blob: b2591e29c5e51cea4137b2d10ee7c0fb20e7f211 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
include:
- template: Code-Quality.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
variables:
DOCKER_VERSION: "19.03.0"
workflow:
rules: &workflow_rules
# For merge requests, create a pipeline.
- if: '$CI_MERGE_REQUEST_IID'
# For `master` branch, create a pipeline (this includes on schedules, pushes, merges, etc.).
- if: '$CI_COMMIT_BRANCH == "master"'
# For tags, create a pipeline.
- if: '$CI_COMMIT_TAG'
default:
image: golang:1.13
tags:
- gitlab-org
.use-docker-in-docker:
image: docker:${DOCKER_VERSION}
services:
- docker:${DOCKER_VERSION}-dind
variables:
DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
tags:
# See https://gitlab.com/gitlab-com/www-gitlab-com/-/issues/7019 for tag descriptions
- gitlab-org-docker
.test:
before_script:
# Set up the environment to run integration tests (still written in Ruby)
- apt-get update -qq && apt-get install -y ruby ruby-dev
- ruby -v
- export PATH=~/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/go/bin
- gem install --force --bindir /usr/local/bin bundler -v 2.1.4
- bundle install
# Now set up to run the Golang tests
- make build
- cp config.yml.example config.yml
- go version
- which go
script:
- make verify test
go:1.13:
extends: .test
image: golang:1.13
go:1.14:
extends: .test
image: golang:1.14
after_script:
- make coverage
coverage: '/\d+.\d+%/'
race:
extends: .test
image: golang:1.14
script:
- make test_golang_race
code_quality:
extends: .use-docker-in-docker
rules: *workflow_rules
code_navigation:
image: sourcegraph/lsif-go:v1
allow_failure: true
script:
- lsif-go
artifacts:
reports:
lsif: dump.lsif
# SAST
gosec-sast:
rules: *workflow_rules
# Dependency Scanning
gemnasium-dependency_scanning:
rules: *workflow_rules
bundler-audit-dependency_scanning:
rules: *workflow_rules
# Secret Detection
secret_detection:
rules: *workflow_rules
|
