Commit d98048ae authored by xlg's avatar xlg
Browse files

Merge branch '215933-bye-bye' into 'master'

Remove content from repo 👋

See merge request gitlab-org/security-products/license-management!230
parents cb0681e7 987b99e6
coverage
Dockerfile
.dockerignore
.git*
spec
tags
tmp
vendor
*.gem
/.bundle
/rspec.xml
Dockerfile.env
pkg
tmp
coverage
vendor
obj/
# When using dind, it's wise to use the overlayfs driver for
# improved performance.
variables:
DOCKER_DRIVER: overlay2
GIT_DEPTH: "2"
GIT_STRATEGY: fetch
MAJOR: 3
TMP_IMAGE: $CI_REGISTRY_IMAGE/license-finder:$CI_COMMIT_SHA
include:
- template: Container-Scanning.gitlab-ci.yml
- template: Dependency-Scanning.gitlab-ci.yml
- template: Jobs/Code-Quality.gitlab-ci.yml
- template: License-Scanning.gitlab-ci.yml
- template: Secret-Detection.gitlab-ci.yml
- local: .gitlab/deb.yml
- local: .gitlab/build.yml
- local: .gitlab/test.yml
- local: .gitlab/deploy.yml
- local: .gitlab/maintenance.yml
stages:
- deb
- build
- test
- deploy
- maintenance
default:
image:
name: $TMP_IMAGE
entrypoint: [""]
tags: [gitlab-org]
retry:
max: 2
container_scanning:
variables:
CI_APPLICATION_REPOSITORY: $CI_REGISTRY_IMAGE/license-finder # only predefined variables are parameter-expanded (no $TMP_IMAGE)
needs: ['build-docker-image']
code_quality:
before_script:
- rm .rubocop.yml
services:
- docker:stable-dind
tags: [gitlab-org-docker]
dependency_scanning:
services:
- docker:stable-dind
tags: [gitlab-org-docker]
needs: []
license_scanning:
image:
name: $TMP_IMAGE
before_script:
- apt-get check
variables:
LM_REPORT_VERSION: '2.1'
needs: ['build-docker-image']
allow_failure: false
build-conan-pkg:
image: conanio/gcc7
stage: build
script:
- cd spec/fixtures/c/conan/example-package/
- conan remote add gitlab $CI_API_V4_URL/packages/conan True
- export ESCAPED_NAMESPACE="${CI_PROJECT_NAMESPACE//\//+}"
- export PACKAGE_NAME=$ESCAPED_NAMESPACE+$CI_PROJECT_NAME/stable
- echo $PACKAGE_NAME
- conan create . "$PACKAGE_NAME"
- conan upload "example/0.1@$PACKAGE_NAME" --all --remote=gitlab
variables:
CONAN_LOGIN_USERNAME: 'ci_user'
CONAN_PASSWORD: $CI_JOB_TOKEN
allow_failure: true
dependencies: []
needs: []
build-docker-image:
image: docker:stable
interruptible: true
stage: build
tags: [gitlab-org-docker]
services:
- docker:stable-dind
script:
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
- IMAGE_NAME="$TMP_IMAGE" bin/docker-build
- docker push $TMP_IMAGE
build-mvn-pkg:
image: maven:3.3.9-jdk-8
stage: build
script:
- cd spec/fixtures/java/maven/example/ && mvn deploy -s settings.xml
allow_failure: true
dependencies: []
needs: []
.deb:
image: debian:stable
stage: deb
script:
- bin/omnibus setup
- bin/omnibus build $OMNIBUS_PROJECT
artifacts:
paths:
- pkg/
expire_in: 1 day
cache:
key: ${CI_JOB_NAME}
paths:
- tmp/omnibus
asdf-0.7.8:
extends: .deb
variables:
OMNIBUS_PROJECT: asdf
dotnet-3.1.302:
extends: .deb
variables:
OMNIBUS_PROJECT: dotnet
DOTNET_VERSION: '3.1.302'
license_management:
extends: .deb
variables:
OMNIBUS_PROJECT: license_management
golang-1.15.1:
extends: .deb
variables:
OMNIBUS_PROJECT: golang
GOLANG_VERSION: '1.15.1'
java-8:
extends: .deb
variables:
OMNIBUS_PROJECT: java
JAVA_VERSION: '8'
java-11:
extends: .deb
variables:
OMNIBUS_PROJECT: java
JAVA_VERSION: '11'
java-14:
extends: .deb
variables:
OMNIBUS_PROJECT: java
JAVA_VERSION: '14'
mono-6.8.0.123:
extends: .deb
variables:
OMNIBUS_PROJECT: mono
MONO_VERSION: '6.8.0.123'
nodejs-10.21.0:
extends: .deb
variables:
OMNIBUS_PROJECT: nodejs
NODE_VERSION: '10.21.0'
nodejs-12.18.2:
extends: .deb
variables:
OMNIBUS_PROJECT: nodejs
NODE_VERSION: '12.18.2'
php-7.4.8:
extends: .deb
variables:
OMNIBUS_PROJECT: php
PHP_VERSION: '7.4.8'
python-2.7.18:
extends: .deb
variables:
OMNIBUS_PROJECT: python
PYTHON_VERSION: '2.7.18'
python-3.8.5:
extends: .deb
variables:
OMNIBUS_PROJECT: python
PYTHON_VERSION: '3.8.5'
python-3.7.7:
extends: .deb
variables:
OMNIBUS_PROJECT: python
PYTHON_VERSION: '3.7.7'
python-3.6.11:
extends: .deb
variables:
OMNIBUS_PROJECT: python
PYTHON_VERSION: '3.6.11'
python-3.5.9:
extends: .deb
variables:
OMNIBUS_PROJECT: python
PYTHON_VERSION: '3.5.9'
python-3.4.10:
extends: .deb
variables:
OMNIBUS_PROJECT: python
PYTHON_VERSION: '3.4.10'
python-3.3.7:
extends: .deb
variables:
OMNIBUS_PROJECT: python
PYTHON_VERSION: '3.3.7'
ruby-2.7.2:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.7.2'
ruby-2.7.1:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.7.1'
ruby-2.7.0:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.7.0'
ruby-2.6.6:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.6.6'
ruby-2.6.5:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.6.5'
ruby-2.6.4:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.6.4'
ruby-2.6.3:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.6.3'
ruby-2.6.2:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.6.2'
ruby-2.6.1:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.6.1'
ruby-2.6.0:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.6.0'
ruby-2.5.8:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.5.8'
ruby-2.4.10:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.4.10'
ruby-2.4.9:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.4.9'
ruby-2.4.5:
extends: .deb
variables:
OMNIBUS_PROJECT: ruby
RUBY_VERSION: '2.4.5'
rust-1.45.0:
extends: .deb
variables:
OMNIBUS_PROJECT: rust
RUST_VERSION: '1.45.0'
.docker_tag:
image: docker:stable
stage: deploy
tags: [gitlab-org-docker]
services:
- docker:stable-dind
script:
- docker info
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
- export SOURCE_IMAGE=$TMP_IMAGE
- export TARGET_IMAGE=$CI_REGISTRY_IMAGE:${IMAGE_TAG:-$CI_JOB_NAME}
- |
docker pull $SOURCE_IMAGE
docker tag $SOURCE_IMAGE $TARGET_IMAGE
- docker push $TARGET_IMAGE
dependencies: []
latest:
extends: .docker_tag
variables:
IMAGE_TAG: latest
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
version:
extends: .docker_tag
before_script:
- export IMAGE_TAG=${CI_COMMIT_TAG/v/}
- echo "Checking that $CI_COMMIT_TAG is last in the changelog"
- test "$(grep '^## v' CHANGELOG.md |head -n 1)" = "## $CI_COMMIT_TAG"
rules:
- if: $CI_COMMIT_TAG
allow_failure: false
major:
extends: .docker_tag
rules:
- if: $CI_COMMIT_TAG
when: manual
after_script:
# Also push to registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder
- docker login -u gitlab-ci-token -p $GITLAB_TOKEN $CI_REGISTRY
- export TARGET_IMAGE=$CI_REGISTRY_IMAGE:${IMAGE_TAG:-$CI_JOB_NAME}
- export DESTINATION_IMAGE=registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:${IMAGE_TAG:-$CI_JOB_NAME}
- docker tag $TARGET_IMAGE $DESTINATION_IMAGE
- docker push $DESTINATION_IMAGE
variables:
IMAGE_TAG: $MAJOR
update-spdx:
stage: maintenance
image: alpine:3.9
script:
- apk add --no-cache git
- git config --global user.email "gitlab-bot@gitlab.com"
- git config --global user.name "GitLab Bot"
- git config --global credential.username "gitlab-bot"
- "before=$(cksum spdx-licenses.json | awk -F' ' '{ print $1 }')"
- echo ${before}
- ./bin/update-spdx
- "after=$(cksum spdx-licenses.json | awk -F' ' '{ print $1 }')"
- echo ${after}
- test $before -eq $after && exit 0
- export BRANCH="$CI_JOB_NAME-$CI_PIPELINE_IID"
- git checkout -b $BRANCH
- git add spdx-licenses.json
- git commit -m "Update spdx-licenses.json"
- git push -o merge_request.label=\"group::composition analysis\" -o merge_request.create -o merge_request.remove_source_branch -o merge_request.target=$CI_COMMIT_REF_NAME ${CI_PROJECT_URL/https:\/\/gitlab.com/https://gitlab-bot:$GITLAB_TOKEN@gitlab.com}.git $BRANCH
rules:
- if: '$CI_UPDATE_SPDX == "true"'
\ No newline at end of file
size:
image: docker:stable
stage: test
services:
- docker:stable-dind
tags: [gitlab-org-docker]
timeout: 3 minutes
variables:
GIT_STRATEGY: none
MAX_SIZE: 1567663064
script:
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
- docker pull $TMP_IMAGE
- docker image ls $TMP_IMAGE
- export CURRENT_SIZE=$(docker image inspect $TMP_IMAGE --format='{{.Size}}')
- echo $MAX_SIZE
- echo $CURRENT_SIZE
- test "$MAX_SIZE" -gt "$CURRENT_SIZE"
needs: ['build-docker-image']
dependencies: []
lint:
stage: test
image: ruby:alpine
script:
- apk add bash build-base git shellcheck
- bin/setup
- bin/lint
needs: []
dependencies: []
.rspec:
stage: test
script:
- ./bin/setup
- ./bin/test $RSPEC_DIR --format RspecJunitFormatter --out rspec.xml
variables:
GIT_DEPTH: "10"
GIT_STRATEGY: fetch
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- vendor
artifacts:
paths:
- coverage/coverage.xml
- rspec.xml
expire_in: 1 week
reports:
cobertura: coverage/coverage.xml
junit: rspec.xml
needs: ['build-docker-image']
dependencies: []
unit:
extends: .rspec
variables:
RSPEC_DIR: spec/unit
integration-c:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/c
needs:
- build-docker-image
- build-conan-pkg
integration-dotnet:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/dotnet
needs: ['build-docker-image']
integration-go:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/go
needs: ['build-docker-image']
integration-java-gradle:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/java/gradle_spec.rb
needs:
- build-docker-image
integration-java-maven:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/java/maven_spec.rb
needs:
- build-docker-image
- build-mvn-pkg
integration-js:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/js
needs: ['build-docker-image']
integration-php:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/php
needs: ['build-docker-image']
integration-python:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/python
needs: ['build-docker-image']
integration-ruby:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/ruby
needs: ['build-docker-image']
integration-rust:
extends: .rspec
variables:
RSPEC_DIR: spec/integration/rust
needs: ['build-docker-image']
.functional:
stage: test
trigger: gitlab-org/security-products/tests/common
variables:
CONTAINER_SCANNING_DISABLED: 'true'
DAST_DISABLED: 'true'
DEPENDENCY_SCANNING_DISABLED: 'true'
LICENSE_MANAGEMENT_VERSION: $CI_COMMIT_SHA
SAST_DISABLED: 'true'
SECURE_ANALYZERS_PREFIX: $CI_REGISTRY_IMAGE
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
when: always
allow_failure: true
functional-c-conan:
extends: .functional
trigger: gitlab-org/security-products/tests/c-conan
functional-csharp-nuget-dotnetcore:
extends: .functional
trigger: gitlab-org/security-products/tests/csharp-nuget-dotnetcore
functional-go-modules:
extends: .functional
trigger: gitlab-org/security-products/tests/go-modules
functional-java-gradle:
extends: .functional
trigger: gitlab-org/security-products/tests/java-gradle
functional-java-maven-multimodules:
extends: .functional
trigger: gitlab-org/security-products/tests/java-maven-multimodules
functional-java-maven:
extends: .functional
trigger: gitlab-org/security-products/tests/java-maven
functional-js-bower:
extends: .functional
trigger: gitlab-org/security-products/tests/js-bower
functional-js-npm:
extends: .functional
trigger: gitlab-org/security-products/tests/js-npm
functional-js-yarn:
extends: .functional
trigger: gitlab-org/security-products/tests/js-yarn
functional-ruby-bundler_js-yarn:
extends: .functional
trigger: gitlab-org/security-products/tests/ruby-bundler_js-yarn
functional-php-composer:
extends: .functional
trigger: gitlab-org/security-products/tests/php-composer
functional-python-pip:
extends: .functional
trigger: gitlab-org/security-products/tests/python-pip
functional-ruby-bundler:
extends: .functional
trigger: gitlab-org/security-products/tests/ruby-bundler
functional-rust-cargo:
extends: .functional
trigger: gitlab-org/security-products/tests/rust-cargo
--require spec_helper
inherit_gem:
gitlab-styles:
- rubocop-default.yml
require:
- rubocop-rspec
AllCops:
TargetRubyVersion: 2.7
Exclude:
- 'tmp/**/*'
- 'spec/fixtures/**/*'
- 'vendor/**/*'
Cop/GemFetcher:
Enabled: false
Naming/ClassAndModuleCamelCase:
Exclude:
- 'lib/license/management/report/v1_1.rb'
- 'lib/license/management/report/v2_1.rb'
Layout/IndentFirstArrayElement:
EnforcedStyle: consistent
Layout/IndentFirstHashElement:
EnforcedStyle: consistent
Rails/SkipsModelValidations:
Enabled: false