Commit 5ef00236 authored by Sandor Korozsi's avatar Sandor Korozsi
Browse files

Merge branch 'skorozsi/sast' into 'master'

Windows pipeline with SAST

See merge request !30
parents 27054ccc 5f40aefe
Pipeline #22069 passed with stages
in 6 minutes and 3 seconds
......@@ -2,6 +2,7 @@
__pycache__
htmlcov
/build
/builds
test-venv
*.egg-info
.eggs
......
include:
- template: Auto-DevOps.gitlab-ci.yml
stages:
- prepare
- build
- test
- review
- deploy # dummy stage to follow the template guidelines
- dast
- staging
- canary
- production
- incremental rollout 10%
- incremental rollout 25%
- incremental rollout 50%
- incremental rollout 100%
- performance
- cleanup
variables:
SHA_IMAGE_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
VS_COMMUNITY_PATH: 'C:\Program Files (x86)\Microsoft Visual Studio\2019\Community'
MSBUILD_PATH: '$VS_COMMUNITY_PATH\MSBuild\Current\Bin\msbuild.exe'
CMAKE_PATH: '$VS_COMMUNITY_PATH\Common7\IDE\CommonExtensions\Microsoft\CMake\CMake\bin\'
CONFIGURATION: Release
PLATFORM: x64
DEPLOY_FOLDER: '/build/deploy/native/$PLATFORM/$CONFIGURATION/'
OPENZGY_TESTDATA: '$CI_PROJECT_DIR/build/testdata'
TEST_RUNNER: '$CI_PROJECT_DIR\build\deploy\native\$PLATFORM\$CONFIGURATION\OpenZGY.Test.exe'
SOLUTION_FILE_PATH: '$CI_PROJECT_DIR\native\windows\OpenZGY.sln'
CONTAINER_SCANNING_DISABLED: "1"
AUTO_DEVOPS_EXPLICITLY_ENABLED: "1"
TEST_DISABLED: "1"
CODE_QUALITY_DISABLED: ""
BUILD_DISABLED: "1"
build:
rules: #introducing BUILD_DISABLED: overriding original rule to be able to ignore the original job
- if: '$BUILD_DISABLED'
when: never
build_artifact:
script: exit 0 #does not do anything, override to ignore original job
rules:
- if: '$BUILD_DISABLED'
when: never
centos8-container:
stage: prepare
image: docker:19.03
tags: ['docker-runner']
tags:
- docker-runner
script:
- mkdir -p seismic-service-bin private
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- grep -v '^COPY' scripts/Dockerfile-centos8 | docker build --pull -t $SHA_IMAGE_TAG-centos8 -f - .
- docker push $SHA_IMAGE_TAG-centos8
- mkdir -p seismic-service-bin private
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- grep -v '^COPY' scripts/Dockerfile-centos8 | docker build --pull -t $SHA_IMAGE_TAG-centos8
-f - .
- docker push $SHA_IMAGE_TAG-centos8
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/sast
doc-container:
stage: prepare
image: docker:19.03
tags: ['docker-runner']
tags:
- docker-runner
script:
- mkdir -p seismic-service-bin private
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- grep -v '^COPY' scripts/Dockerfile-doc | docker build --pull -t $SHA_IMAGE_TAG-doc -f - .
- docker push $SHA_IMAGE_TAG-doc
- mkdir -p seismic-service-bin private
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- grep -v '^COPY' scripts/Dockerfile-doc | docker build --pull -t $SHA_IMAGE_TAG-doc
-f - .
- docker push $SHA_IMAGE_TAG-doc
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/sast
centos8-compile:
stage: build
image: $SHA_IMAGE_TAG-centos8
tags: ['docker-runner']
image: "$SHA_IMAGE_TAG-centos8"
tags:
- docker-runner
artifacts:
name: OpenZGY-centos8
expire_in: 1 hr
paths:
- build/deploy
- build/deploy
exclude:
- build/**.timestamp
- build/**.timestamp
script:
- make build testscripts
- make build testscripts
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/sast
doc-compile:
stage: build
image: $SHA_IMAGE_TAG-doc
tags: ['docker-runner']
image: "$SHA_IMAGE_TAG-doc"
tags:
- docker-runner
artifacts:
name: OpenZGY-doc
expire_in: 1 hr
paths:
- build/deploy
- build/deploy
script:
- make doxygen
- make doxygen
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/sast
test-native:
stage: test
image: $SHA_IMAGE_TAG-centos8
image: "$SHA_IMAGE_TAG-centos8"
script:
- mkdir /tmp/run
- tar cf build.tar build
- tar xvf build.tar -C /tmp/run
- tar xvf build/deploy/testscripts.tar -C /tmp/run
- cd /tmp/run
- /bin/bash native/src/runtests.sh
- mkdir /tmp/run
- tar cf build.tar build
- tar xvf build.tar -C /tmp/run
- tar xvf build/deploy/testscripts.tar -C /tmp/run
- cd /tmp/run
- "/bin/bash native/src/runtests.sh"
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/sast
.test-sdglue:
".test-sdglue":
stage: test
image: $SHA_IMAGE_TAG-centos8
image: "$SHA_IMAGE_TAG-centos8"
script:
- mkdir /tmp/run
- tar cf build.tar build
- tar xvf build.tar -C /tmp/run
- tar xvf build/deploy/testscripts.tar -C /tmp/run
- cd /tmp/run
- /bin/bash native/sdglue/runtests.sh
- mkdir /tmp/run
- tar cf build.tar build
- tar xvf build.tar -C /tmp/run
- tar xvf build/deploy/testscripts.tar -C /tmp/run
- cd /tmp/run
- "/bin/bash native/sdglue/runtests.sh"
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/sast
test-wrapper:
stage: test
image: $SHA_IMAGE_TAG-centos8
image: "$SHA_IMAGE_TAG-centos8"
script:
- mkdir /tmp/run
- tar cf build.tar build
- tar xvf build.tar -C /tmp/run
- tar xvf build/deploy/testscripts.tar -C /tmp/run
- cd /tmp/run
- /bin/bash wrapper/runtests.sh
- mkdir /tmp/run
- tar cf build.tar build
- tar xvf build.tar -C /tmp/run
- tar xvf build/deploy/testscripts.tar -C /tmp/run
- cd /tmp/run
- "/bin/bash wrapper/runtests.sh"
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/sast
test-pure:
stage: test
image: $SHA_IMAGE_TAG-centos8
image: "$SHA_IMAGE_TAG-centos8"
script:
- mkdir /tmp/run
- tar cf build.tar build
- tar xvf build.tar -C /tmp/run
- tar xvf build/deploy/testscripts.tar -C /tmp/run
- cd /tmp/run
- /bin/bash python/runtests.sh
- mkdir /tmp/run
- tar cf build.tar build
- tar xvf build.tar -C /tmp/run
- tar xvf build/deploy/testscripts.tar -C /tmp/run
- cd /tmp/run
- "/bin/bash python/runtests.sh"
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/sast
windows-build-x64-release:
stage: build
tags:
- windows
only:
- master
- merge_requests
- kvamme62/citest
- kvamme62/cicd
- skorozsi/pipeline
- skorozsi/sast
script:
- |
$env:Path += ";$CMAKE_PATH"
$collectionOfArgs = @("$SOLUTION_FILE_PATH", "/p:Configuration=Release", "/p:Platform=x64")
& "$MSBUILD_PATH" $collectionOfArgs
artifacts:
name: 'openzgy-windows-x64-release'
paths:
- build/deploy/native/x64/Release/
- build/testdata
dependencies: []
windows-build-x64-debug:
stage: build
tags:
- windows
only:
- master
- merge_requests
- skorozsi/pipeline
- skorozsi/sast
script:
- |
$env:Path += ";$CMAKE_PATH"
$collectionOfArgs = @("$SOLUTION_FILE_PATH", "/p:Configuration=Debug", "/p:Platform=x64")
& "$MSBUILD_PATH" $collectionOfArgs
artifacts:
name: 'openzgy-windows-x64-debug'
paths:
- build/deploy/native/x64/Debug/
dependencies: []
windows-test:
stage: test
only:
- master
- merge_requests
- skorozsi/pipeline
- skorozsi/sast
tags:
- windows
script:
- |
& $TEST_RUNNER
dependencies:
- windows-build-x64-release
code_quality:
stage: test
image: docker:19.03.12
allow_failure: true
services:
- docker:19.03.12-dind
variables:
REPORT_FORMAT: json
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.18-gitlab.1"
needs: []
script:
- docker info
- docker run
--env CODECLIMATE_DEBUG=1
--env CODECLIMATE_CODE="$PWD"
--volume "$PWD":/code
--volume /var/run/docker.sock:/var/run/docker.sock
--volume /tmp/cc:/tmp/cc
codeclimate/codeclimate:0.85.13 analyze -f html > code-quality-report.html
- cat code-quality-report.html
retry: 2
artifacts:
paths: [code-quality-report.html]
reports:
codequality: [code-quality-report.html]
expire_in: 1 week
dependencies: []
rules:
- if: '$CODE_QUALITY_DISABLED'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
concurrent = 1
check_interval = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "shell executor runner"
url = ""
token = ""
executor = "shell"
shell = "powershell"
[[runners]]
name = "openzgy windows10 self-hosted runner"
url = "https://community.opengroup.org/"
token = "RViFNKmmXpsiTABCdBbn"
executor = "shell"
shell = "powershell"
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.cache.azure]
[[runners]]
executor = "docker"
[runners.docker]
privileged = true
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment