diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-18 06:07:02 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-18 06:07:02 +0000 |
| commit | 9bbb32b29703f3ce33dd35d5101145774b793a6d (patch) | |
| tree | aa1bae0e06dae141228e49b79eada8eaab4cd796 /lib | |
| parent | 16b4f7c9c87d686e9ddb9ee61fea4be4850231a9 (diff) | |
| download | gitlab-ce-9bbb32b29703f3ce33dd35d5101145774b793a6d.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib')
3 files changed, 57 insertions, 6 deletions
diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml index 1ad9dd2913e..5a7642d24ee 100644 --- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @@ -77,15 +77,10 @@ include: - template: Jobs/Test.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/Test.gitlab-ci.yml - template: Jobs/Code-Quality.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml - template: Jobs/Deploy.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml + - template: Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml - template: Jobs/Browser-Performance-Testing.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml - template: Security/DAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml - template: Security/Container-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml - template: Security/License-Management.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml - template: Security/SAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml - -# Override DAST job to exclude master branch -dast: - except: - refs: - - master diff --git a/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml new file mode 100644 index 00000000000..ae2ff9992f9 --- /dev/null +++ b/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml @@ -0,0 +1,55 @@ +.auto-deploy: + image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.1.0" + +dast_environment_deploy: + extends: .auto-deploy + stage: review + script: + - auto-deploy check_kube_domain + - auto-deploy download_chart + - auto-deploy ensure_namespace + - auto-deploy initialize_tiller + - auto-deploy create_secret + - auto-deploy deploy + - auto-deploy persist_environment_url + environment: + name: dast-default + url: http://dast-$CI_PROJECT_ID-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN + on_stop: stop_dast_environment + artifacts: + paths: [environment_url.txt] + only: + refs: + - branches + variables: + - $GITLAB_FEATURES =~ /\bdast\b/ + kubernetes: active + except: + variables: + - $CI_DEFAULT_BRANCH != $CI_COMMIT_REF_NAME + - $DAST_DISABLED || $DAST_DISABLED_FOR_DEFAULT_BRANCH + - $DAST_WEBSITE # we don't need to create a review app if a URL is already given + +stop_dast_environment: + extends: .auto-deploy + stage: cleanup + variables: + GIT_STRATEGY: none + script: + - auto-deploy initialize_tiller + - auto-deploy delete + environment: + name: dast-default + action: stop + needs: ["dast"] + only: + refs: + - branches + variables: + - $GITLAB_FEATURES =~ /\bdast\b/ + kubernetes: active + except: + variables: + - $CI_DEFAULT_BRANCH != $CI_COMMIT_REF_NAME + - $DAST_DISABLED || $DAST_DISABLED_FOR_DEFAULT_BRANCH + - $DAST_WEBSITE diff --git a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml index 4b55ffd3771..23c65a0cb67 100644 --- a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml @@ -46,3 +46,4 @@ dast: except: variables: - $DAST_DISABLED + - $DAST_DISABLED_FOR_DEFAULT_BRANCH && $CI_DEFAULT_BRANCH == $CI_COMMIT_REF_NAME |