Add functional tests to the pipeline

* Move jobs to gitlab-ci.yml files that match the stage they belong to. * Move linter job to build stage * Add functional test jobs * Reduce max size to 2 GB * Pass the current pipeline image to the downstream jobs * Replace `edge` tag with `latest` * Use $CI_DEFAULT_BRANCH instead of master * Move `.env*` files to config dir and update RELEASE instructions * Combine `tag` and `release` stages into `deploy` stage as recommended in GitLab docs * Make the `build-docker-image` job interruptible * Fix issues found in code quality report
author: mo khan <mo.khan@gmail.com> 2020-05-22 15:48:21 +0000
committer: Can Eldem <celdem@gitlab.com> 2020-05-22 15:48:21 +0000
commit: ef80bee8d1f97830449132afd1a4514c1d9d145b (patch)
tree: 93a45ec7990788dcff4c1c18a29920698889e593 /.gitlab
parent: 7e044195b5148b1b9ecbb92d88eb2e4c57a3d81b (diff)
4 files changed, 259 insertions, 149 deletions
diff --git a/.gitlab/build.yml b/.gitlab/build.yml
new file mode 100644
index 0000000..772bde3
--- /dev/null
+++ b/.gitlab/build.yml
@@ -0,0 +1,29 @@
+build-docker-image:
+  image: docker:stable
+  interruptible: true
+  stage: build
+  tags: [gitlab-org-docker]
+  services:
+    - docker:stable-dind
+  script:
+    - docker info
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - docker pull $CI_REGISTRY_IMAGE:latest || true
+    - docker build --cache-from $CI_REGISTRY_IMAGE:latest -t $TMP_IMAGE .
+    - docker image inspect $TMP_IMAGE --format='{{.Size}}'
+    - docker push $TMP_IMAGE
+
+build-mvn-pkg:
+  image: maven:3.3.9-jdk-8
+  stage: build
+  script:
+    - cd spec/fixtures/java/example/ && mvn deploy -s settings.xml
+  allow_failure: true
+
+lint:
+  stage: build
+  image: ruby:alpine
+  script:
+    - apk add build-base shellcheck
+    - bin/setup
+    - bin/lint
diff --git a/.gitlab/deploy.yml b/.gitlab/deploy.yml
new file mode 100644
index 0000000..22c8633
--- /dev/null
+++ b/.gitlab/deploy.yml
@@ -0,0 +1,172 @@
+.docker_tag:
+  image: docker:stable
+  stage: deploy
+  tags: [gitlab-org-docker]
+  services:
+    - docker:stable-dind
+  script:
+    - docker info
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - export SOURCE_IMAGE=$TMP_IMAGE
+    - export TARGET_IMAGE=$CI_REGISTRY_IMAGE:${IMAGE_TAG:-$CI_JOB_NAME}
+    - |
+      if [ -z "$DOTENV" ]; then
+        docker pull $SOURCE_IMAGE
+        docker tag $SOURCE_IMAGE $TARGET_IMAGE
+      else
+        ./bin/docker-dotenv
+      fi
+    - docker push $TARGET_IMAGE
+
+latest:
+  extends: .docker_tag
+  variables:
+    IMAGE_TAG: latest
+  only:
+    - $CI_DEFAULT_BRANCH
+
+version:
+  extends: .docker_tag
+  before_script:
+    - export IMAGE_TAG=${CI_COMMIT_TAG/v/}
+    - echo "Checking that $CI_COMMIT_TAG is last in the changelog"
+    - test "$(grep '^## v' CHANGELOG.md |head -n 1)" = "## $CI_COMMIT_TAG"
+  only:
+    - tags
+  allow_failure: false
+
+.release:
+  extends: .docker_tag
+  when: manual
+  only:
+    - tags
+  after_script:
+    # Also push to registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder
+    - docker login -u gitlab-ci-token -p $GITLAB_TOKEN $CI_REGISTRY
+    - docker tag $TARGET_IMAGE registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:${IMAGE_TAG:-$CI_JOB_NAME}
+    - docker push registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:${IMAGE_TAG:-$CI_JOB_NAME}
+
+major:
+  extends: .release
+  variables:
+    IMAGE_TAG: $MAJOR
+
+13-0-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.13-0-stable"
+
+12-10-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-10-stable"
+
+12-9-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-9-stable"
+
+12-8-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-8-stable"
+
+12-7-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-7-stable"
+
+12-6-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-6-stable"
+
+12-5-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-5-stable"
+
+12-4-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-4-stable"
+
+12-3-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-3-stable"
+
+12-2-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.12-2-stable"
+
+12-1-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+12-0-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-11-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-10-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-9-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-8-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-7-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-6-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-5-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-4-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-3-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-2-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-1-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
+
+11-0-stable:
+  extends: .release
+  variables:
+    DOTENV: "config/.env.legacy"
diff --git a/.gitlab/release.yml b/.gitlab/release.yml
deleted file mode 100644
index c1ce426..0000000
--- a/.gitlab/release.yml
+++ /dev/null
@@ -1,139 +0,0 @@
-.release:
-  extends: .docker_tag
-  stage: release
-  when: manual
-  only:
-    - tags
-  after_script:
-    # Also push to registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder
-    - docker login -u gitlab-ci-token -p $GITLAB_TOKEN $CI_REGISTRY
-    - docker tag $TARGET_IMAGE registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:${IMAGE_TAG:-$CI_JOB_NAME}
-    - docker push registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:${IMAGE_TAG:-$CI_JOB_NAME}
-
-major:
-  extends: .release
-  variables:
-    IMAGE_TAG: $MAJOR
-
-latest:
-  extends: .release
-
-13-0-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.13-0-stable"
-
-12-10-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-10-stable"
-
-12-9-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-9-stable"
-
-12-8-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-8-stable"
-
-12-7-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-7-stable"
-
-12-6-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-6-stable"
-
-12-5-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-5-stable"
-
-12-4-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-4-stable"
-
-12-3-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-3-stable"
-
-12-2-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.12-2-stable"
-
-12-1-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-12-0-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-11-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-10-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-9-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-8-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-7-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-6-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-5-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-4-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-3-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-2-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-1-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
-
-11-0-stable:
-  extends: .release
-  variables:
-    DOTENV: ".env.legacy"
diff --git a/.gitlab/test.yml b/.gitlab/test.yml
index d5c3d7d..fb0b723 100644
--- a/.gitlab/test.yml
+++ b/.gitlab/test.yml
@@ -1,14 +1,13 @@
 size:
   image: docker:stable
   stage: test
-  allow_failure: true # temporary until we can shrink the image size.
   services:
     - docker:stable-dind
   tags: [gitlab-org-docker]
   timeout: 3 minutes
   variables:
     GIT_STRATEGY: none
-    MAX_SIZE: 2684354560
+    MAX_SIZE: 2147483648
   script:
     - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
     - docker pull $TMP_IMAGE
@@ -18,14 +17,6 @@ size:
     - echo $CURRENT_SIZE
     - test "$MAX_SIZE" -gt "$CURRENT_SIZE"
 
-lint:
-  stage: test
-  image: ruby:alpine
-  script:
-    - apk add build-base shellcheck
-    - bin/setup
-    - bin/lint
-
 .rspec:
   stage: test
   script:
@@ -86,3 +77,60 @@ integration-ruby:
   extends: .rspec
   variables:
     RSPEC_DIR: spec/integration/ruby
+
+.functional:
+  stage: test
+  trigger: gitlab-org/security-products/tests/common
+  variables:
+    CONTAINER_SCANNING_DISABLED: 'true'
+    DAST_DISABLED: 'true'
+    DEPENDENCY_SCANNING_DISABLED: 'true'
+    LICENSE_MANAGEMENT_VERSION: $CI_COMMIT_SHA
+    SAST_DISABLED: 'true'
+    SECURE_ANALYZERS_PREFIX: $CI_REGISTRY_IMAGE
+  only:
+    - $CI_DEFAULT_BRANCH
+
+functional-csharp-nuget-dotnetcore:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/csharp-nuget-dotnetcore
+
+functional-go-modules:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/go-modules
+
+functional-java-maven-multimodules:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/java-maven-multimodules
+
+functional-java-maven:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/java-maven
+
+functional-js-bower:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/js-bower
+
+functional-js-npm:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/js-npm
+
+functional-js-yarn:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/js-yarn
+
+functional-ruby-bundler_js-yarn:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/ruby-bundler_js-yarn
+
+functional-php-composer:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/php-composer
+
+functional-python-pip:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/python-pip
+
+functional-ruby-bundler:
+  extends: .functional
+  trigger: gitlab-org/security-products/tests/ruby-bundler
author	mo khan <mo.khan@gmail.com>	2020-05-22 15:48:21 +0000
committer	Can Eldem <celdem@gitlab.com>	2020-05-22 15:48:21 +0000
commit	ef80bee8d1f97830449132afd1a4514c1d9d145b (patch)
tree	93a45ec7990788dcff4c1c18a29920698889e593 /.gitlab
parent	7e044195b5148b1b9ecbb92d88eb2e4c57a3d81b (diff)