Update CI config: build, test, tag, and release
What does this MR do?
Align the CI configuration with analyzer.yml, the CI config shared by all SAST & DS analyzers.
The pipeline proceeds in 3-6 steps:
- test, build, and lint the Go project
- build a temporary image
- test and scan the image
- test against test projects ("downstream" pipelines) if QA jobs are defined
- tag the image
- release for GitLab
NOTE: The temporary image can't be named $CI_REGISTRY_IMAGE/tmp:$CI_COMMIT_SHA
like in the CI configuration shared by the analyzers, and even though this is the convention. That's because currently the job template doesn't allow that: we can't override the image name, but we can only override SP_VERSION
. Unfortunately this will pollute the main namespace.
QA jobs (test projects)
What are the relevant issue numbers?
Once merged into master this will be back-ported to Dependency Scanning 11.6, and will be used to prevent from regressions when working on gitlab-org/gitlab#34853 (closed).
Does this MR meet the acceptance criteria?
- [-] Changelog entry added
- [-] Documentation created/updated for GitLab EE, if necessary
- [-] Documentation created/updated for this project, if necessary
- [-] Documentation reviewed by technical writer or follow-up review issue created
-
Tests added for this feature/bug - [-] Job definition updated, if necessary
- [-] Conforms to the code review guidelines
- [-] Conforms to the Go guidelines
- [-] Security reports checked/validated by reviewer
Edited by Fabien Catteau