gitlabhq/gitlabhq

View on GitHub
.gitlab/ci/review.gitlab-ci.yml

Summary

Maintainability
Test Coverage
.review-schedules-only:
  only:
    refs:
      - schedules@gitlab-org/gitlab-ce
      - schedules@gitlab-org/gitlab-ee
    kubernetes: active
    variables:
      - $REVIEW_APP_CLEANUP
  except:
    refs:
      - tags
      - /(^docs[\/-].+|.+-docs$)/

.review-base:
  extends:
    - .default-tags
    - .default-retry
    - .review-only
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
  dependencies: []
  before_script:
    - source scripts/utils.sh

.review-docker:
  extends:
    - .default-tags
    - .default-retry
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine
  services:
    - docker:19.03.0-dind
  tags:
    - gitlab-org
    - docker
  variables:
    DOCKER_DRIVER: overlay2
    DOCKER_HOST: tcp://docker:2375
    LATEST_QA_IMAGE: "gitlab/${CI_PROJECT_NAME}-qa:nightly"
    QA_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/${CI_PROJECT_NAME}-qa:${CI_COMMIT_REF_SLUG}"

build-qa-image:
  extends:
    - .review-docker
    - .except-docs
  only:
    refs:
      - branches@gitlab-org/gitlab-ce
      - branches@gitlab-org/gitlab-ee
  stage: test
  script:
    - time docker build --cache-from ${LATEST_QA_IMAGE} --tag ${QA_IMAGE} --file ./qa/Dockerfile ./
    - echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY}
    - time docker push ${QA_IMAGE}

.review-build-cng-base:
  image: ruby:2.6-alpine
  stage: review-prepare
  before_script:
    - source scripts/utils.sh
    - install_api_client_dependencies_with_apk
    - install_gitlab_gem
  dependencies: []
  script:
    - BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng

review-build-cng:
  extends:
    - .review-build-cng-base
    - .review-only
  needs: ["gitlab:assets:compile pull-cache"]

schedule:review-build-cng:
  extends:
    - .review-build-cng-base
    - .review-schedules-only
  needs: ["gitlab:assets:compile"]

review-deploy:
  extends: .review-base
  allow_failure: true
  retry: 1
  stage: review
  needs: ["review-build-cng"]
  variables:
    HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
    DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
    GITLAB_HELM_CHART_REF: "master"
  environment:
    name: review/${CI_COMMIT_REF_NAME}
    url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
    on_stop: review-stop
  before_script:
    - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
    - export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
    - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
    - echo "${CI_ENVIRONMENT_URL}" > review_app_url.txt
    - source scripts/utils.sh
    - install_api_client_dependencies_with_apk
    - source scripts/review_apps/review-apps.sh
  script:
    - check_kube_domain
    - ensure_namespace
    - install_tiller
    - install_external_dns
    - download_chart
    - deploy || (display_deployment_debug && exit 1)
    - add_license
  artifacts:
    paths: [review_app_url.txt]
    expire_in: 2 days
    when: always

schedule:review-deploy:
  extends:
    - review-deploy
    - .review-schedules-only

review-stop:
  extends: review-deploy
  when: manual
  environment:
    action: stop
  variables:
    GIT_STRATEGY: none
  before_script:
    # We don't clone the repo by using GIT_STRATEGY: none and only download the
    # single script we need here so it's much faster than cloning.
    - apk add --update openssl
    - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/review_apps/review-apps.sh
    - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/utils.sh
    - source utils.sh
    - source review-apps.sh
  script:
    - delete_release
  artifacts:
    paths: []

.review-qa-base:
  extends:
    - .review-docker
    - .review-only
  retry: 2
  stage: qa
  variables:
    QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa"
    QA_CAN_TEST_GIT_PROTOCOL_V2: "false"
    QA_DEBUG: "true"
    GITLAB_USERNAME: "root"
    GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
    GITLAB_ADMIN_USERNAME: "root"
    GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
    GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
    EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}"
  dependencies: ["review-deploy"]
  artifacts:
    paths:
      - ./qa/gitlab-qa-run-*
    expire_in: 7 days
    when: always
  before_script:
    - export CI_ENVIRONMENT_URL="$(cat review_app_url.txt)"
    - echo "${CI_ENVIRONMENT_URL}"
    - echo "${QA_IMAGE}"
    - source scripts/utils.sh
    - install_api_client_dependencies_with_apk
    - gem install gitlab-qa --no-document ${GITLAB_QA_VERSION:+ --version ${GITLAB_QA_VERSION}}

review-qa-smoke:
  extends: .review-qa-base
  allow_failure: true
  script:
    - gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"

review-qa-all:
  extends: .review-qa-base
  allow_failure: true
  when: manual
  parallel: 5
  script:
    - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/review-qa-all_master_report.json
    - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb
    - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation

parallel-spec-reports:
  extends:
    - .default-tags
    - .except-docs
  image: ruby:2.6-alpine
  stage: post-test
  dependencies: ["review-qa-all"]
  variables:
    NEW_PARALLEL_SPECS_REPORT: qa/report-new.html
    BASE_ARTIFACT_URL: "${CI_PROJECT_URL}/-/jobs/${CI_JOB_ID}/artifacts/file/qa/"
  allow_failure: true
  when: manual
  artifacts:
    when: always
    paths:
      - qa/report-new.html
      - qa/gitlab-qa-run-*
    reports:
      junit: qa/gitlab-qa-run-*/**/rspec-*.xml
  script:
    - apk add --update build-base libxml2-dev libxslt-dev && rm -rf /var/cache/apk/*
    - gem install nokogiri --no-document
    - cd qa/gitlab-qa-run-*/gitlab-*
    - ARTIFACT_DIRS=$(pwd |rev| awk -F / '{print $1,$2}' | rev | sed s_\ _/_)
    - cd -
    - '[[ -f $NEW_PARALLEL_SPECS_REPORT ]] || echo "{}" > ${NEW_PARALLEL_SPECS_REPORT}'
    - scripts/merge-html-reports ${NEW_PARALLEL_SPECS_REPORT} ${BASE_ARTIFACT_URL}${ARTIFACT_DIRS} qa/gitlab-qa-run-*/**/rspec.htm

review-performance:
  extends: .review-qa-base
  allow_failure: true
  before_script:
    - export CI_ENVIRONMENT_URL="$(cat review_app_url.txt)"
    - echo "${CI_ENVIRONMENT_URL}"
    - mkdir -p gitlab-exporter
    - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
    - mkdir -p sitespeed-results
  script:
    - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:6.3.1 --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}"
  after_script:
    - mv sitespeed-results/data/performance.json performance.json
  artifacts:
    paths:
      - sitespeed-results/
    reports:
      performance: performance.json

schedule:review-performance:
  extends:
    - review-performance
    - .review-schedules-only
  dependencies: ["schedule:review-deploy"]

schedule:review-cleanup:
  extends:
    - .review-base
    - .review-schedules-only
  stage: build
  allow_failure: true
  environment:
    name: review/auto-cleanup
    action: stop
  before_script:
    - source scripts/utils.sh
    - install_gitlab_gem
  script:
    - ruby -rrubygems scripts/review_apps/automated_cleanup.rb

danger-review:
  extends:
    - .default-tags
    - .default-retry
    - .default-cache
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger
  stage: test
  dependencies: []
  only:
    variables:
      - $DANGER_GITLAB_API_TOKEN
  except:
    refs:
      - master
      - /^\d+-\d+-auto-deploy-\d+$/
      - /^[\d-]+-stable(-ee)?$/
      - /^ce-to-ee-.*/
      - /.*-stable(-ee)?-prepare-.*/
  script:
    - git version
    - node --version
    - yarn install --frozen-lockfile --cache-folder .yarn-cache --prefer-offline
    - danger --fail-on-errors=true