This repository has been archived by the owner on Feb 2, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
104 lines (91 loc) · 2.87 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
variables:
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository -Dmaven.compiler.showWarnings=false -Dmaven.compiler.debug=false -Dorg.slf4j.simpleLogger.showDateTime=true -Dorg.slf4j.simpleLogger.dateTimeFormat=HH:mm:ss:SSS"
image: maven:3.9.0-amazoncorretto-17
include:
- template: Security/SAST.gitlab-ci.yml
cache:
paths:
- .m2/repository
- command-line/target
- maven-plugin/target
- spring-boot-test/target
stages:
- build
- test
- verify
- release
- deploy
build:
stage: build
script:
- ./mvnw $MAVEN_CLI_OPTS clean compile
rules:
- if: $CI_COMMIT_TAG == null
test:
stage: test
script:
- ./mvnw $MAVEN_CLI_OPTS verify
artifacts:
reports:
junit:
- command-line/target/surefire-reports/TEST-*.xml
- maven-plugin/target/surefire-reports/TEST-*.xml
- maven-plugin/target/failsafe-reports/TEST-*.xml
- spring-boot-test/target/surefire-reports/TEST-*.xml
- spring-boot-test/target/failsafe-reports/TEST-*.xml
rules:
- if: $CI_COMMIT_TAG == null
sast:
stage: test
variables:
SAST_EXCLUDED_PATHS: jacoco-resources, prism.js
semgrep-sast:
rules:
- if: $CI_COMMIT_TAG == null
spotbugs-sast:
variables:
MAVEN_REPO_PATH: '$CI_PROJECT_DIR/.m2/repository'
SAST_JAVA_VERSION: 17
before_script:
- rm -rf maven-plugin/src/it
- rm -rf spring-boot-test/src/it
rules:
- if: $CI_COMMIT_TAG == null
coverage:
stage: verify
script:
- awk -F"," '{ instructions += $4 + $5; covered += $5 } END { print covered, "/", instructions, "instructions covered"; print 100*covered/instructions, "% covered" }' command-line/target/site/jacoco/jacoco.csv maven-plugin/target/site/jacoco/jacoco.csv spring-boot-test/target/site/jacoco/jacoco.csv
coverage: '/(\d+\.?\d*) \% covered/'
rules:
- if: $CI_DEFAULT_BRANCH == $CI_COMMIT_BRANCH
codacy:
stage: verify
script:
- bash <(curl -Ls https://coverage.codacy.com/get.sh) report -r command-line/target/site/jacoco/jacoco.xml -r maven-plugin/target/site/jacoco/jacoco.xml -r spring-boot-test/target/site/jacoco/jacoco.xml
rules:
- if: $CODACY_PROJECT_TOKEN && $CI_COMMIT_TAG == null
release:
stage: release
script:
- ./mvnw $MAVEN_CLI_OPTS -s ci_settings.xml -am -ntp -DskipTests -Dchangelist= -Pjavadocs,release
rules:
- if: $CI_COMMIT_TAG
- if: $CI_DEFAULT_BRANCH != $CI_COMMIT_BRANCH
when: never
cache:
paths:
- target
pages:
stage: deploy
script:
- cp changelog.md src/site/markdown
- cp contributing.md src/site/markdown
- ./mvnw javadoc:aggregate -Dchangelist= -Pjavadocs
- ./mvnw $MAVEN_CLI_OPTS -pl . -Dchangelist= -Psite
artifacts:
paths:
- public
rules:
- if: $CI_COMMIT_TAG
- if: $CI_DEFAULT_BRANCH != $CI_COMMIT_BRANCH
when: never