstage-patterns
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file
.qa-patterns: &qa-patterns
- ".dockerignore"
- "qa/**/*"
.docs-patterns: &docs-patterns
- ".gitlab/route-map.yml"
- "doc/**/*"
- ".markdownlint.json"
.only:changes-code:
only:
changes: *code-patterns
.only:changes-qa:
only:
changes: *qa-patterns
.only:changes-docs:
only:
changes: *docs-patterns
.only:changes-code-backstage:
only:
changes:
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# Backstage changes
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file
.only:changes-code-qa:
only:
changes:
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# QA changes
- ".dockerignore"
- "qa/**/*"
.only:changes-code-backstage-qa:
only:
changes:
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# Backstage changes
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file
# QA changes
- ".dockerignore"
- "qa/**/*"
.use-pg9: .use-pg9:
services: services:
- name: postgres:9.6 - name: postgres:9.6.17
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
- name: redis:alpine - name: redis:alpine
variables: variables:
POSTGRES_HOST_AUTH_METHOD: trust POSTGRES_HOST_AUTH_METHOD: trust
.use-pg10: .use-pg10:
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.16-postgresql-10-graphicsmagick-1.3.33" image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-10-graphicsmagick-1.3.34"
services: services:
- name: postgres:10.9 - name: postgres:10.12
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
- name: redis:alpine - name: redis:alpine
variables: variables:
...@@ -214,7 +52,7 @@ ...@@ -214,7 +52,7 @@
.use-pg9-ee: .use-pg9-ee:
services: services:
- name: postgres:9.6 - name: postgres:9.6.17
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
- name: redis:alpine - name: redis:alpine
- name: elasticsearch:6.4.2 - name: elasticsearch:6.4.2
...@@ -222,22 +60,15 @@ ...@@ -222,22 +60,15 @@
POSTGRES_HOST_AUTH_METHOD: trust POSTGRES_HOST_AUTH_METHOD: trust
.use-pg10-ee: .use-pg10-ee:
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.16-postgresql-10-graphicsmagick-1.3.33" image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-10-graphicsmagick-1.3.34"
services: services:
- name: postgres:10.9 - name: postgres:10.12
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
- name: redis:alpine - name: redis:alpine
- name: elasticsearch:6.4.2 - name: elasticsearch:6.4.2
variables: variables:
POSTGRES_HOST_AUTH_METHOD: trust POSTGRES_HOST_AUTH_METHOD: trust
.only-ee: .as-if-foss:
only:
variables:
- $CI_PROJECT_NAME == "gitlab"
- $CI_PROJECT_NAME == "gitlab-ee" # Support former project name for forks/mirrors
.only-ee-as-if-foss:
extends: .only-ee
variables: variables:
FOSS_ONLY: '1' FOSS_ONLY: '1'
...@@ -3,9 +3,8 @@ ...@@ -3,9 +3,8 @@
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only
- .default-before_script - .default-before_script
- .only:changes-code - .memory:rules
memory-static: memory-static:
extends: .only-code-memory-job-base extends: .only-code-memory-job-base
... ...
......
...@@ -3,12 +3,7 @@ pages: ...@@ -3,12 +3,7 @@ pages:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only - .pages:rules
- .only:variables-canonical-dot-com
- .only:changes-code-backstage-qa
only:
refs:
- master
stage: pages stage: pages
dependencies: ["coverage", "karma", "gitlab:assets:compile pull-cache"] dependencies: ["coverage", "karma", "gitlab:assets:compile pull-cache"]
script: script:
... ...
......
# Make sure to update all the similar conditions in other CI config files if you modify these conditions
.if-canonical-gitlab-schedule: &if-canonical-gitlab-schedule
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_PIPELINE_SOURCE == "schedule"'
# Make sure to update all the similar conditions in other CI config files if you modify these conditions
.if-canonical-gitlab-merge-request: &if-canonical-gitlab-merge-request
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_MERGE_REQUEST_IID'
# Make sure to update all the similar patterns in other CI config files if you modify these patterns
.code-patterns: &code-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# Make sure to update all the similar patterns in other CI config files if you modify these patterns
.qa-patterns: &qa-patterns
- ".dockerignore"
- "qa/**/*"
.qa-job-base: .qa-job-base:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only
- .only:changes-code-qa
stage: test stage: test
dependencies: [] dependencies: []
cache: cache:
...@@ -40,24 +9,38 @@ ...@@ -40,24 +9,38 @@
paths: paths:
- vendor/ruby - vendor/ruby
before_script: before_script:
- '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb'
- cd qa/ - cd qa/
- bundle install --clean --jobs=$(nproc) --path=vendor --retry=3 --quiet - bundle install --clean --jobs=$(nproc) --path=vendor --retry=3 --quiet
- bundle check - bundle check
qa:internal: qa:internal:
extends: .qa-job-base extends:
- .qa-job-base
- .qa:rules:ee-and-foss
script:
- bundle exec rspec
qa:internal-as-if-foss:
extends:
- .qa-job-base
- .qa:rules:ee-only
- .as-if-foss
script: script:
- bundle exec rspec - bundle exec rspec
qa:selectors: qa:selectors:
extends: .qa-job-base extends:
- .qa-job-base
- .qa:rules:ee-and-foss
script: script:
- bundle exec bin/qa Test::Sanity::Selectors - bundle exec bin/qa Test::Sanity::Selectors
qa:selectors-foss: qa:selectors-as-if-foss:
extends: extends:
- qa:selectors - qa:selectors
- .only-ee-as-if-foss - .qa:rules:ee-only
- .as-if-foss
.package-and-qa-base: .package-and-qa-base:
image: ruby:2.6-alpine image: ruby:2.6-alpine
...@@ -70,15 +53,8 @@ qa:selectors-foss: ...@@ -70,15 +53,8 @@ qa:selectors-foss:
- ./scripts/trigger-build omnibus - ./scripts/trigger-build omnibus
package-and-qa: package-and-qa:
extends: .package-and-qa-base extends:
rules: - .package-and-qa-base
- <<: *if-canonical-gitlab-merge-request - .qa:rules:package-and-qa
changes: *qa-patterns
when: on_success
- <<: *if-canonical-gitlab-merge-request
changes: *code-patterns
when: manual
- <<: *if-canonical-gitlab-schedule
when: on_success
needs: ["build-qa-image", "gitlab:assets:compile pull-cache"] needs: ["build-qa-image", "gitlab:assets:compile pull-cache"]
allow_failure: true allow_failure: true
.only-master: .rails:needs:setup-and-assets:
only: needs:
refs: - job: setup-test-env
- master artifacts: true
- job: compile-assets pull-cache
.rake-exec: artifacts: true
.rails-job-base:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only
- .default-before_script - .default-before_script
variables:
SETUP_DB: "false"
script:
- bundle exec rake $CI_JOB_NAME
.only-code-rails-job-base:
extends:
- .default-tags
- .default-retry
- .default-cache
- .default-only
- .default-before_script
- .only:changes-code-backstage
.only-code-qa-rails-job-base:
extends:
- .default-tags
- .default-retry
- .default-cache
- .default-only
- .default-before_script
- .only:changes-code-backstage-qa
####################
# ee and foss jobs #
setup-test-env: setup-test-env:
extends: extends:
- .only-code-qa-rails-job-base - .rails-job-base
- .rails:rules:default-refs-code-backstage-qa
- .use-pg9 - .use-pg9
stage: prepare stage: prepare
script: script:
...@@ -50,11 +32,45 @@ setup-test-env: ...@@ -50,11 +32,45 @@ setup-test-env:
cache: cache:
policy: pull-push policy: pull-push
static-analysis:
extends:
- .rails-job-base
- .rails:rules:default-refs-code-backstage-qa
- .rails:needs:setup-and-assets
stage: test
variables:
SETUP_DB: "false"
parallel: 2
script:
- scripts/static-analysis
cache:
key: "debian-stretch-ruby-2.6-pg9.6-rubocop"
paths:
- vendor/ruby
- tmp/rubocop_cache
policy: pull-push
downtime_check:
extends:
- .rails-job-base
- .rails:needs:setup-and-assets
- .rails:rules:downtime_check
stage: test
variables:
SETUP_DB: "false"
script:
- bundle exec rake downtime_check
.rspec-base: .rspec-base:
extends: .only-code-rails-job-base extends: .rails-job-base
stage: test stage: test
needs: ["setup-test-env", "retrieve-tests-metadata", "compile-assets pull-cache"] needs:
dependencies: ["setup-test-env", "retrieve-tests-metadata", "compile-assets pull-cache"] - job: setup-test-env
artifacts: true
- job: retrieve-tests-metadata
artifacts: true
- job: compile-assets pull-cache
artifacts: true
script: script:
- source scripts/rspec_helpers.sh - source scripts/rspec_helpers.sh
- rspec_paralellized_job "--tag ~quarantine --tag ~geo --tag ~level:migration" - rspec_paralellized_job "--tag ~quarantine --tag ~geo --tag ~level:migration"
...@@ -68,29 +84,26 @@ setup-test-env: ...@@ -68,29 +84,26 @@ setup-test-env:
- rspec_profiling/ - rspec_profiling/
- tmp/capybara/ - tmp/capybara/
- tmp/memory_test/ - tmp/memory_test/
- junit_rspec.xml
reports: reports:
junit: junit_rspec.xml junit: junit_rspec.xml
.rspec-base-foss: .rspec-base-quarantine:
extends: [".rspec-base", ".only-ee-as-if-foss"]
needs: ["setup-test-env", "retrieve-tests-metadata", "compile-assets pull-cache foss"]
dependencies: ["setup-test-env", "retrieve-tests-metadata", "compile-assets pull-cache foss"]
.rspec-base-pg9:
extends: extends:
- .rspec-base - .rspec-base
- .use-pg9 - .use-pg9
variables:
RSPEC_OPTS: "--tag quarantine -- spec/"
script:
- source scripts/rspec_helpers.sh
- rspec_simple_job "${RSPEC_OPTS}"
allow_failure: true
.rspec-base-pg9-foss: .rspec-base-pg9:
extends:
- .rspec-base-foss
- .use-pg9
.rspec-base-pg10:
extends: extends:
- .rspec-base - .rspec-base
- .use-pg10 - .rails:rules:ee-and-foss
- .only-master - .use-pg9
.rspec-base-migration: .rspec-base-migration:
script: script:
...@@ -101,202 +114,35 @@ rspec migration pg9: ...@@ -101,202 +114,35 @@ rspec migration pg9:
extends: extends:
- .rspec-base-pg9 - .rspec-base-pg9
- .rspec-base-migration - .rspec-base-migration
parallel: 4 parallel: 5
rspec migration pg9-foss:
extends:
- .rspec-base-pg9-foss
- .rspec-base-migration
parallel: 4
rspec unit pg9: rspec unit pg9:
extends: .rspec-base-pg9 extends: .rspec-base-pg9
parallel: 20 parallel: 20
rspec unit pg9-foss:
extends: .rspec-base-pg9-foss
parallel: 20
rspec integration pg9: rspec integration pg9:
extends: .rspec-base-pg9 extends: .rspec-base-pg9
parallel: 6 parallel: 8
rspec integration pg9-foss:
extends: .rspec-base-pg9-foss
parallel: 6
rspec system pg9: rspec system pg9:
extends: .rspec-base-pg9 extends: .rspec-base-pg9
parallel: 24 parallel: 24
rspec system pg9-foss:
extends: .rspec-base-pg9-foss
parallel: 24
rspec unit pg10:
extends: .rspec-base-pg10
parallel: 20
rspec integration pg10:
extends: .rspec-base-pg10
parallel: 6
rspec system pg10:
extends: .rspec-base-pg10
parallel: 24
.rspec-ee-base-pg9:
extends:
- .rspec-base
- .only-ee
- .use-pg9-ee
.rspec-ee-base-pg10:
extends:
- .rspec-base
- .only-ee
- .use-pg10-ee
rspec-ee migration pg9:
extends:
- .rspec-ee-base-pg9
- .rspec-base-migration
parallel: 2
rspec-ee unit pg9:
extends: .rspec-ee-base-pg9
parallel: 5
rspec-ee integration pg9:
extends: .rspec-ee-base-pg9
parallel: 3
rspec-ee system pg9:
extends: .rspec-ee-base-pg9
parallel: 5
rspec-ee migration pg10:
extends:
- .rspec-ee-base-pg10
- .rspec-base-migration
- .only-master
parallel: 2
rspec-ee unit pg10:
extends:
- .rspec-ee-base-pg10
- .only-master
parallel: 5
rspec-ee integration pg10:
extends:
- .rspec-ee-base-pg10
- .only-master
parallel: 3
rspec-ee system pg10:
extends:
- .rspec-ee-base-pg10
- .only-master
parallel: 5
.rspec-ee-base-geo:
extends:
- .rspec-base
- .only-ee
script:
- source scripts/rspec_helpers.sh
- scripts/prepare_postgres_fdw.sh
- rspec_paralellized_job "--tag ~quarantine --tag geo"
.rspec-ee-base-geo-pg9:
extends:
- .rspec-ee-base-geo
- .use-pg9-ee
.rspec-ee-base-geo-pg10:
extends:
- .rspec-ee-base-geo
- .use-pg10-ee
rspec-ee unit pg9 geo:
extends: .rspec-ee-base-geo-pg9
parallel: 2
rspec-ee integration pg9 geo:
extends: .rspec-ee-base-geo-pg9
rspec-ee system pg9 geo:
extends: .rspec-ee-base-geo-pg9
rspec-ee unit pg10 geo:
extends: .rspec-ee-base-geo-pg10
parallel: 2
rspec-ee integration pg10 geo:
extends: .rspec-ee-base-geo-pg10
rspec-ee system pg10 geo:
extends: .rspec-ee-base-geo-pg10
rspec quarantine pg9:
extends:
- .rspec-base-pg9
- .only-master
variables:
RSPEC_OPTS: "--tag quarantine -- spec/"
script:
- source scripts/rspec_helpers.sh
- rspec_simple_job "${RSPEC_OPTS}"
allow_failure: true
rspec-ee quarantine pg9:
extends:
- rspec quarantine pg9
- .only-ee
variables:
RSPEC_OPTS: "--tag quarantine -- ee/spec/"
rspec fast_spec_helper: rspec fast_spec_helper:
extends: .rspec-base-pg9 extends: .rspec-base-pg9
script: script:
- bin/rspec spec/fast_spec_helper.rb - bin/rspec spec/fast_spec_helper.rb
static-analysis:
extends: .only-code-qa-rails-job-base
stage: test
needs: ["setup-test-env", "compile-assets pull-cache"]
dependencies: ["setup-test-env", "compile-assets pull-cache"]
variables:
SETUP_DB: "false"
parallel: 2
script:
- scripts/static-analysis
cache:
key: "debian-stretch-ruby-2.6-and-rubocop"
paths:
- vendor/ruby
- tmp/rubocop_cache
policy: pull-push
downtime_check:
extends:
- .rake-exec
- .only:changes-code-backstage
- .except:refs-master-tags-stable-deploy
stage: test
needs: ["setup-test-env"]
dependencies: ["setup-test-env"]
.db-job-base: .db-job-base:
extends: extends:
- .only-code-rails-job-base - .rails-job-base
- .rails:rules:ee-and-foss
- .use-pg9 - .use-pg9
stage: test stage: test
needs: ["setup-test-env"] needs:
dependencies: ["setup-test-env"] - job: setup-test-env
artifacts: true
# DB migration, rollback, and seed jobs
db:migrate:reset: db:migrate:reset:
extends: .db-job-base extends: .db-job-base
script: script:
...@@ -357,12 +203,14 @@ gitlab:setup: ...@@ -357,12 +203,14 @@ gitlab:setup:
- log/development.log - log/development.log
coverage: coverage:
extends: .only-code-rails-job-base extends:
cache: - .rails-job-base
policy: pull - .rails:rules:ee-and-foss
stage: post-test
variables: variables:
SETUP_DB: "false" SETUP_DB: "false"
stage: post-test cache:
policy: pull
script: script:
- bundle exec scripts/merge-simplecov - bundle exec scripts/merge-simplecov
- bundle exec scripts/gather-test-memory-data - bundle exec scripts/gather-test-memory-data
...@@ -374,11 +222,181 @@ coverage: ...@@ -374,11 +222,181 @@ coverage:
- coverage/index.html - coverage/index.html
- coverage/assets/ - coverage/assets/
- tmp/memory_test/ - tmp/memory_test/
# ee and foss jobs #
####################
####################
# master-only jobs #
rspec quarantine pg9:
extends:
- .rspec-base-quarantine
- .rails:rules:master-refs-code-backstage
.rspec-base-pg10:
extends:
- .rspec-base
- .rails:rules:master-refs-code-backstage
- .use-pg10
rspec unit pg10:
extends: .rspec-base-pg10
parallel: 20
rspec integration pg10:
extends: .rspec-base-pg10
parallel: 8
rspec system pg10:
extends: .rspec-base-pg10
parallel: 24
# master-only jobs #
####################
#########################
# ee + master-only jobs #
rspec-ee quarantine pg9:
extends:
- .rspec-base-quarantine
- .rails:rules:master-refs-code-backstage-ee-only
variables:
RSPEC_OPTS: "--tag quarantine -- ee/spec/"
rspec-ee migration pg10:
extends:
- .rspec-ee-base-pg10
- .rspec-base-migration
- .rails:rules:master-refs-code-backstage
parallel: 2
rspec-ee unit pg10:
extends:
- .rspec-ee-base-pg10
- .rails:rules:master-refs-code-backstage
parallel: 10
rspec-ee integration pg10:
extends:
- .rspec-ee-base-pg10
- .rails:rules:master-refs-code-backstage
parallel: 4
rspec-ee system pg10:
extends:
- .rspec-ee-base-pg10
- .rails:rules:master-refs-code-backstage
parallel: 6
# ee + master-only jobs #
#########################
#################
# ee-only jobs #
.rspec-base-ee:
extends:
- .rspec-base
- .rails:rules:ee-only
.rspec-base-pg9-as-if-foss:
extends:
- .rspec-base-ee
- .as-if-foss
- .use-pg9
needs:
- job: setup-test-env
artifacts: true
- job: retrieve-tests-metadata
artifacts: true
- job: compile-assets pull-cache as-if-foss
artifacts: true
.rspec-ee-base-pg9:
extends:
- .rspec-base-ee
- .use-pg9-ee
.rspec-ee-base-pg10:
extends:
- .rspec-base-ee
- .use-pg10-ee
rspec migration pg9-as-if-foss:
extends:
- .rspec-base-pg9-as-if-foss
- .rspec-base-migration
parallel: 5
rspec unit pg9-as-if-foss:
extends: .rspec-base-pg9-as-if-foss
parallel: 20
rspec integration pg9-as-if-foss:
extends: .rspec-base-pg9-as-if-foss
parallel: 8
rspec system pg9-as-if-foss:
extends: .rspec-base-pg9-as-if-foss
parallel: 24
rspec-ee migration pg9:
extends:
- .rspec-ee-base-pg9
- .rspec-base-migration
parallel: 2
rspec-ee unit pg9:
extends: .rspec-ee-base-pg9
parallel: 10
rspec-ee integration pg9:
extends: .rspec-ee-base-pg9
parallel: 4
rspec-ee system pg9:
extends: .rspec-ee-base-pg9
parallel: 6
.rspec-ee-base-geo:
extends: .rspec-base-ee
script:
- source scripts/rspec_helpers.sh
- scripts/prepare_postgres_fdw.sh
- rspec_paralellized_job "--tag ~quarantine --tag geo"
.rspec-ee-base-geo-pg9:
extends:
- .rspec-ee-base-geo
- .use-pg9-ee
.rspec-ee-base-geo-pg10:
extends:
- .rspec-ee-base-geo
- .use-pg10-ee
rspec-ee unit pg9 geo:
extends: .rspec-ee-base-geo-pg9
parallel: 2
rspec-ee integration pg9 geo:
extends: .rspec-ee-base-geo-pg9
rspec-ee system pg9 geo:
extends: .rspec-ee-base-geo-pg9
rspec-ee unit pg10 geo:
extends: .rspec-ee-base-geo-pg10
parallel: 2
rspec-ee integration pg10 geo:
extends: .rspec-ee-base-geo-pg10
rspec-ee system pg10 geo:
extends: .rspec-ee-base-geo-pg10
db:rollback geo: db:rollback geo:
extends: extends:
- db:rollback - db:rollback
- .only-ee - .rails:rules:ee-only
script: script:
- bundle exec rake geo:db:migrate VERSION=20170627195211 - bundle exec rake geo:db:migrate VERSION=20170627195211
- bundle exec rake geo:db:migrate - bundle exec rake geo:db:migrate
# ee-only jobs #
################
---
# Syncs any changes pushed to a stable branch to the corresponding # Syncs any changes pushed to a stable branch to the corresponding
# gitlab-foss/CE stable branch. We run this prior to any tests so that random # gitlab-foss/CE stable branch. We run this prior to any tests so that random
# failures don't prevent a sync. # failures don't prevent a sync.
...@@ -10,27 +8,21 @@ ...@@ -10,27 +8,21 @@
stage: sync stage: sync
before_script: before_script:
- apk add --no-cache --update curl bash jq - apk add --no-cache --update curl bash jq
after_script: []
script: script:
- bash scripts/sync-stable-branch.sh - bash scripts/sync-stable-branch.sh
only:
variables:
- $CI_SERVER_HOST == "gitlab.com"
sync-stable-branch: sync-stable-branch:
extends: .merge-train-sync extends:
- .releases:rules:canonical-dot-com-gitlab-stable-branch-only
- .merge-train-sync
variables: variables:
SOURCE_PROJECT: gitlab-org/gitlab SOURCE_PROJECT: gitlab-org/gitlab
TARGET_PROJECT: gitlab-org/gitlab-foss TARGET_PROJECT: gitlab-org/gitlab-foss
only:
refs:
- /^[\d-]+-stable-ee$/@gitlab-org/gitlab
sync-security-branch: sync-security-branch:
extends: .merge-train-sync extends:
- .releases:rules:canonical-dot-com-security-gitlab-stable-branch-only
- .merge-train-sync
variables: variables:
SOURCE_PROJECT: gitlab-org/security/gitlab SOURCE_PROJECT: gitlab-org/security/gitlab
TARGET_PROJECT: gitlab-org/security/gitlab-foss TARGET_PROJECT: gitlab-org/security/gitlab-foss
only:
refs:
- /^[\d-]+-stable-ee$/@gitlab-org/security/gitlab
# include: # include:
# - template: Code-Quality.gitlab-ci.yml # - template: Jobs/Code-Quality.gitlab-ci.yml
# - template: Security/SAST.gitlab-ci.yml # - template: Security/SAST.gitlab-ci.yml
# - template: Security/Dependency-Scanning.gitlab-ci.yml # - template: Security/Dependency-Scanning.gitlab-ci.yml
# - template: Security/DAST.gitlab-ci.yml # - template: Security/DAST.gitlab-ci.yml
...@@ -10,8 +10,7 @@ ...@@ -10,8 +10,7 @@
code_quality: code_quality:
extends: extends:
- .default-retry - .default-retry
- .default-only - .reports:rules:code_quality
- .only:changes-code-backstage
stage: test stage: test
image: docker:stable image: docker:stable
allow_failure: true allow_failure: true
...@@ -38,12 +37,9 @@ code_quality: ...@@ -38,12 +37,9 @@ code_quality:
reports: reports:
codequality: gl-code-quality-report.json codequality: gl-code-quality-report.json
paths: paths:
- gl-code-quality-report.json - gl-code-quality-report.json # GitLab-specific
expire_in: 1 week expire_in: 1 week # GitLab-specific
dependencies: [] dependencies: []
except:
variables:
- $CODE_QUALITY_DISABLED
# We need to duplicate this job's definition because it seems it's impossible to # We need to duplicate this job's definition because it seems it's impossible to
# override an included `only.refs`. # override an included `only.refs`.
...@@ -53,16 +49,22 @@ code_quality: ...@@ -53,16 +49,22 @@ code_quality:
sast: sast:
extends: extends:
- .default-retry - .default-retry
- .default-only - .reports:rules:sast
- .only:changes-code-backstage-qa
stage: test stage: test
allow_failure: true
dependencies: [] # GitLab-specific
artifacts:
paths:
- gl-sast-report.json # GitLab-specific
reports:
sast: gl-sast-report.json
expire_in: 1 week # GitLab-specific
image: docker:stable image: docker:stable
variables: variables:
DOCKER_DRIVER: overlay2 DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "" DOCKER_TLS_CERTDIR: ""
SAST_BRAKEMAN_LEVEL: 2 SAST_BRAKEMAN_LEVEL: 2 # GitLab-specific
SAST_EXCLUDED_PATHS: qa,spec,doc,ee/spec SAST_EXCLUDED_PATHS: qa,spec,doc,ee/spec # GitLab-specific
allow_failure: true
services: services:
- docker:stable-dind - docker:stable-dind
script: script:
...@@ -73,61 +75,12 @@ sast: ...@@ -73,61 +75,12 @@ sast:
export DOCKER_HOST='tcp://localhost:2375' export DOCKER_HOST='tcp://localhost:2375'
fi fi
fi fi
- | # this is required to avoid undesirable reset of Docker image ENV variables being set on build stage
function propagate_env_vars() {
CURRENT_ENV=$(printenv)
for VAR_NAME; do
echo $CURRENT_ENV | grep "${VAR_NAME}=" > /dev/null && echo "--env $VAR_NAME "
done
}
- | - |
docker run \ ENVS=`printenv | grep -vE '^(DOCKER_|CI|GITLAB_|FF_|HOME|PWD|OLDPWD|PATH|SHLVL|HOSTNAME)' | sed -n '/^[^\t]/s/=.*//p' | sed '/^$/d' | sed 's/^/-e /g' | tr '\n' ' '`
$(propagate_env_vars \ docker run "$ENVS" \
SAST_BANDIT_EXCLUDED_PATHS \
SAST_ANALYZER_IMAGES \
SAST_ANALYZER_IMAGE_PREFIX \
SAST_ANALYZER_IMAGE_TAG \
SAST_DEFAULT_ANALYZERS \
SAST_PULL_ANALYZER_IMAGES \
SAST_BRAKEMAN_LEVEL \
SAST_FLAWFINDER_LEVEL \
SAST_GITLEAKS_ENTROPY_LEVEL \
SAST_GOSEC_LEVEL \
SAST_EXCLUDED_PATHS \
SAST_DOCKER_CLIENT_NEGOTIATION_TIMEOUT \
SAST_PULL_ANALYZER_IMAGE_TIMEOUT \
SAST_RUN_ANALYZER_TIMEOUT \
SAST_JAVA_VERSION \
ANT_HOME \
ANT_PATH \
GRADLE_PATH \
JAVA_OPTS \
JAVA_PATH \
JAVA_8_VERSION \
JAVA_11_VERSION \
MAVEN_CLI_OPTS \
MAVEN_PATH \
MAVEN_REPO_PATH \
SBT_PATH \
FAIL_NEVER \
) \
--volume "$PWD:/code" \ --volume "$PWD:/code" \
--volume /var/run/docker.sock:/var/run/docker.sock \ --volume /var/run/docker.sock:/var/run/docker.sock \
"registry.gitlab.com/gitlab-org/security-products/sast:$SAST_VERSION" /app/bin/run /code "registry.gitlab.com/gitlab-org/security-products/sast:$SAST_VERSION" /app/bin/run /code
artifacts:
expire_in: 7 days
paths:
- gl-sast-report.json
reports:
sast: gl-sast-report.json
dependencies: []
only:
variables:
- $GITLAB_FEATURES =~ /\bsast\b/
except:
variables:
- $SAST_DISABLED
# We need to duplicate this job's definition because it seems it's impossible to # We need to duplicate this job's definition because it seems it's impossible to
# override an included `only.refs`. # override an included `only.refs`.
...@@ -135,13 +88,13 @@ sast: ...@@ -135,13 +88,13 @@ sast:
dependency_scanning: dependency_scanning:
extends: extends:
- .default-retry - .default-retry
- .default-only - .reports:rules:dependency_scanning
- .only:changes-code-backstage-qa
stage: test stage: test
image: docker:stable image: docker:stable
variables: variables:
DOCKER_DRIVER: overlay2 DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "" DOCKER_TLS_CERTDIR: ""
DS_EXCLUDED_PATHS: "qa/qa/ee/fixtures/secure_premade_reports,spec,ee/spec" # GitLab-specific
allow_failure: true allow_failure: true
services: services:
- docker:stable-dind - docker:stable-dind
...@@ -173,23 +126,29 @@ dependency_scanning: ...@@ -173,23 +126,29 @@ dependency_scanning:
DS_PULL_ANALYZER_IMAGE_TIMEOUT \ DS_PULL_ANALYZER_IMAGE_TIMEOUT \
DS_RUN_ANALYZER_TIMEOUT \ DS_RUN_ANALYZER_TIMEOUT \
DS_PYTHON_VERSION \ DS_PYTHON_VERSION \
DS_PIP_VERSION \
DS_PIP_DEPENDENCY_PATH \ DS_PIP_DEPENDENCY_PATH \
GEMNASIUM_DB_LOCAL_PATH \
GEMNASIUM_DB_REMOTE_URL \
GEMNASIUM_DB_REF_NAME \
PIP_INDEX_URL \ PIP_INDEX_URL \
PIP_EXTRA_INDEX_URL \ PIP_EXTRA_INDEX_URL \
PIP_REQUIREMENTS_FILE \
MAVEN_CLI_OPTS \
BUNDLER_AUDIT_UPDATE_DISABLED \
BUNDLER_AUDIT_ADVISORY_DB_URL \
BUNDLER_AUDIT_ADVISORY_DB_REF_NAME \
) \ ) \
--volume "$PWD:/code" \ --volume "$PWD:/code" \
--volume /var/run/docker.sock:/var/run/docker.sock \ --volume /var/run/docker.sock:/var/run/docker.sock \
"registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$DS_VERSION" /code "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$DS_VERSION" /code
artifacts: artifacts:
paths:
- gl-dependency-scanning-report.json # GitLab-specific
reports: reports:
dependency_scanning: gl-dependency-scanning-report.json dependency_scanning: gl-dependency-scanning-report.json
expire_in: 1 week # GitLab-specific
dependencies: [] dependencies: []
only:
variables:
- $GITLAB_FEATURES =~ /\bdependency_scanning\b/
except:
variables:
- $DEPENDENCY_SCANNING_DISABLED
# We need to duplicate this job's definition because it seems it's impossible to # We need to duplicate this job's definition because it seems it's impossible to
# override an included `only.refs`. # override an included `only.refs`.
...@@ -197,40 +156,36 @@ dependency_scanning: ...@@ -197,40 +156,36 @@ dependency_scanning:
dast: dast:
extends: extends:
- .default-retry - .default-retry
- .default-only - .reports:rules:dast
- .only:changes-code-qa needs:
- .only-review - job: review-deploy
stage: qa artifacts: true
needs: ["review-deploy"] stage: qa # GitLab-specific
dependencies: ["review-deploy"]
before_script:
- export DAST_WEBSITE="$(cat review_app_url.txt)"
image: image:
name: "registry.gitlab.com/gitlab-org/security-products/dast:$CI_SERVER_VERSION_MAJOR-$CI_SERVER_VERSION_MINOR-stable" name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION"
variables: variables:
# URL to scan: # To be done in a later iteration
# DAST_WEBSITE: https://example.com/ # DAST_USERNAME: "root"
# # DAST_USERNAME_FIELD: "user[login]"
# Time limit for target availability (scan is attempted even when timeout): # DAST_PASSWORD_FIELD: "user[passowrd]"
# DAST_TARGET_AVAILABILITY_TIMEOUT: 60
#
# Set these variables to scan with an authenticated user:
# DAST_AUTH_URL: https://example.com/sign-in
# DAST_USERNAME: john.doe@example.com
# DAST_PASSWORD: john-doe-password
# DAST_USERNAME_FIELD: session[user] # the name of username field at the sign-in HTML form
# DAST_PASSWORD_FIELD: session[password] # the name of password field at the sign-in HTML form
# DAST_AUTH_EXCLUDE_URLS: http://example.com/sign-out,http://example.com/sign-out-2 # optional: URLs to skip during the authenticated scan; comma-separated, no spaces in between
#
# Perform ZAP Full Scan, which includes both passive and active scanning:
# DAST_FULL_SCAN_ENABLED: "true"
allow_failure: true allow_failure: true
script: script:
- export DAST_WEBSITE=${DAST_WEBSITE:-$(cat environment_url.txt)} - 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"'
# To be done in a later iteration
# - 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"'
# - 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"'
- /analyze -t $DAST_WEBSITE - /analyze -t $DAST_WEBSITE
artifacts: artifacts:
expire_in: 7 days
paths: paths:
- gl-dast-report.json - gl-dast-report.json # GitLab-specific
reports: reports:
dast: gl-dast-report.json dast: gl-dast-report.json
expire_in: 1 week # GitLab-specific
# To be done in a later iteration: https://gitlab.com/gitlab-org/gitlab/issues/31160#note_278188255
# schedule:dast:
# extends:
# - dast
# - .reports:schedule-dast
# variables:
# DAST_FULL_SCAN_ENABLED: "true"
# Make sure to update all the similar conditions in other CI config files if you modify these conditions
.if-canonical-gitlab-schedule: &if-canonical-gitlab-schedule
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_PIPELINE_SOURCE == "schedule"'
# Make sure to update all the similar conditions in other CI config files if you modify these conditions
.if-canonical-gitlab-merge-request: &if-canonical-gitlab-merge-request
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_MERGE_REQUEST_IID'
# Make sure to update all the similar patterns in other CI config files if you modify these patterns
.code-qa-patterns: &code-qa-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# QA changes
- ".dockerignore"
- "qa/**/*"
.review-docker: .review-docker:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine-ruby-2.6
services: services:
- docker:19.03.0-dind - docker:19.03.0-dind
tags: tags:
...@@ -41,14 +14,10 @@ ...@@ -41,14 +14,10 @@
GITLAB_EDITION: "ce" GITLAB_EDITION: "ce"
build-qa-image: build-qa-image:
extends: .review-docker extends:
- .review-docker
- .review:rules:mr-and-schedule
stage: prepare stage: prepare
rules:
- <<: *if-canonical-gitlab-merge-request
changes: *code-qa-patterns
when: on_success
- <<: *if-canonical-gitlab-schedule
when: on_success
script: script:
- '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"' - '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"'
- export QA_MASTER_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/gitlab-${GITLAB_EDITION}-qa:master" - export QA_MASTER_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/gitlab-${GITLAB_EDITION}-qa:master"
...@@ -58,11 +27,11 @@ build-qa-image: ...@@ -58,11 +27,11 @@ build-qa-image:
- time docker build --cache-from "${QA_MASTER_IMAGE}" --tag ${QA_IMAGE} --file ./qa/Dockerfile ./ - time docker build --cache-from "${QA_MASTER_IMAGE}" --tag ${QA_IMAGE} --file ./qa/Dockerfile ./
- time docker push ${QA_IMAGE} - time docker push ${QA_IMAGE}
.base-review-cleanup: review-cleanup:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .review:rules:review-cleanup
stage: prepare stage: prepare
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
allow_failure: true allow_failure: true
...@@ -75,51 +44,28 @@ build-qa-image: ...@@ -75,51 +44,28 @@ build-qa-image:
script: script:
- ruby -rrubygems scripts/review_apps/automated_cleanup.rb - ruby -rrubygems scripts/review_apps/automated_cleanup.rb
schedule:review-cleanup: review-build-cng:
extends:
- .base-review-cleanup
- .only-review-schedules
manual:review-cleanup:
extends:
- .base-review-cleanup
- .only:changes-code-qa
when: manual
.review-build-cng-base:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .review:rules:mr-and-schedule
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: review-prepare stage: review-prepare
before_script: before_script:
- source scripts/utils.sh - source scripts/utils.sh
- install_api_client_dependencies_with_apk - install_api_client_dependencies_with_apk
- install_gitlab_gem - install_gitlab_gem
dependencies: [] needs:
- job: gitlab:assets:compile pull-cache
artifacts: false
script: script:
- BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng - BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng
review-build-cng:
extends:
- .review-build-cng-base
- .only-review
- .only:changes-code-qa
needs: ["gitlab:assets:compile pull-cache"]
schedule:review-build-cng:
extends:
- .review-build-cng-base
- .only-review-schedules
needs: ["gitlab:assets:compile pull-cache"]
.review-workflow-base: .review-workflow-base:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
dependencies: []
variables: variables:
HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
...@@ -130,17 +76,22 @@ schedule:review-build-cng: ...@@ -130,17 +76,22 @@ schedule:review-build-cng:
url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN} url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
on_stop: review-stop on_stop: review-stop
.review-deploy-base: review-deploy:
extends: .review-workflow-base extends:
- .review-workflow-base
- .review:rules:mr-and-schedule
stage: review stage: review
needs:
- job: review-build-cng
artifacts: false
allow_failure: true allow_failure: true
before_script: before_script:
- '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"' - '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"'
- export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION) - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
- export GITALY_VERSION=$(<GITALY_SERVER_VERSION) - export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
- export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION) - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
- echo "${CI_ENVIRONMENT_URL}" > review_app_url.txt - echo "${CI_ENVIRONMENT_URL}" > environment_url.txt
- source scripts/utils.sh - source ./scripts/utils.sh
- install_api_client_dependencies_with_apk - install_api_client_dependencies_with_apk
- source scripts/review_apps/review-apps.sh - source scripts/review_apps/review-apps.sh
script: script:
...@@ -152,26 +103,15 @@ schedule:review-build-cng: ...@@ -152,26 +103,15 @@ schedule:review-build-cng:
- date - date
- deploy || (display_deployment_debug && exit 1) - deploy || (display_deployment_debug && exit 1)
artifacts: artifacts:
paths: [review_app_url.txt] paths: [environment_url.txt]
expire_in: 2 days expire_in: 2 days
when: always when: always
review-deploy: .review-stop-base:
extends: .review-deploy-base
rules:
- <<: *if-canonical-gitlab-merge-request
changes: *code-qa-patterns
when: on_success
schedule:review-deploy:
extends:
- .review-deploy-base
- .only-review-schedules
.base-review-stop:
extends: .review-workflow-base extends: .review-workflow-base
environment: environment:
action: stop action: stop
dependencies: []
variables: variables:
# We're cloning the repo instead of downloading the script for now # We're cloning the repo instead of downloading the script for now
# because some repos are private and CI_JOB_TOKEN cannot access files. # because some repos are private and CI_JOB_TOKEN cannot access files.
...@@ -183,22 +123,18 @@ schedule:review-deploy: ...@@ -183,22 +123,18 @@ schedule:review-deploy:
- source ./scripts/review_apps/review-apps.sh - source ./scripts/review_apps/review-apps.sh
review-stop-failed-deployment: review-stop-failed-deployment:
extends: .base-review-stop extends:
- .review-stop-base
- .review:rules:mr-only-auto
stage: prepare stage: prepare
rules:
- <<: *if-canonical-gitlab-merge-request
changes: *code-qa-patterns
when: on_success
script: script:
- delete_failed_release - delete_failed_release
review-stop: review-stop:
extends: .base-review-stop extends:
- .review-stop-base
- .review:rules:mr-only-manual
stage: review stage: review
rules:
- <<: *if-canonical-gitlab-merge-request
changes: *code-qa-patterns
when: manual
allow_failure: true allow_failure: true
script: script:
- delete_release - delete_release
...@@ -206,8 +142,9 @@ review-stop: ...@@ -206,8 +142,9 @@ review-stop:
.review-qa-base: .review-qa-base:
extends: .review-docker extends: .review-docker
stage: qa stage: qa
needs: ["review-deploy"] needs:
dependencies: ["review-deploy"] - job: review-deploy
artifacts: true
allow_failure: true allow_failure: true
variables: variables:
QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa" QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa"
...@@ -222,7 +159,7 @@ review-stop: ...@@ -222,7 +159,7 @@ review-stop:
before_script: before_script:
- '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"' - '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"'
- export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/gitlab-${GITLAB_EDITION}-qa:${CI_COMMIT_REF_SLUG}" - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/gitlab-${GITLAB_EDITION}-qa:${CI_COMMIT_REF_SLUG}"
- export CI_ENVIRONMENT_URL="$(cat review_app_url.txt)" - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
- echo "${CI_ENVIRONMENT_URL}" - echo "${CI_ENVIRONMENT_URL}"
- echo "${QA_IMAGE}" - echo "${QA_IMAGE}"
- source scripts/utils.sh - source scripts/utils.sh
...@@ -235,32 +172,33 @@ review-stop: ...@@ -235,32 +172,33 @@ review-stop:
when: always when: always
review-qa-smoke: review-qa-smoke:
extends: .review-qa-base extends:
rules: - .review-qa-base
- <<: *if-canonical-gitlab-merge-request - .review:rules:mr-only-auto
changes: *code-qa-patterns
when: on_success
script: script:
- gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" - gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"
review-qa-all: review-qa-all:
extends: .review-qa-base extends:
rules: - .review-qa-base
- <<: *if-canonical-gitlab-merge-request - .review:rules:mr-only-manual
changes: *code-qa-patterns
when: manual
parallel: 5 parallel: 5
script: script:
- export KNAPSACK_REPORT_PATH=knapsack/master_report.json - export KNAPSACK_REPORT_PATH=knapsack/master_report.json
- export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb
- gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation
.review-performance-base: review-performance:
extends: .review-docker extends:
- .review-docker
- .review:rules:mr-and-schedule
stage: qa stage: qa
needs:
- job: review-deploy
artifacts: true
allow_failure: true allow_failure: true
before_script: before_script:
- export CI_ENVIRONMENT_URL="$(cat review_app_url.txt)" - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
- echo "${CI_ENVIRONMENT_URL}" - echo "${CI_ENVIRONMENT_URL}"
- mkdir -p gitlab-exporter - mkdir -p gitlab-exporter
- wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
...@@ -275,58 +213,17 @@ review-qa-all: ...@@ -275,58 +213,17 @@ review-qa-all:
reports: reports:
performance: performance.json performance: performance.json
review-performance:
extends: .review-performance-base
rules:
- <<: *if-canonical-gitlab-merge-request
changes: *code-qa-patterns
when: on_success
needs: ["review-deploy"]
dependencies: ["review-deploy"]
before_script:
- export CI_ENVIRONMENT_URL="$(cat review_app_url.txt)"
- echo "${CI_ENVIRONMENT_URL}"
- mkdir -p gitlab-exporter
- wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
- mkdir -p sitespeed-results
script:
- docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:6.3.1 --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}"
after_script:
- mv sitespeed-results/data/performance.json performance.json
artifacts:
paths:
- sitespeed-results/
reports:
performance: performance.json
schedule:review-performance:
extends:
- .review-performance-base
- .only-review-schedules
needs: ["schedule:review-deploy"]
dependencies: ["schedule:review-deploy"]
parallel-spec-reports: parallel-spec-reports:
extends: extends:
- .default-tags - .default-tags
- .default-only - .review:rules:mr-only-manual
- .only-review
- .only:changes-code-qa
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: post-qa stage: post-qa
dependencies: ["review-qa-all"] dependencies: ["review-qa-all"]
allow_failure: true
variables: variables:
NEW_PARALLEL_SPECS_REPORT: qa/report-new.html NEW_PARALLEL_SPECS_REPORT: qa/report-new.html
BASE_ARTIFACT_URL: "${CI_PROJECT_URL}/-/jobs/${CI_JOB_ID}/artifacts/file/qa/" BASE_ARTIFACT_URL: "${CI_PROJECT_URL}/-/jobs/${CI_JOB_ID}/artifacts/file/qa/"
allow_failure: true
when: manual
artifacts:
when: always
paths:
- qa/report-new.html
- qa/gitlab-qa-run-*
reports:
junit: qa/gitlab-qa-run-*/**/rspec-*.xml
script: script:
- apk add --update build-base libxml2-dev libxslt-dev && rm -rf /var/cache/apk/* - apk add --update build-base libxml2-dev libxslt-dev && rm -rf /var/cache/apk/*
- gem install nokogiri --no-document - gem install nokogiri --no-document
...@@ -335,20 +232,23 @@ parallel-spec-reports: ...@@ -335,20 +232,23 @@ parallel-spec-reports:
- cd - - cd -
- '[[ -f $NEW_PARALLEL_SPECS_REPORT ]] || echo "{}" > ${NEW_PARALLEL_SPECS_REPORT}' - '[[ -f $NEW_PARALLEL_SPECS_REPORT ]] || echo "{}" > ${NEW_PARALLEL_SPECS_REPORT}'
- scripts/merge-html-reports ${NEW_PARALLEL_SPECS_REPORT} ${BASE_ARTIFACT_URL}${ARTIFACT_DIRS} qa/gitlab-qa-run-*/**/rspec.htm - scripts/merge-html-reports ${NEW_PARALLEL_SPECS_REPORT} ${BASE_ARTIFACT_URL}${ARTIFACT_DIRS} qa/gitlab-qa-run-*/**/rspec.htm
artifacts:
when: always
paths:
- qa/report-new.html
- qa/gitlab-qa-run-*
reports:
junit: qa/gitlab-qa-run-*/**/rspec-*.xml
danger-review: danger-review:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only - .review:rules:danger
- .except:refs-master-tags-stable-deploy
image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger
stage: test stage: test
dependencies: [] dependencies: []
only:
variables:
- $DANGER_GITLAB_API_TOKEN
script: script:
- git version - git version
- node --version - node --version
... ...
......
##############
# Conditions #
##############
.if-not-canonical-namespace: &if-not-canonical-namespace
if: '$CI_PROJECT_NAMESPACE !~ /^gitlab(-org)?($|\/)/'
.if-not-ee: &if-not-ee
if: '$CI_PROJECT_NAME !~ /^gitlab(-ee)?$/'
.if-not-foss: &if-not-foss
if: '$CI_PROJECT_NAME != "gitlab-foss" && $CI_PROJECT_NAME != "gitlab-ce" && $CI_PROJECT_NAME != "gitlabhq"'
.if-default-refs: &if-default-refs
if: '$CI_COMMIT_REF_NAME == "master" || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_MERGE_REQUEST_IID || $CI_COMMIT_TAG'
.if-master-refs: &if-master-refs
if: '$CI_COMMIT_REF_NAME == "master"'
.if-master-or-tag: &if-master-or-tag
if: '$CI_COMMIT_REF_NAME == "master" || $CI_COMMIT_TAG'
.if-merge-request: &if-merge-request
if: '$CI_MERGE_REQUEST_IID'
.if-dot-com-gitlab-org-schedule: &if-dot-com-gitlab-org-schedule
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_PIPELINE_SOURCE == "schedule"'
.if-dot-com-gitlab-org-master: &if-dot-com-gitlab-org-master
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_COMMIT_REF_NAME == "master"'
.if-dot-com-gitlab-org-merge-request: &if-dot-com-gitlab-org-merge-request
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_MERGE_REQUEST_IID'
.if-dot-com-gitlab-org-and-security-merge-request: &if-dot-com-gitlab-org-and-security-merge-request
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_MERGE_REQUEST_IID'
.if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_COMMIT_TAG'
.if-dot-com-ee-schedule: &if-dot-com-ee-schedule
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "schedule"'
.if-cache-credentials-schedule: &if-cache-credentials-schedule
if: '$CI_REPO_CACHE_CREDENTIALS && $CI_PIPELINE_SOURCE == "schedule"'
####################
# Changes patterns #
####################
.yaml-patterns: &yaml-patterns
- "**/*.yml"
.docs-patterns: &docs-patterns
- ".gitlab/route-map.yml"
- "doc/**/*"
- ".markdownlint.json"
.backstage-patterns: &backstage-patterns
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file
.code-patterns: &code-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
.qa-patterns: &qa-patterns
- ".dockerignore"
- "qa/**/*"
.code-backstage-patterns: &code-backstage-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# Backstage changes
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file
.code-qa-patterns: &code-qa-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# QA changes
- ".dockerignore"
- "qa/**/*"
.code-backstage-qa-patterns: &code-backstage-qa-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
- "doc/api/graphql/reference/*" # Files in this folder are auto-generated
# Backstage changes
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file
# QA changes
- ".dockerignore"
- "qa/**/*"
####################
# Cache repo rules #
####################
.cache-repo:rules:
rules:
- <<: *if-cache-credentials-schedule
when: on_success
#############
# CNG rules #
#############
.cng:rules:
rules:
- <<: *if-dot-com-gitlab-org-and-security-tag
when: manual
######################
# Dev fixtures rules #
######################
.dev-fixtures:rules:ee-and-foss:
rules:
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
.dev-fixtures:rules:ee-only:
rules:
- <<: *if-not-ee
when: never
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
##############
# Docs rules #
##############
.docs:rules:review-docs:
rules:
- <<: *if-dot-com-gitlab-org-merge-request
changes: *docs-patterns
when: manual
.docs:rules:docs-lint:
rules:
- <<: *if-default-refs
changes: *docs-patterns
when: on_success
.docs:rules:graphql-reference-verify:
rules:
- <<: *if-not-ee
when: never
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
when: on_success
##################
# Frontend rules #
##################
.frontend:rules:gitlab-assets-compile-pull-push-cache:
rules:
- <<: *if-not-canonical-namespace
when: never
- <<: *if-master-refs
changes: *code-backstage-qa-patterns
when: on_success
.frontend:rules:gitlab-assets-compile-pull-cache:
rules:
- <<: *if-not-canonical-namespace
when: never
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
when: on_success
.frontend:rules:compile-assets-pull-push-cache:
rules:
- <<: *if-master-refs
changes: *code-backstage-qa-patterns
when: on_success
.frontend:rules:compile-assets-pull-push-cache-as-if-foss:
rules:
- <<: *if-not-ee
when: never
- <<: *if-master-refs
changes: *code-backstage-qa-patterns
when: on_success
.frontend:rules:compile-assets-pull-cache:
rules:
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
when: on_success
.frontend:rules:compile-assets-pull-cache-as-if-foss:
rules:
- <<: *if-not-ee
when: never
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
when: on_success
.frontend:rules:default-frontend-jobs:
rules:
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
.frontend:rules:default-frontend-jobs-as-if-foss:
rules:
- <<: *if-not-ee
when: never
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
.frontend:rules:qa-frontend-node:
rules:
- <<: *if-master-refs
when: on_success
################
# Memory rules #
################
.memory:rules:
rules:
- <<: *if-default-refs
changes: *code-patterns
when: on_success
###############
# Pages rules #
###############
.pages:rules:
rules:
- <<: *if-dot-com-gitlab-org-master
changes: *code-backstage-qa-patterns
when: on_success
############
# QA rules #
############
.qa:rules:ee-and-foss:
rules:
- <<: *if-default-refs
changes: *code-qa-patterns
when: on_success
.qa:rules:ee-only:
rules:
- <<: *if-not-ee
when: never
- <<: *if-default-refs
changes: *code-qa-patterns
when: on_success
.qa:rules:package-and-qa:
rules:
- <<: *if-dot-com-gitlab-org-merge-request
changes: *qa-patterns
when: on_success
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-patterns
when: manual
- <<: *if-dot-com-gitlab-org-schedule
when: on_success
###############
# Rails rules #
###############
.rails:rules:ee-and-foss:
rules:
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
.rails:rules:default-refs-code-backstage-qa:
rules:
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
when: on_success
.rails:rules:master-refs-code-backstage:
rules:
- <<: *if-master-refs
changes: *code-backstage-patterns
when: on_success
.rails:rules:master-refs-code-backstage-ee-only:
rules:
- <<: *if-not-ee
when: never
- <<: *if-master-refs
changes: *code-backstage-patterns
when: on_success
.rails:rules:ee-only:
rules:
- <<: *if-not-ee
when: never
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
.rails:rules:downtime_check:
rules:
- <<: *if-merge-request
changes: *code-backstage-patterns
when: on_success
##################
# Releases rules #
##################
.releases:rules:canonical-dot-com-gitlab-stable-branch-only:
rules:
- if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable-ee$/'
.releases:rules:canonical-dot-com-security-gitlab-stable-branch-only:
rules:
- if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/security/gitlab" && $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable-ee$/'
#################
# Reports rules #
#################
.reports:rules:code_quality:
rules:
- if: '$CODE_QUALITY_DISABLED'
when: never
# - <<: *if-master-refs # To be done in a later iteration: https://gitlab.com/gitlab-org/gitlab/issues/31160#note_278188255
- <<: *if-default-refs
changes: *code-backstage-patterns
.reports:rules:sast:
rules:
- if: '$SAST_DISABLED || $GITLAB_FEATURES !~ /\bsast\b/'
when: never
# - <<: *if-master-refs # To be done in a later iteration: https://gitlab.com/gitlab-org/gitlab/issues/31160#note_278188255
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
.reports:rules:dependency_scanning:
rules:
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/'
when: never
# - <<: *if-master-refs # To be done in a later iteration: https://gitlab.com/gitlab-org/gitlab/issues/31160#note_278188255
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
.reports:rules:dast:
rules:
- if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/'
when: never
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
.reports:schedule-dast:
rules:
- if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/'
when: never
- <<: *if-dot-com-gitlab-org-schedule
################
# Review rules #
################
.review:rules:mr-and-schedule:
rules:
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
when: on_success
- <<: *if-dot-com-gitlab-org-schedule
when: on_success
.review:rules:mr-only-auto:
rules:
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
when: on_success
.review:rules:mr-only-manual:
rules:
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
when: manual
.review:rules:review-cleanup:
rules:
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
when: manual
- <<: *if-dot-com-gitlab-org-schedule
when: on_success
.review:rules:danger:
rules:
- if: '$DANGER_GITLAB_API_TOKEN && $CI_MERGE_REQUEST_IID'
when: on_success
###############
# Setup rules #
###############
.setup:rules:cache-gems:
rules:
- <<: *if-not-canonical-namespace
when: never
- <<: *if-master-or-tag
changes: *code-backstage-qa-patterns
when: on_success
.setup:rules:gitlab_git_test:
rules:
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
.setup:rules:no_ee_check:
rules:
- <<: *if-not-foss
when: never
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
#######################
# Test metadata rules #
#######################
.test-metadata:rules:retrieve-tests-metadata:
rules:
- <<: *if-default-refs
changes: *code-backstage-patterns
when: on_success
.test-metadata:rules:update-tests-metadata:
rules:
- <<: *if-dot-com-ee-schedule
changes: *code-backstage-patterns
when: on_success
.test-metadata:rules:flaky-examples-check:
rules:
- <<: *if-merge-request
changes: *code-backstage-patterns
when: on_success
##############
# YAML rules #
##############
.yaml:rules:
rules:
- <<: *if-default-refs
changes: *yaml-patterns
...@@ -6,11 +6,11 @@ cache gems: ...@@ -6,11 +6,11 @@ cache gems:
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-before_script - .default-before_script
- .only:variables-canonical-dot-com - .setup:rules:cache-gems
- .only:changes-code-backstage-qa
stage: test stage: test
dependencies: ["setup-test-env"] needs:
needs: ["setup-test-env"] - job: setup-test-env
artifacts: true
variables: variables:
SETUP_DB: "false" SETUP_DB: "false"
script: script:
...@@ -18,30 +18,23 @@ cache gems: ...@@ -18,30 +18,23 @@ cache gems:
artifacts: artifacts:
paths: paths:
- vendor/cache - vendor/cache
only:
refs:
- master
- tags
.minimal-job: .minimal-job:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only
- .only:changes-code-backstage
dependencies: [] dependencies: []
gitlab_git_test: gitlab_git_test:
extends: .minimal-job extends:
- .minimal-job
- .setup:rules:gitlab_git_test
script: script:
- spec/support/prepare-gitlab-git-test-for-commit --check-for-changes - spec/support/prepare-gitlab-git-test-for-commit --check-for-changes
no_ee_check: no_ee_check:
extends: .minimal-job extends:
- .minimal-job
- .setup:rules:no_ee_check
script: script:
- scripts/no-ee-check - scripts/no-ee-check
only:
variables:
- $CI_PROJECT_NAME == "gitlab-foss"
- $CI_PROJECT_NAME == "gitlab-ce" # Support former project name for forks/mirrors
- $CI_PROJECT_NAME == "gitlabhq" # Support former project name for dev
.tests-metadata-state: .tests-metadata-state:
extends:
- .default-only
- .only:changes-code-backstage
variables: variables:
TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache" TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache"
before_script: before_script:
...@@ -19,7 +16,9 @@ ...@@ -19,7 +16,9 @@
- rspec_profiling/ - rspec_profiling/
retrieve-tests-metadata: retrieve-tests-metadata:
extends: .tests-metadata-state extends:
- .tests-metadata-state
- .test-metadata:rules:retrieve-tests-metadata
stage: prepare stage: prepare
cache: cache:
policy: pull policy: pull
...@@ -28,7 +27,9 @@ retrieve-tests-metadata: ...@@ -28,7 +27,9 @@ retrieve-tests-metadata:
- retrieve_tests_metadata - retrieve_tests_metadata
update-tests-metadata: update-tests-metadata:
extends: .tests-metadata-state extends:
- .tests-metadata-state
- .test-metadata:rules:update-tests-metadata
stage: post-test stage: post-test
cache: cache:
policy: push policy: push
...@@ -36,27 +37,17 @@ update-tests-metadata: ...@@ -36,27 +37,17 @@ update-tests-metadata:
- retry gem install fog-aws mime-types activesupport rspec_profiling postgres-copy --no-document - retry gem install fog-aws mime-types activesupport rspec_profiling postgres-copy --no-document
- source scripts/rspec_helpers.sh - source scripts/rspec_helpers.sh
- update_tests_metadata - update_tests_metadata
only:
refs:
- schedules
variables:
# Only update the Knapsack metadata on GitLab.com/gitlab-org/gitlab
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab"
flaky-examples-check: flaky-examples-check:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .test-metadata:rules:flaky-examples-check
- .only:changes-code-backstage
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: post-test stage: post-test
variables: variables:
NEW_FLAKY_SPECS_REPORT: rspec_flaky/report-new.json NEW_FLAKY_SPECS_REPORT: rspec_flaky/report-new.json
allow_failure: true allow_failure: true
only:
refs:
- merge_requests
artifacts: artifacts:
expire_in: 30d expire_in: 30d
paths: paths:
...@@ -64,4 +55,4 @@ flaky-examples-check: ...@@ -64,4 +55,4 @@ flaky-examples-check:
script: script:
- '[[ -f $NEW_FLAKY_SPECS_REPORT ]] || echo "{}" > ${NEW_FLAKY_SPECS_REPORT}' - '[[ -f $NEW_FLAKY_SPECS_REPORT ]] || echo "{}" > ${NEW_FLAKY_SPECS_REPORT}'
- scripts/merge-reports ${NEW_FLAKY_SPECS_REPORT} rspec_flaky/new_*_*.json - scripts/merge-reports ${NEW_FLAKY_SPECS_REPORT} rspec_flaky/new_*_*.json
- scripts/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT - scripts/flaky_examples/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT