-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
112 lines (101 loc) · 2.63 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
default:
image: ubuntu:latest
stages:
- build
- test
- convert
- deploy
include:
- template: Code-Quality.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
- template: Security/Container-Scanning.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml # Ultimate
- template: Security/License-Scanning.gitlab-ci.yml # Ultimate
variables:
PYTHONPATH: "$CI_PROJECT_DIR/src"
SECRET_DETECTION_EXCLUDED_PATHS: "tst"
markdown_lint:
image: node:latest
needs: []
rules:
- changes:
- "*.md"
- "**/*.md"
script:
- npm install -g markdownlint-cli
- markdownlint -c .markdownlint.json $(find . -type f -name "*.md")
markdown_link:
needs: []
image: node:latest
rules:
- changes:
- "*.md"
- "**/*.md"
script:
- npm install -g markdown-link-check
- echo '{}' > /tmp/config.json
- markdown-link-check -c /tmp/config.json $(find . -type f -name "*.md" -not -path ".git*")
spelling:
image: node:latest
needs: []
allow_failure: true
script:
- npm install -g cspell@latest
- cspell --color --locale "en,fr" --config .ci/cpsell/config.json README.md tutorials/** reports/**
unit-test-job:
image: python:latest
stage: test
rules:
- exists:
- "*.py"
- "**/*.py"
script:
- echo "Running unit tests..."
- python3 -m pip install pytest
- python3 -m pip install -r requirements.txt
- python3 -m pytest tst --junitxml=unit_test_results.xml
artifacts:
reports:
junit: unit_test_results.xml
when: always
expire_in: 1 days
lint-test-job:
image: python:latest
stage: test
needs: []
rules:
- changes:
- "*.py"
- "**/*.py"
script:
- echo "Running pylint tests"
- python3 -m pip install pylint mypy
- python3 -m pylint src/**
- echo "Running mypy tests"
- for file in $(find src -type f -name "*.py"); do python3 -m mypy $file; done
bandit-test-job:
image: python:latest
stage: test
needs: []
rules:
- changes:
- "*.py"
- "**/*.py"
script:
- python3 -m pip install --upgrade pip
- python3 -m pip install --upgrade setuptools
- python3 -m pip install bandit
update_issue_labels:
image: alpine:latest
script:
- apk --no-cache add curl
- >
curl --request PUT
--header "PRIVATE-TOKEN: $CI_JOB_TOKEN"
--data "labels=DONE"
"$CI_PROJECT_URL/api/v4/projects/$CI_PROJECT_ID/issues/$CI_MERGE_REQUEST_IID"
only:
- merge_requests
# TODO: Add valgrind verifyer (memory leaks & profiling (only when benchmark is set to true))
# TODO: Convert security scans as junit tests