Code development platform for open source projects from the European Union institutions

We have sent all code.europa.eu users a personalised link to our User Survey. If you did not get this email, and wish to participate: contact the EC OSPO.

Implement CI/CD gitlab pipeline

SUMMARY

Configure the .yml file to run the gitlab pipelines. Configure redis instance

Current pipeline structure

Stages: test, build, pages (docker stage commented out)
Jobs: test, lint, build_docs, pages
Active Features: Poetry caching, parallel testing, code coverage, documentation builds
Disabled Features: Security scanning (SAST, Secret Detection, Dependency Scanning), Docker builds

Current issues

1. Dependency installation bypasses Poetry lock file

Problem:

The test job installs pytest-xdist via poetry run pip install pytest-xdist (line 82)
This bypasses Poetry's dependency management and lock file
Could result in version drift and non-reproducible test environments

2. Documentation Dependencies Not Version-Pinned

Problem:

build_docs job installs dependencies via pip without version pinning (line 127)
Not using Poetry's dependency groups
Non-reproducible documentation builds

3. Security scanning disabled

Problem:

SAST, Secret Detection, and Dependency Scanning templates commented out (lines 9-11)
No security vulnerability detection in pipeline
Potential security issues in production

4. Missing type checking

Problem:

No static type checking (mypy, pyright) in pipeline
Python type hints not validated
Runtime type errors not caught early

5. Docker builds disabled

Problem:

Docker build jobs commented out (lines 159-235)
No automated container builds
Manual deployment process

ACCEPTANCE CRITERIAS / GOALS

Gitlab pipelines should be configured and scheduled

Edited Feb 20, 2026 by Shailesh KHANDELWAL

For further information about the platform and support, please see https://code.europa.eu/info/about