.default-retry: retry: max: 2 # This is confusing but this means "3 runs at max". when: - api_failure - data_integrity_failure - job_execution_timeout - runner_system_failure - scheduler_failure - stuck_or_timeout_failure - unknown_failure .default-utils-before_script: before_script: - echo $FOSS_ONLY - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' - export GOPATH=$CI_PROJECT_DIR/.go - mkdir -p $GOPATH - source scripts/utils.sh .default-before_script: before_script: - !reference [.default-utils-before_script, before_script] - source scripts/prepare_build.sh .production: variables: RAILS_ENV: "production" NODE_ENV: "production" GITLAB_ALLOW_SEPARATE_CI_DATABASE: "true" .ruby-gems-cache: &ruby-gems-cache key: "ruby-gems-debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}" paths: - vendor/ruby/ policy: pull .ruby-gems-cache-push: &ruby-gems-cache-push <<: *ruby-gems-cache policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. .gitaly-binaries-cache: &gitaly-binaries-cache key: files: - GITALY_SERVER_VERSION - lib/gitlab/setup_helper.rb prefix: "gitaly-binaries-debian-${DEBIAN_VERSION}" paths: - ${TMP_TEST_FOLDER}/gitaly/_build/bin/ - ${TMP_TEST_FOLDER}/gitaly/_build/deps/git/install/ - ${TMP_TEST_FOLDER}/gitaly/config.toml - ${TMP_TEST_FOLDER}/gitaly/gitaly2.config.toml - ${TMP_TEST_FOLDER}/gitaly/internal/ - ${TMP_TEST_FOLDER}/gitaly/run/ - ${TMP_TEST_FOLDER}/gitaly/run2/ - ${TMP_TEST_FOLDER}/gitaly/Makefile - ${TMP_TEST_FOLDER}/gitaly/praefect.config.toml - ${TMP_TEST_FOLDER}/gitaly/praefect-db.config.toml policy: pull .go-pkg-cache: &go-pkg-cache key: "go-pkg-${DEBIAN_VERSION}" paths: - .go/pkg/mod/ policy: pull .go-pkg-cache-push: &go-pkg-cache-push <<: *go-pkg-cache policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. .node-modules-cache: &node-modules-cache key: "node-modules-${DEBIAN_VERSION}-${NODE_ENV}" paths: - node_modules/ - tmp/cache/webpack-dlls/ policy: pull .node-modules-cache-push: &node-modules-cache-push <<: *node-modules-cache policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. .assets-tmp-cache: &assets-tmp-cache key: "assets-tmp-debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-node-${NODE_ENV}-v1" paths: - tmp/cache/assets/sprockets/ - tmp/cache/babel-loader/ - tmp/cache/vue-loader/ policy: pull .assets-tmp-cache-push: &assets-tmp-cache-push <<: *assets-tmp-cache policy: push # We want to rebuild the cache from scratch to ensure we don't pile up outdated cache files. .storybook-node-modules-cache: &storybook-node-modules-cache key: "storybook-node-modules-${DEBIAN_VERSION}-${NODE_ENV}" paths: - storybook/node_modules/ policy: pull .storybook-node-modules-cache-push: &storybook-node-modules-cache-push <<: *storybook-node-modules-cache policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. .rubocop-cache: &rubocop-cache key: "rubocop-debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}" paths: - tmp/rubocop_cache/ policy: pull .rubocop-cache-push: &rubocop-cache-push <<: *rubocop-cache # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up but RuboCop has a mechanism # for keeping only the N latest cache files, so we take advantage of it with `pull-push`. policy: push .qa-ruby-gems-cache: &qa-ruby-gems-cache key: prefix: "qa-ruby-gems-debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}" files: - qa/Gemfile.lock paths: - qa/vendor/ruby policy: pull .qa-ruby-gems-cache-push: &qa-ruby-gems-cache-push <<: *qa-ruby-gems-cache policy: pull-push .setup-test-env-cache: cache: - *ruby-gems-cache - *gitaly-binaries-cache - *go-pkg-cache .setup-test-env-cache-push: cache: - *ruby-gems-cache-push - *go-pkg-cache-push .gitaly-binaries-cache-push: cache: - <<: *gitaly-binaries-cache policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. .ruby-cache: cache: - *ruby-gems-cache .rails-cache: cache: - *ruby-gems-cache .static-analysis-cache: cache: - *ruby-gems-cache - *node-modules-cache - *rubocop-cache .rubocop-job-cache: cache: - *ruby-gems-cache - *rubocop-cache .rubocop-job-cache-push: cache: - *ruby-gems-cache # We don't push this cache as it's already rebuilt by `update-setup-test-env-cache` - *rubocop-cache-push .coverage-cache: cache: - *ruby-gems-cache .ruby-node-cache: cache: - *ruby-gems-cache - *node-modules-cache .qa-bundler-variables: &qa-bundler-variables variables: BUNDLE_SUPPRESS_INSTALL_USING_MESSAGES: "true" BUNDLE_SILENCE_ROOT_WARNING: "true" BUNDLE_PATH: vendor .qa-cache: <<: *qa-bundler-variables cache: - *qa-ruby-gems-cache .qa-cache-push: <<: *qa-bundler-variables cache: - *qa-ruby-gems-cache-push .yarn-cache: cache: - *node-modules-cache .assets-compile-cache: cache: - *ruby-gems-cache - *node-modules-cache - *assets-tmp-cache .assets-compile-cache-push: cache: - *ruby-gems-cache # We don't push this cache as it's already rebuilt by `update-setup-test-env-cache` - *node-modules-cache-push - *assets-tmp-cache-push .storybook-yarn-cache: cache: - *node-modules-cache - *storybook-node-modules-cache .storybook-yarn-cache-push: cache: - *node-modules-cache # We don't push this cache as it's already rebuilt by `update-assets-compile-*-cache` - *storybook-node-modules-cache-push .use-pg12: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-12-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.0-alpine variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "12" .use-pg13: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.2-alpine variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "13" .use-pg14: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.2-alpine variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "14" .use-pg12-es7-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-12-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.0-alpine - name: elasticsearch:7.17.6 command: ["elasticsearch", "-E", "discovery.type=single-node", "-E", "xpack.security.enabled=false"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "12" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-pg13-es7-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.2-alpine - name: elasticsearch:7.17.6 command: ["elasticsearch", "-E", "discovery.type=single-node", "-E", "xpack.security.enabled=false"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "13" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-pg14-es7-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.2-alpine - name: elasticsearch:7.17.6 command: ["elasticsearch", "-E", "discovery.type=single-node", "-E", "xpack.security.enabled=false"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "14" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-pg13-es8-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.0-alpine - name: elasticsearch:8.6.2 - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "13" ES_SETTING_DISCOVERY_TYPE: "single-node" ES_SETTING_XPACK_SECURITY_ENABLED: "false" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-pg14-es8-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.0-alpine - name: elasticsearch:8.6.2 - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "14" ES_SETTING_DISCOVERY_TYPE: "single-node" ES_SETTING_XPACK_SECURITY_ENABLED: "false" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-pg13-opensearch1-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.0-alpine - name: opensearchproject/opensearch:1.3.5 alias: elasticsearch command: ["bin/opensearch", "-E", "discovery.type=single-node", "-E", "plugins.security.disabled=true"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "13" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-pg13-opensearch2-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.0-alpine - name: opensearchproject/opensearch:2.2.1 alias: elasticsearch command: ["bin/opensearch", "-E", "discovery.type=single-node", "-E", "plugins.security.disabled=true"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "13" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-pg14-opensearch1-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.0-alpine - name: opensearchproject/opensearch:1.3.5 alias: elasticsearch command: ["bin/opensearch", "-E", "discovery.type=single-node", "-E", "plugins.security.disabled=true"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "14" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-pg14-opensearch2-ee: services: - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] alias: postgres - name: redis:6.0-alpine - name: opensearchproject/opensearch:2.2.1 alias: elasticsearch command: ["bin/opensearch", "-E", "discovery.type=single-node", "-E", "plugins.security.disabled=true"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "14" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 .use-kaniko: image: name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:kaniko entrypoint: [""] before_script: - source scripts/utils.sh - mkdir -p /kaniko/.docker - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json .as-if-foss: variables: FOSS_ONLY: '1' .use-docker-in-docker: image: ${GITLAB_DEPENDENCY_PROXY_ADDRESS}docker:${DOCKER_VERSION} services: - docker:${DOCKER_VERSION}-dind variables: DOCKER_DRIVER: overlay2 DOCKER_HOST: tcp://docker:2375 DOCKER_TLS_CERTDIR: "" tags: # See https://gitlab.com/gitlab-com/www-gitlab-com/-/issues/7019 for tag descriptions - gitlab-org-docker .use-buildx: extends: .use-docker-in-docker image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-slim:docker-${DOCKER_VERSION} variables: QEMU_IMAGE: tonistiigi/binfmt:qemu-v7.0.0 before_script: - !reference [.default-utils-before_script, before_script] - echo "$CI_REGISTRY_PASSWORD" | docker login "$CI_REGISTRY" -u "$CI_REGISTRY_USER" --password-stdin - | if [[ "${ARCH}" =~ arm64 ]]; then echo -e "\033[1;33mInstalling latest qemu emulators\033[0m" docker pull -q ${QEMU_IMAGE}; docker run --rm --privileged ${QEMU_IMAGE} --uninstall qemu-*; docker run --rm --privileged ${QEMU_IMAGE} --install all; fi - docker buildx create --use # creates and set's to active buildkit builder .use-kube-context: before_script: - export KUBE_CONTEXT="gitlab-org/gitlab:review-apps" - kubectl config use-context ${KUBE_CONTEXT}