-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
130 lines (121 loc) · 3.22 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/pipeline/#customization
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
stages:
- build
- test
- docker
variables:
SECURE_LOG_LEVEL: "debug"
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
sast:
stage: test
include:
- template: Security/SAST.gitlab-ci.yml
before_script:
- cp config/workers.exs.EMPTY config/workers.exs
compile:
stage: build
image: elixir:1.17
# use cache to speed up subsequent builds
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- _build
- deps
script:
- cp config/workers.exs.EMPTY config/workers.exs
- mix local.hex --force
- mix local.rebar --force
- mix deps.get
- mix compile --warnings-as-errors
unittest:
stage: test
image: elixir:1.17
services:
- name: postgis/postgis:16-3.4-alpine
alias: postgres
variables:
POSTGRES_DB: phx_gitlab_ci_cd_test
POSTGRES_HOST: postgres
POSTGRES_USER: postgres
POSTGRES_PASSWORD: "postgres"
MIX_ENV: "test"
# use cache
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- _build
- deps
script:
- cp config/workers.exs.EMPTY config/workers.exs
- mix deps.get
- mix local.hex --force
- mix local.rebar --force
- mix ecto.setup
- mix test --cover
coverage: '/\d+.\d+\%\s+\|\s+Total/'
lint:
stage: test
image: elixir:1.17
# use cache
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- _build
- deps
script:
- cp config/workers.exs.EMPTY config/workers.exs
- mix deps.get
- mix local.hex --force
- mix local.rebar --force
- mix format --check-formatted
static-analysis:
stage: test
image: elixir:1.17
# use cache
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- _build
- deps
script:
- cp config/workers.exs.EMPTY config/workers.exs
- mix deps.get
- mix local.hex --force
- mix local.rebar --force
- mix credo --all
dialyzer:
stage: test
image: elixir:1.17
# use cache
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- _build
- deps
script:
- cp config/workers.exs.EMPTY config/workers.exs
- mix deps.get
- mix local.hex --force
- mix local.rebar --force
- mix dialyzer
build_images:
stage: docker
image: docker:20.10
services:
- name: docker:20.10-dind
alias: docker
rules:
- if: $CI_COMMIT_TAG
- if: $CI_COMMIT_BRANCH == "main"
script:
- docker info
- docker build -t $IMAGE_TAG -f Dockerfile .
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker push $IMAGE_TAG
- docker logout $CI_REGISTRY