Newer
Older
c.perronnet
committed
# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/pipeline/#customization
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
include:
# include the component located in the current project from the current SHA
- component: $CI_SERVER_FQDN/$CI_PROJECT_PATH/sonarqube@$CI_COMMIT_SHA
inputs:
stage: build
stages: [build, test, release]
c.perronnet
committed
sast:
stage: test
include:
- template: Security/SAST.gitlab-ci.yml
ensure-job-added:
stage: test
tags:
- docker
rules:
- if: $CI_COMMIT_TAG
when: never
- when: always
image: badouralix/curl-jq
script:
- |
route="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/pipelines/${CI_PIPELINE_ID}/jobs"
count=`curl --header "PRIVATE-TOKEN: ${API_ACCESS}" --silent "$route" | jq 'map(select(.name | contains("sonarqube"))) | length'`
if [ "$count" != "1" ]; then
exit 1; else
echo "Component Job present"
fi
# If the pipeline is for a new tag with a semantic version, and all previous jobs succeed,
# create the release.
create-release:
stage: release
image: registry.gitlab.com/gitlab-org/release-cli:latest
tags:
- docker
script: echo "Creating release $CI_COMMIT_TAG"
rules:
- if: $CI_COMMIT_TAG
release:
tag_name: $CI_COMMIT_TAG
description: "Release $CI_COMMIT_TAG of components repository $CI_PROJECT_PATH"