206 lines
9 KiB
YAML
206 lines
9 KiB
YAML
stages:
|
|
- sync
|
|
- preflight
|
|
- prepare
|
|
- build-images
|
|
- fixtures
|
|
- lint
|
|
- test
|
|
- post-test
|
|
- review
|
|
- qa
|
|
- post-qa
|
|
- pages
|
|
- notify
|
|
- release-environments
|
|
|
|
# always use `gitlab-org` runners, however
|
|
# in cases where jobs require Docker-in-Docker, the job
|
|
# definition must be extended with `.use-docker-in-docker`
|
|
default:
|
|
image: $DEFAULT_CI_IMAGE
|
|
tags:
|
|
- gitlab-org
|
|
# All jobs are interruptible by default
|
|
interruptible: true
|
|
# Default job timeout set to 90m https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/10520
|
|
timeout: 90m
|
|
|
|
.default-ruby-variables: &default-ruby-variables
|
|
RUBY_VERSION: "3.0"
|
|
OMNIBUS_GITLAB_RUBY3_BUILD: "true"
|
|
OMNIBUS_GITLAB_CACHE_EDITION: "GITLAB_RUBY3"
|
|
|
|
.backcompat-ruby-variables: &backcompat-ruby-variables
|
|
RUBY_VERSION: "2.7"
|
|
OMNIBUS_GITLAB_RUBY2_BUILD: "true"
|
|
OMNIBUS_GITLAB_CACHE_EDITION: "GITLAB_RUBY2"
|
|
|
|
.default-branch-pipeline-failure-variables: &default-branch-pipeline-failure-variables
|
|
CREATE_ISSUES_FOR_FAILING_TESTS: "true"
|
|
|
|
workflow:
|
|
name: '$PIPELINE_NAME'
|
|
rules:
|
|
# If `$FORCE_GITLAB_CI` is set, create a pipeline.
|
|
- if: '$FORCE_GITLAB_CI'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION forced pipeline'
|
|
# As part of the process of creating RCs automatically, we update stable
|
|
# branches with the changes of the most recent production deployment. The
|
|
# merge requests used for this merge a branch release-tools/X into a stable
|
|
# branch. For these merge requests we don't want to run any pipelines, as
|
|
# they serve no purpose and will run anyway when the changes are merged.
|
|
- if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^release-tools\/\d+\.\d+\.\d+-rc\d+$/ && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /^[\d-]+-stable(-ee)?$/ && $CI_PROJECT_PATH == "gitlab-org/gitlab"'
|
|
when: never
|
|
# For merge requests running exclusively in Ruby 2.7
|
|
- if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby2/'
|
|
variables:
|
|
<<: *backcompat-ruby-variables
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_MERGE_REQUEST_EVENT_TYPE MR pipeline'
|
|
NO_SOURCEMAPS: 'true'
|
|
- if: '$CI_MERGE_REQUEST_LABELS =~ /Community contribution/'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
GITLAB_DEPENDENCY_PROXY_ADDRESS: ""
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_MERGE_REQUEST_EVENT_TYPE MR pipeline (community contribution)'
|
|
NO_SOURCEMAPS: 'true'
|
|
# For (detached) merge request pipelines.
|
|
- if: '$CI_MERGE_REQUEST_IID'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_MERGE_REQUEST_EVENT_TYPE MR pipeline'
|
|
NO_SOURCEMAPS: 'true'
|
|
# For the scheduled pipelines, we set specific variables.
|
|
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "schedule"'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
<<: *default-branch-pipeline-failure-variables
|
|
CRYSTALBALL: "true"
|
|
PIPELINE_NAME: 'Scheduled Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline'
|
|
# Run pipelines for ruby2 branch
|
|
- if: '$CI_COMMIT_BRANCH == "ruby2" && $CI_PIPELINE_SOURCE == "schedule"'
|
|
variables:
|
|
<<: *backcompat-ruby-variables
|
|
PIPELINE_NAME: 'Scheduled Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline'
|
|
# This work around https://gitlab.com/gitlab-org/gitlab/-/issues/332411 whichs prevents usage of dependency proxy
|
|
# when pipeline is triggered by a project access token.
|
|
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $GITLAB_USER_LOGIN =~ /project_\d+_bot\d*/'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
<<: *default-branch-pipeline-failure-variables
|
|
GITLAB_DEPENDENCY_PROXY_ADDRESS: ""
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline (triggered by a project token)'
|
|
# For `$CI_DEFAULT_BRANCH` branch, create a pipeline (this includes on schedules, pushes, merges, etc.).
|
|
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
<<: *default-branch-pipeline-failure-variables
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline'
|
|
# For tags, create a pipeline.
|
|
- if: '$CI_COMMIT_TAG'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_COMMIT_TAG tag pipeline'
|
|
# If `$GITLAB_INTERNAL` isn't set, don't create a pipeline.
|
|
- if: '$GITLAB_INTERNAL == null'
|
|
when: never
|
|
# For stable, auto-deploy, and security branches, create a pipeline.
|
|
- if: '$CI_COMMIT_BRANCH =~ /^[\d-]+-stable(-ee)?$/'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline'
|
|
- if: '$CI_COMMIT_BRANCH =~ /^\d+-\d+-auto-deploy-\d+$/'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline'
|
|
- if: '$CI_COMMIT_BRANCH =~ /^security\//'
|
|
variables:
|
|
<<: *default-ruby-variables
|
|
PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline'
|
|
|
|
variables:
|
|
PG_VERSION: "13"
|
|
DEFAULT_CI_IMAGE: "${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}.patched-golang-${GO_VERSION}-rust-${RUST_VERSION}-node-16.14-postgresql-${PG_VERSION}:rubygems-${RUBYGEMS_VERSION}-git-2.36-lfs-2.9-chrome-${CHROME_VERSION}-yarn-1.22-graphicsmagick-1.3.36"
|
|
# We set $GITLAB_DEPENDENCY_PROXY to another variable (since it's set at the group level and has higher precedence than .gitlab-ci.yml)
|
|
# so that we can override $GITLAB_DEPENDENCY_PROXY_ADDRESS in workflow rules.
|
|
GITLAB_DEPENDENCY_PROXY_ADDRESS: "${GITLAB_DEPENDENCY_PROXY}"
|
|
RAILS_ENV: "test"
|
|
NODE_ENV: "test"
|
|
BUNDLE_WITHOUT: "production:development"
|
|
BUNDLE_INSTALL_FLAGS: "--jobs=$(nproc) --retry=3"
|
|
BUNDLE_FROZEN: "true"
|
|
# we override the max_old_space_size to prevent OOM errors
|
|
NODE_OPTIONS: --max_old_space_size=4096
|
|
GIT_DEPTH: "20"
|
|
# 'GIT_STRATEGY: clone' optimizes the pack-objects cache hit ratio
|
|
GIT_STRATEGY: "clone"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
GET_SOURCES_ATTEMPTS: "3"
|
|
DEBIAN_VERSION: "bullseye"
|
|
UBI_VERSION: "8.6"
|
|
CHROME_VERSION: "109"
|
|
DOCKER_VERSION: "23.0.1"
|
|
RUBY_VERSION: "2.7"
|
|
RUBYGEMS_VERSION: "3.4"
|
|
GO_VERSION: "1.19"
|
|
RUST_VERSION: "1.65"
|
|
|
|
FLAKY_RSPEC_SUITE_REPORT_PATH: rspec/flaky/report-suite.json
|
|
FRONTEND_FIXTURES_MAPPING_PATH: crystalball/frontend_fixtures_mapping.json
|
|
GITLAB_WORKHORSE_FOLDER: "gitlab-workhorse"
|
|
JUNIT_RESULT_FILE: rspec/junit_rspec.xml
|
|
JUNIT_RETRY_FILE: rspec/junit_rspec-retry.xml
|
|
KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/report-master.json
|
|
RSPEC_CHANGED_FILES_PATH: rspec/changed_files.txt
|
|
RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML: .gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb
|
|
RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML: .gitlab/ci/rails/rspec-predictive.gitlab-ci.yml.erb
|
|
RSPEC_LAST_RUN_RESULTS_FILE: rspec/rspec_last_run_results.txt
|
|
RSPEC_MATCHING_JS_FILES_PATH: rspec/js_matching_files.txt
|
|
RSPEC_VIEWS_INCLUDING_PARTIALS_PATH: rspec/views_including_partials.txt
|
|
RSPEC_MATCHING_TESTS_PATH: rspec/matching_tests.txt
|
|
RSPEC_MATCHING_TESTS_FOSS_PATH: rspec/matching_tests-foss.txt
|
|
RSPEC_MATCHING_TESTS_EE_PATH: rspec/matching_tests-ee.txt
|
|
RSPEC_PACKED_TESTS_MAPPING_PATH: crystalball/packed-mapping.json
|
|
RSPEC_PROFILING_FOLDER_PATH: rspec/profiling
|
|
RSPEC_TESTS_MAPPING_PATH: crystalball/mapping.json
|
|
RSPEC_FAST_QUARANTINE_LOCAL_PATH: rspec/fast_quarantine-gitlab.txt
|
|
TMP_TEST_FOLDER: "${CI_PROJECT_DIR}/tmp/tests"
|
|
TMP_TEST_GITLAB_WORKHORSE_PATH: "${TMP_TEST_FOLDER}/${GITLAB_WORKHORSE_FOLDER}"
|
|
|
|
ES_JAVA_OPTS: "-Xms256m -Xmx256m"
|
|
ELASTIC_URL: "http://elastic:changeme@elasticsearch:9200"
|
|
BUNDLER_CHECKSUM_VERIFICATION_OPT_IN: "1"
|
|
CACHE_CLASSES: "true"
|
|
CHECK_PRECOMPILED_ASSETS: "true"
|
|
FF_USE_FASTZIP: "true"
|
|
RETRY_FAILED_TESTS_IN_NEW_PROCESS: "true"
|
|
# Run with decomposed databases by default
|
|
DECOMPOSED_DB: "true"
|
|
|
|
DOCS_REVIEW_APPS_DOMAIN: "docs.gitlab-review.app"
|
|
DOCS_GITLAB_REPO_SUFFIX: "ee"
|
|
|
|
REVIEW_APPS_IMAGE: "${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/ruby-3.0:gcloud-383-kubectl-1.23-helm-3.5"
|
|
REVIEW_APPS_DOMAIN: "gitlab-review.app"
|
|
REVIEW_APPS_GCP_PROJECT: "gitlab-review-apps"
|
|
REVIEW_APPS_GCP_REGION: "us-central1"
|
|
|
|
CACHE_ASSETS_AS_PACKAGE: "true"
|
|
BUILD_ASSETS_IMAGE: "true" # Set it to "false" to disable assets image building, used in `build-assets-image`
|
|
SIMPLECOV: "true"
|
|
|
|
REGISTRY_HOST: "registry.gitlab.com"
|
|
REGISTRY_GROUP: "gitlab-org"
|
|
|
|
# Disable useless network connections when installing some NPM packages.
|
|
# See https://gitlab.com/gitlab-com/gl-security/engineering-and-research/inventory/-/issues/827#note_1203181407
|
|
DISABLE_OPENCOLLECTIVE: "true"
|
|
|
|
# This is set at the gitlab-org level, but we set it here for forks
|
|
DANGER_DO_NOT_POST_INVALID_DANGERFILE_ERROR: "1"
|
|
|
|
include:
|
|
- local: .gitlab/ci/*.gitlab-ci.yml
|
|
- remote: 'https://gitlab.com/gitlab-org/frontend/untamper-my-lockfile/-/raw/main/templates/merge_request_pipelines.yml'
|