diff options
Diffstat (limited to 'vendor/gitlab-ci-yml')
4 files changed, 84 insertions, 245 deletions
diff --git a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml index 589ebcf1414..0d58a00482a 100644 --- a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml +++ b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml @@ -7,6 +7,18 @@ # * creating a review app for each topic branch, # * and continuous deployment to production # +# Test jobs may be disabled by setting environment variables: +# * test: TEST_DISABLED +# * code_quality: CODE_QUALITY_DISABLED +# * license_management: LICENSE_MANAGEMENT_DISABLED +# * performance: PERFORMANCE_DISABLED +# * sast: SAST_DISABLED +# * dependency_scanning: DEPENDENCY_SCANNING_DISABLED +# * container_scanning: CONTAINER_SCANNING_DISABLED +# * dast: DAST_DISABLED +# * review: REVIEW_DISABLED +# * stop_review: REVIEW_DISABLED +# # In order to deploy, you must have a Kubernetes cluster configured either # via a project integration, or via group/project variables. # AUTO_DEVOPS_DOMAIN must also be set as a variable at the group or project @@ -15,7 +27,7 @@ # Continuous deployment to production is enabled by default. # If you want to deploy to staging first, or enable incremental rollouts, # set STAGING_ENABLED or INCREMENTAL_ROLLOUT_ENABLED environment variables. -# If you want to use canary deployments, uncomment the canary job. +# If you want to use canary deployments, set CANARY_ENABLED environment variable. # # If Auto DevOps fails to detect the proper buildpack, or if you want to # specify a custom buildpack, set a project variable `BUILDPACK_URL` to the @@ -76,8 +88,12 @@ test: - /bin/herokuish buildpack test only: - branches + except: + variables: + - $TEST_DISABLED code_quality: + stage: test image: docker:stable variables: DOCKER_DRIVER: overlay2 @@ -89,6 +105,25 @@ code_quality: - code_quality artifacts: paths: [gl-code-quality-report.json] + except: + variables: + - $CODE_QUALITY_DISABLED + +license_management: + image: docker:stable + variables: + DOCKER_DRIVER: overlay2 + allow_failure: true + services: + - docker:stable-dind + script: + - setup_docker + - license_management + artifacts: + paths: [gl-license-management-report.json] + except: + variables: + - $LICENSE_MANAGEMENT_DISABLED performance: stage: performance @@ -109,8 +144,12 @@ performance: refs: - branches kubernetes: active + except: + variables: + - $PERFORMANCE_DISABLED sast: + stage: test image: docker:stable variables: DOCKER_DRIVER: overlay2 @@ -122,8 +161,12 @@ sast: - sast artifacts: paths: [gl-sast-report.json] + except: + variables: + - $SAST_DISABLED dependency_scanning: + stage: test image: docker:stable variables: DOCKER_DRIVER: overlay2 @@ -135,8 +178,12 @@ dependency_scanning: - dependency_scanning artifacts: paths: [gl-dependency-scanning-report.json] + except: + variables: + - $DEPENDENCY_SCANNING_DISABLED container_scanning: + stage: test image: docker:stable variables: DOCKER_DRIVER: overlay2 @@ -148,6 +195,9 @@ container_scanning: - container_scanning artifacts: paths: [gl-container-scanning-report.json] + except: + variables: + - $CONTAINER_SCANNING_DISABLED dast: stage: dast @@ -164,7 +214,10 @@ dast: - branches kubernetes: active except: - - master + refs: + - master + variables: + - $DAST_DISABLED review: stage: review @@ -188,7 +241,10 @@ review: - branches kubernetes: active except: - - master + refs: + - master + variables: + - $REVIEW_DISABLED stop_review: stage: cleanup @@ -207,7 +263,10 @@ stop_review: - branches kubernetes: active except: - - master + refs: + - master + variables: + - $REVIEW_DISABLED # Keys that start with a dot (.) will not be processed by GitLab CI. # Staging and canary jobs are disabled by default, to enable them @@ -240,10 +299,11 @@ staging: variables: - $STAGING_ENABLED -# Canaries are disabled by default, but if you want them, -# and know what the downsides are, enable this job by removing the dot (.). +# Canaries are also disabled by default, but if you want them, +# and know what the downsides are, you can enable this by setting +# CANARY_ENABLED. -.canary: +canary: stage: canary script: - check_kube_domain @@ -261,6 +321,8 @@ staging: refs: - master kubernetes: active + variables: + - $CANARY_ENABLED .production: &production_template stage: production @@ -290,6 +352,7 @@ production: except: variables: - $STAGING_ENABLED + - $CANARY_ENABLED - $INCREMENTAL_ROLLOUT_ENABLED production_manual: @@ -416,6 +479,18 @@ rollout 100%: "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code } + function license_management() { + if echo $GITLAB_FEATURES |grep license_management > /dev/null ; then + # Extract "MAJOR.MINOR" from CI_SERVER_VERSION and generate "MAJOR-MINOR-stable" + LICENSE_MANAGEMENT_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') + + docker run --volume "$PWD:/code" \ + "registry.gitlab.com/gitlab-org/security-products/license-management:$LICENSE_MANAGEMENT_VERSION" analyze /code + else + echo "License management is not available in your subscription" + fi + } + function sast() { case "$CI_SERVER_VERSION" in *-ee) @@ -615,7 +690,7 @@ rollout 100%: function check_kube_domain() { if [ -z ${AUTO_DEVOPS_DOMAIN+x} ]; then echo "In order to deploy or use Review Apps, AUTO_DEVOPS_DOMAIN variable must be set" - echo "You can do it in Auto DevOps project settings or defining a secret variable at group or project level" + echo "You can do it in Auto DevOps project settings or defining a variable at group or project level" echo "You can also manually add it in .gitlab-ci.yml" false else @@ -624,7 +699,6 @@ rollout 100%: } function build() { - if [[ -n "$CI_REGISTRY_USER" ]]; then echo "Logging to GitLab Container Registry with CI credentials..." docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY" @@ -636,7 +710,7 @@ rollout 100%: docker build -t "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" . else echo "Building Heroku-based application using gliderlabs/herokuish docker image..." - docker run -i --name="$CI_CONTAINER_NAME" -v "$(pwd):/tmp/app:ro" gliderlabs/herokuish /bin/herokuish buildpack build + docker run -i -e BUILDPACK_URL --name="$CI_CONTAINER_NAME" -v "$(pwd):/tmp/app:ro" gliderlabs/herokuish /bin/herokuish buildpack build docker commit "$CI_CONTAINER_NAME" "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" docker rm "$CI_CONTAINER_NAME" >/dev/null echo "" diff --git a/vendor/gitlab-ci-yml/autodeploy/Kubernetes-with-canary.gitlab-ci.yml b/vendor/gitlab-ci-yml/autodeploy/Kubernetes-with-canary.gitlab-ci.yml deleted file mode 100644 index 6e5fe97cf6d..00000000000 --- a/vendor/gitlab-ci-yml/autodeploy/Kubernetes-with-canary.gitlab-ci.yml +++ /dev/null @@ -1,87 +0,0 @@ -# This template has been DEPRECATED. Consider using Auto DevOps instead: -# https://docs.gitlab.com/ee/topics/autodevops - -# Explanation on the scripts: -# https://gitlab.com/gitlab-examples/kubernetes-deploy/blob/master/README.md -image: registry.gitlab.com/gitlab-examples/kubernetes-deploy - -variables: - # Application deployment domain - KUBE_DOMAIN: domain.example.com - -stages: - - build - - test - - review - - staging - - canary - - production - - cleanup - -build: - stage: build - script: - - command build - only: - - branches - -canary: - stage: canary - script: - - command canary - environment: - name: production - url: http://$CI_PROJECT_PATH_SLUG.$KUBE_DOMAIN - when: manual - only: - - master - -production: - stage: production - script: - - command deploy - environment: - name: production - url: http://$CI_PROJECT_PATH_SLUG.$KUBE_DOMAIN - when: manual - only: - - master - -staging: - stage: staging - script: - - command deploy - environment: - name: staging - url: http://$CI_PROJECT_PATH_SLUG-staging.$KUBE_DOMAIN - only: - - master - -review: - stage: review - script: - - command deploy - environment: - name: review/$CI_COMMIT_REF_NAME - url: http://$CI_PROJECT_PATH_SLUG-$CI_ENVIRONMENT_SLUG.$KUBE_DOMAIN - on_stop: stop_review - only: - - branches - except: - - master - -stop_review: - stage: cleanup - variables: - GIT_STRATEGY: none - script: - - command destroy - environment: - name: review/$CI_COMMIT_REF_NAME - action: stop - when: manual - allow_failure: true - only: - - branches - except: - - master diff --git a/vendor/gitlab-ci-yml/autodeploy/Kubernetes.gitlab-ci.yml b/vendor/gitlab-ci-yml/autodeploy/Kubernetes.gitlab-ci.yml deleted file mode 100644 index 019a4d4cd7d..00000000000 --- a/vendor/gitlab-ci-yml/autodeploy/Kubernetes.gitlab-ci.yml +++ /dev/null @@ -1,74 +0,0 @@ -# This template has been DEPRECATED. Consider using Auto DevOps instead: -# https://docs.gitlab.com/ee/topics/autodevops - -# Explanation on the scripts: -# https://gitlab.com/gitlab-examples/kubernetes-deploy/blob/master/README.md -image: registry.gitlab.com/gitlab-examples/kubernetes-deploy - -variables: - # Application deployment domain - KUBE_DOMAIN: domain.example.com - -stages: - - build - - test - - review - - staging - - production - - cleanup - -build: - stage: build - script: - - command build - only: - - branches - -production: - stage: production - script: - - command deploy - environment: - name: production - url: http://$CI_PROJECT_PATH_SLUG.$KUBE_DOMAIN - when: manual - only: - - master - -staging: - stage: staging - script: - - command deploy - environment: - name: staging - url: http://$CI_PROJECT_PATH_SLUG-staging.$KUBE_DOMAIN - only: - - master - -review: - stage: review - script: - - command deploy - environment: - name: review/$CI_COMMIT_REF_NAME - url: http://$CI_PROJECT_PATH_SLUG-$CI_ENVIRONMENT_SLUG.$KUBE_DOMAIN - on_stop: stop_review - only: - - branches - except: - - master - -stop_review: - stage: cleanup - variables: - GIT_STRATEGY: none - script: - - command destroy - environment: - name: review/$CI_COMMIT_REF_NAME - action: stop - when: manual - only: - - branches - except: - - master diff --git a/vendor/gitlab-ci-yml/autodeploy/OpenShift.gitlab-ci.yml b/vendor/gitlab-ci-yml/autodeploy/OpenShift.gitlab-ci.yml deleted file mode 100644 index 60a9430a839..00000000000 --- a/vendor/gitlab-ci-yml/autodeploy/OpenShift.gitlab-ci.yml +++ /dev/null @@ -1,74 +0,0 @@ -# This template has been DEPRECATED. Consider using Auto DevOps instead: -# https://docs.gitlab.com/ee/topics/autodevops - -# Explanation on the scripts: -# https://gitlab.com/gitlab-examples/openshift-deploy/blob/master/README.md -image: registry.gitlab.com/gitlab-examples/openshift-deploy - -variables: - # Application deployment domain - KUBE_DOMAIN: domain.example.com - -stages: - - build - - test - - review - - staging - - production - - cleanup - -build: - stage: build - script: - - command build - only: - - branches - -production: - stage: production - script: - - command deploy - environment: - name: production - url: http://$CI_PROJECT_PATH_SLUG.$KUBE_DOMAIN - when: manual - only: - - master - -staging: - stage: staging - script: - - command deploy - environment: - name: staging - url: http://$CI_PROJECT_PATH_SLUG-staging.$KUBE_DOMAIN - only: - - master - -review: - stage: review - script: - - command deploy - environment: - name: review/$CI_COMMIT_REF_NAME - url: http://$CI_PROJECT_PATH_SLUG-$CI_ENVIRONMENT_SLUG.$KUBE_DOMAIN - on_stop: stop_review - only: - - branches - except: - - master - -stop_review: - stage: cleanup - variables: - GIT_STRATEGY: none - script: - - command destroy - environment: - name: review/$CI_COMMIT_REF_NAME - action: stop - when: manual - only: - - branches - except: - - master |