From 4555e1b21c365ed8303ffb7a3325d773c9b8bf31 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 19 May 2021 15:44:42 +0000 Subject: Add latest changes from gitlab-org/gitlab@13-12-stable-ee --- .gitlab/ci/rules.gitlab-ci.yml | 51 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 46 insertions(+), 5 deletions(-) (limited to '.gitlab/ci/rules.gitlab-ci.yml') diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index c2d16582a68..5c9be5b1e9f 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -124,7 +124,7 @@ .docs-patterns: &docs-patterns - ".gitlab/route-map.yml" - "doc/**/*" - - ".markdownlint.json" + - ".markdownlint.yml" - "scripts/lint-doc.sh" .frontend-dependency-patterns: &frontend-dependency-patterns @@ -424,6 +424,13 @@ - <<: *if-default-refs changes: *code-backstage-patterns +.frontend:rules:default-frontend-jobs-ee: + rules: + - <<: *if-not-ee + when: never + - <<: *if-default-refs + changes: *code-backstage-patterns + .frontend:rules:default-frontend-jobs-as-if-foss: rules: - <<: *if-not-ee @@ -518,6 +525,8 @@ .qa:rules:package-and-qa: rules: + - <<: *if-not-ee + when: never - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *ci-qa-patterns allow_failure: true @@ -929,6 +938,25 @@ - <<: *if-merge-request changes: [".gitlab/ci/rails.gitlab-ci.yml"] +######################### +# Static analysis rules # +######################### + +.static-analysis:rules:ee-and-foss: + rules: + - changes: *code-backstage-qa-patterns + +.static-analysis:rules:as-if-foss: + rules: + - <<: *if-not-ee + when: never + - <<: *if-merge-request-title-as-if-foss + changes: *code-backstage-qa-patterns + - <<: *if-security-merge-request + changes: *code-backstage-qa-patterns + - <<: *if-merge-request + changes: *ci-patterns + ####################### # Vendored gems rules # ####################### @@ -975,6 +1003,16 @@ changes: *code-backstage-qa-patterns allow_failure: true +.reports:rules:secret_detection: + rules: + - if: '$SECRET_DETECTION_DISABLED' + when: never + - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' # The Secret-Detection template already has a `secret_detection_default_branch` job + when: never + # - <<: *if-default-branch-refs # To be done in a later iteration: https://gitlab.com/gitlab-org/gitlab/issues/31160#note_278188255 + - changes: *code-backstage-qa-patterns + allow_failure: true + .reports:rules:dependency_scanning: rules: - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/' @@ -996,13 +1034,19 @@ when: manual allow_failure: true -.reports:schedule-dast: +.reports:rules:schedule-dast: rules: - if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/' when: never - <<: *if-default-branch-schedule-nightly allow_failure: true +.reports:rules:package_hunter: + rules: + - <<: *if-default-branch-schedule-2-hourly + - <<: *if-merge-request + changes: ["yarn.lock"] + .reports:rules:license_scanning: rules: - if: '$LICENSE_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/' @@ -1042,7 +1086,6 @@ allow_failure: true - <<: *if-dot-com-gitlab-org-merge-request changes: *code-patterns - when: manual allow_failure: true - <<: *if-dot-com-gitlab-org-merge-request changes: *qa-patterns @@ -1063,7 +1106,6 @@ allow_failure: true - <<: *if-dot-com-gitlab-org-merge-request changes: *code-qa-patterns - when: manual allow_failure: true - <<: *if-dot-com-gitlab-org-schedule allow_failure: true @@ -1086,7 +1128,6 @@ allow_failure: true - <<: *if-dot-com-gitlab-org-merge-request changes: *code-qa-patterns - when: manual allow_failure: true .review:rules:review-qa-all: -- cgit v1.2.1