summaryrefslogtreecommitdiff
path: root/.gitlab-ci.yml
blob: 667211eeed834ab2f591667a012d0865f34e1e55 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
include:
  - template: Code-Quality.gitlab-ci.yml
  - template: Security/SAST.gitlab-ci.yml
  - template: Security/Dependency-Scanning.gitlab-ci.yml
  - template: Security/Secret-Detection.gitlab-ci.yml

variables:
  DOCKER_VERSION: "20.10.3"

workflow:
  rules: &workflow_rules
    # For merge requests, create a pipeline.
    - if: '$CI_MERGE_REQUEST_IID'
    # For `main` branch, create a pipeline (this includes on schedules, pushes, merges, etc.).
    - if: '$CI_COMMIT_BRANCH == "main"'
    # For tags, create a pipeline.
    - if: '$CI_COMMIT_TAG'

default:
  image: golang:1.14
  tags:
    - gitlab-org

.use-docker-in-docker:
  image: docker:${DOCKER_VERSION}
  services:
    - docker:${DOCKER_VERSION}-dind
  tags:
    # See https://gitlab.com/gitlab-com/www-gitlab-com/-/issues/7019 for tag descriptions
    - gitlab-org-docker

.test:
  variables:
    GITALY_CONNECTION_INFO: '{"address":"tcp://gitaly:8075", "storage":"default"}'
  before_script:
    # Set up the environment to run integration tests (still written in Ruby)
    - apt-get update -qq && apt-get install -y ruby ruby-dev
    - ruby -v
    - export PATH=~/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/go/bin
    - gem install --force --bindir /usr/local/bin bundler -v 2.1.4
    - bundle install
    # Now set up to run the Golang tests
    - make build
    - cp config.yml.example config.yml
    - go version
    - which go
  services:
    - name: registry.gitlab.com/gitlab-org/build/cng/gitaly:latest
      # Disable the hooks so we don't have to stub the GitLab API
      command: ["bash", "-c", "mkdir -p /home/git/repositories && rm -rf /srv/gitlab-shell/hooks/* && exec /usr/bin/env GITALY_TESTING_NO_GIT_HOOKS=1 /scripts/process-wrapper"]
      alias: gitaly
  script:
    - make verify test

go:1.16:
  extends: .test
  image: golang:1.16
  after_script:
    - make coverage
  coverage: '/\d+.\d+%/'

race:
  extends: .test
  image: golang:1.16
  script:
    - make test_golang_race

code_quality:
  extends: .use-docker-in-docker
  rules: *workflow_rules

code_navigation:
  image: sourcegraph/lsif-go:v1.3.1
  allow_failure: true
  script:
    - lsif-go
  artifacts:
    reports:
      lsif: dump.lsif

# SAST
gosec-sast:
  rules: *workflow_rules

# Dependency Scanning
gemnasium-dependency_scanning:
  rules: *workflow_rules

bundler-audit-dependency_scanning:
  rules: *workflow_rules

# Secret Detection
secret_detection:
  rules: *workflow_rules