# This file is a template, and might need editing before it works on your project.
# This is a sample GitLab CI/CD configuration file that should run without any modifications.
# It demonstrates a basic 3 stage CI/CD pipeline. Instead of real tests or scripts,
# it uses echo commands to simulate the pipeline execution.
#
# A pipeline is composed of independent jobs that run scripts, grouped into stages.
# Stages run in sequential order, but jobs within stages run in parallel.
#
# For more information, see: https://docs.gitlab.com/ee/ci/yaml/index.html#stages
#
# You can copy and paste this template into a new `.gitlab-ci.yml` file.
# You should not add this template to an existing `.gitlab-ci.yml` file by using the `include:` keyword.
#
# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Getting-Started.gitlab-ci.yml
stages: # List of stages for jobs, and their order of execution
- build-maven
- security-scanning
- build-docker
- test-backend
- test-ui
- visualization
include:
#- 'gitlab-ci/code-quality/code-quality.gitlab-ci.yml'
- template: Code-Quality.gitlab-ci.yml
- template: Jobs/SAST.gitlab-ci.yml
- template: Jobs/Dependency-Scanning.gitlab-ci.yml
- template: Jobs/Secret-Detection.gitlab-ci.yml
- template: Jobs/License-Scanning.gitlab-ci.yml
# disable the spotbugs and use sempgrep.
variables:
DS_INCLUDE_DEV_DEPENDENCIES: "false"
SAST_EXCLUDED_ANALYZERS: bandit,gosec,eslint,spotbugs
DS_JAVA_VERSION: 8
code_quality:
stage: build-maven
services: # Shut off Docker-in-Docker
tags:
- cq-sans-dind # Set this job to only run on our new specialized runner
artifacts:
paths: [gl-code-quality-report.json]
sast:
stage: security-scanning
needs: ["build-maven-job"]
tags:
- cq-sans-dind # Set this job to only run on our new specialized runner
dependency_scanning:
stage: security-scanning
needs: ["build-maven-job"]
tags:
- cq-sans-dind # Set this job to only run on our new specialized runner
.secret-analyzer:
stage: security-scanning
needs: ["build-maven-job"]
tags:
- cq-sans-dind # Set this job to only run on our new specialized runner
license_scanning:
stage: security-scanning
needs: ["build-maven-job"]
tags:
- cq-sans-dind
# This job executes the maven build artefacts .
build-maven-job:
stage: build-maven
script:
- echo "Compiling the code..."
- export JAVA_HOME=/usr/lib/jvm/jdk1.8.0_351/ # this is run with edelquality runner
- mvn clean verify
- echo "Compile complete."
after_script:
- cat smp-aggregator/target/site/jacoco-aggregate/index.html | grep -o '<tfoot>.*</tfoot>'
coverage: '/Total.*?([0-9]{1,3})%/'
artifacts:
when: always
expire_in: 1 week
paths:
- "target/site"
- "*/target/site"
reports:
junit:
- "*/target/surefire-reports/TEST-*.xml"
# - "*/target/failsafe-reports/TEST-*.xml"
code-coverage-visualization:
# Must be in a stage later than build-maven-job's stage.
stage: visualization
needs: ["build-maven-job"]
image: registry.gitlab.com/haynes/jacoco2cobertura:1.0.7
tags:
- cq-sans-dind # Set this job to only run on our new specialized runner
script:
# convert report from jacoco to cobertura, using relative project path
# find all modules containing java source files.
- mkdir -p target/site/
- jacoco_paths=`find * -path "**/src/main/java" -type d | sed -e 's@^@'"$CI_PROJECT_DIR"'/@'`
- echo "jacocopaths -> $jacoco_paths"
- python /opt/cover2cover.py smp-aggregator/target/site/jacoco-aggregate/index.html $jacoco_paths > target/site/cobertura.xml
dependencies:
- build-maven-job
artifacts:
when: always
expire_in: 1 week
paths:
- "target/site"
reports:
coverage_report:
coverage_format: cobertura
path: target/site/cobertura.xml
# This job executed docker image build (and pushes them to repo)
build-docker-job:
stage: build-docker
needs: ["build-maven-job"]
# temporarly disable docker execution
rules:
- when: never
variables:
GIT_CLEAN_FLAGS: none # do not clean artefacts from build-maven-job
script:
- echo "build maven artefacts Or import them from first step"
- mvn clean verify -DskipTests=true -DskipITs=true
- echo "build docker images..."
- ./domismp-tests/domismp-docker/images/build-docker-images.sh -o /datadrive/repo -c true
- echo "docker images build complete."
# backend tests on tomcat/mysql with sml integration
test-soapui-tomcat-mysql-sml-job:
stage: test-backend
# temporarly disable docker execution
rules:
- when: never
needs: ["build-docker-job"]
script:
- echo "startup containers test-soapui-tomcat-mysql-sml"
- ./smp-docker/compose/tomcat-mysql-smp-sml/runCompose.sh -i ../../../smp-soapui-tests/groovy/mysql-4.1_integration_test_data.sql
- echo "execute tests"
- cd smp-soapui-tests
- mvn clean verify -Prun-soapui -Durl=http://localhost:8982/smp/ -DjacocoRemoteAddress=localhost -DjacocoRemotePort=6902
- ../smp-docker/compose/tomcat-mysql-smp-sml/stopClearCompose.sh
artifacts:
when: always
expire_in: 1 week
name: "tomcat-mysql-soapui-report"
paths:
- "*/target/soapui-reports"
- "*/target/soapui"
reports:
junit:
- "*/target/soapui-reports/TEST-*.xml"
# backend tests on tomcat/mysql with sml integration
test-soapui-weblogic-oracle-job:
stage: test-backend
needs: ["build-docker-job"]
# temporarly disable docker execution
rules:
- when: never
script:
- echo "startup containers test-soapui-weblogi-oracle"
- ./smp-docker/compose/weblogic-oracle/runCompose.sh -i ../../../smp-soapui-tests/groovy/oracle-4.1_integration_test_data.sql
- echo "execute tests"
- cd smp-soapui-tests
- mvn clean verify -Prun-soapui -Durl=http://localhost:7901/smp/
- ../smp-docker/compose/weblogic-oracle/stopClearCompose.sh
artifacts:
when: always
expire_in: 1 week
reports:
junit:
- "*/target/soapui-reports/TEST-*.xml"
test-ui-tomcat-mysql-sml-job:
stage: test-ui # It only runs when *both* test jobs in the test stage complete successfully.
needs: ["build-docker-job"]
# temporarly disable docker execution
rules:
- when: never
allow_failure: true
script:
- echo "Deploying application..."
- ./smp-docker/compose/tomcat-mysql-smp-sml/runCompose.sh -i ../../../smp-soapui-tests/groovy/mysql-4.1_integration_test_data.sql
- cd smp-ui-tests
- /usr/bin/xvfb-run -e /tmp/xvfb-error.log --server-args="-screen 0 1920x1080x24" mvn test -Pubuntu -Durl=http://localhost:8982/smp/ -Dchrome.driver.path=/home/edelivery/drivers/chromedriver
artifacts:
when: always
expire_in: 1 week
name: "ui-report"
paths:
- "*/testng-results.xml"