diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-20 15:10:58 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-20 15:10:58 +0000 |
| commit | 049d16d168fdee408b78f5f38619c092fd3b2265 (patch) | |
| tree | 22d1db5ab4fae0967a4da4b1a6b097ef9e5d7aa2 /.gitlab | |
| parent | bf18f3295b550c564086efd0a32d9a25435ce216 (diff) | |
| download | gitlab-ce-049d16d168fdee408b78f5f38619c092fd3b2265.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to '.gitlab')
| -rw-r--r-- | .gitlab/CODEOWNERS | 1 | ||||
| -rw-r--r-- | .gitlab/ci/review-apps/dast-api.gitlab-ci.yml | 29 | ||||
| -rw-r--r-- | .gitlab/ci/rules.gitlab-ci.yml | 6 | ||||
| -rw-r--r-- | .gitlab/ci/static-analysis.gitlab-ci.yml | 11 |
4 files changed, 41 insertions, 6 deletions
diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 1ea65fe4de5..8bd59719342 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -955,6 +955,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/pages/getting_started/ @ashrafkhamis /doc/user/project/quick_actions.md @msedlakjakubowski /doc/user/project/releases/ @rdickenson +/doc/user/project/remote_development/ @ashrafkhamis /doc/user/project/repository/ @aqualls /doc/user/project/repository/branches/ @aqualls /doc/user/project/repository/file_finder.md @ashrafkhamis diff --git a/.gitlab/ci/review-apps/dast-api.gitlab-ci.yml b/.gitlab/ci/review-apps/dast-api.gitlab-ci.yml index e2f32f120af..4d35a282037 100644 --- a/.gitlab/ci/review-apps/dast-api.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/dast-api.gitlab-ci.yml @@ -2,13 +2,34 @@ include: - template: DAST-API.gitlab-ci.yml dast_api: + needs: ["review-deploy"] + # Uncomment resource_group if DAST_API_PROFILE is changed to an active scan + # resource_group: dast_api_scan + rules: + - when: never + +dast_api_graphql: + extends: dast_api variables: - DAST_API_PROFILE: Passive DAST_API_GRAPHQL: /api/graphql + DAST_API_PROFILE: Passive + DAST_API_TARGET_URL: ${CI_ENVIRONMENT_URL} + DAST_API_OVERRIDES_ENV: "{\"headers\":{\"Authorization\":\"Bearer $REVIEW_APPS_ROOT_TOKEN\"}}" + rules: + - !reference [".reports:rules:schedule-dast", rules] + # + # To run this job in an MR pipeline, use this rule: + # - !reference [".reports:rules:test-dast", rules] + +dast_api_rest: + extends: dast_api + variables: + DAST_API_OPENAPI: doc/api/openapi/openapi_v2.yaml + DAST_API_PROFILE: Passive DAST_API_TARGET_URL: ${CI_ENVIRONMENT_URL} DAST_API_OVERRIDES_ENV: "{\"headers\":{\"Authorization\":\"Bearer $REVIEW_APPS_ROOT_TOKEN\"}}" - needs: ["review-deploy"] - # Uncomment resource_group if DAST_API_PROFILE is changed to an active scan - # resource_group: dast_api_scan rules: - !reference [".reports:rules:schedule-dast", rules] + # + # To run this job in an MR pipeline, use this rule: + # - !reference [".reports:rules:test-dast", rules] diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index afe900f39a6..c5e6c021e93 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -1690,6 +1690,12 @@ when: never - <<: *if-dot-com-ee-schedule-nightly-child-pipeline +.reports:rules:test-dast: + rules: + - if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/' + when: never + - <<: *if-merge-request + .reports:rules:package_hunter-yarn: rules: - if: "$PACKAGE_HUNTER_USER == null || $PACKAGE_HUNTER_USER == ''" diff --git a/.gitlab/ci/static-analysis.gitlab-ci.yml b/.gitlab/ci/static-analysis.gitlab-ci.yml index 59ea665ae07..0a310691cd7 100644 --- a/.gitlab/ci/static-analysis.gitlab-ci.yml +++ b/.gitlab/ci/static-analysis.gitlab-ci.yml @@ -122,6 +122,8 @@ rubocop: needs: - job: detect-tests optional: true + variables: + RUBOCOP_TARGET_FILES: "tmp/rubocop_target_files.txt" script: - | # For non-merge request, or when RUN_ALL_RUBOCOP is 'true', run all RuboCop rules @@ -132,8 +134,13 @@ rubocop: unset CI_SLACK_WEBHOOK_URL run_timed_command "bundle exec rake rubocop:check:graceful" else - cat ${RSPEC_CHANGED_FILES_PATH} | ruby -e 'puts $stdin.read.split(" ").select { |f| File.exist?(f) }.join(" ")' > tmp/rubocop_target_files.txt - run_timed_command "bundle exec rubocop --parallel --force-exclusion $(cat tmp/rubocop_target_files.txt)" + cat "${RSPEC_CHANGED_FILES_PATH}" | ruby -e 'print $stdin.read.split(" ").select { |f| File.exist?(f) }.join(" ")' > "$RUBOCOP_TARGET_FILES" + # Skip running RuboCop if there's no target files + if [ -s "${RUBOCOP_TARGET_FILES}" ]; then + run_timed_command "bundle exec rubocop --parallel --force-exclusion $(cat ${RUBOCOP_TARGET_FILES})" + else + echoinfo "Nothing interesting changed for RuboCop. Skipping." + fi fi qa:metadata-lint: |