.gitlab-ci.yml 27 KB
Newer Older
Stan Hu's avatar
Stan Hu committed
1
image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.5.3-golang-1.9-git-2.18-chrome-69.0-node-10.x-yarn-1.12-postgresql-9.6-graphicsmagick-1.3.29"
2

3 4 5 6 7
.dedicated-runner: &dedicated-runner
  retry: 1
  tags:
    - gitlab-org

8
.default-cache: &default-cache
Stan Hu's avatar
Stan Hu committed
9
  key: "debian-stretch-ruby-2.5.3-node-10.x"
10
  paths:
11 12
    - vendor/ruby
    - .yarn-cache/
13
    - vendor/gitaly-ruby
14 15 16 17 18 19 20 21 22 23

.push-cache: &push-cache
  cache:
    <<: *default-cache
    policy: push

.pull-cache: &pull-cache
  cache:
    <<: *default-cache
    policy: pull
24

25 26
variables:
  MYSQL_ALLOW_EMPTY_PASSWORD: "1"
Kamil Trzcinski's avatar
Kamil Trzcinski committed
27
  RAILS_ENV: "test"
Mike Greiling's avatar
Mike Greiling committed
28
  NODE_ENV: "test"
Kamil Trzcinski's avatar
Kamil Trzcinski committed
29
  SIMPLECOV: "true"
30
  GIT_DEPTH: "20"
31
  GIT_SUBMODULE_STRATEGY: "none"
32
  GET_SOURCES_ATTEMPTS: "3"
33
  KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/${CI_PROJECT_NAME}/rspec_report-master.json
34
  FLAKY_RSPEC_SUITE_REPORT_PATH: rspec_flaky/report-suite.json
35
  BUILD_ASSETS_IMAGE: "false"
36

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
37
before_script:
Kamil Trzcinski's avatar
Test  
Kamil Trzcinski committed
38
  - bundle --version
39
  - date
40
  - source scripts/utils.sh
41
  - date
42
  - source scripts/prepare_build.sh
43 44 45 46
  - date

after_script:
  - date
47

Kamil Trzcinski's avatar
Kamil Trzcinski committed
48
stages:
49 50 51 52 53
  - build
  - prepare
  - test
  - post-test
  - pages
54
  - post-cleanup
55

56
# Predefined scopes
57
.tests-metadata-state: &tests-metadata-state
58
  <<: *dedicated-runner
59
  variables:
60
    TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache"
61 62
  before_script:
    - source scripts/utils.sh
63 64 65
  artifacts:
    expire_in: 31d
    paths:
66
      - knapsack/
67
      - rspec_flaky/
68

69 70
.use-pg: &use-pg
  services:
71
    - postgres:9.6
72 73 74
    - redis:alpine

.use-mysql: &use-mysql
75
  services:
76
    - mysql:5.7
77
    - redis:alpine
78

79 80
.rails4: &rails4
  allow_failure: false
81
  except:
82
    variables:
83 84
      - $CI_COMMIT_REF_NAME =~ /(^docs[\/-].*|.*-docs$)/
      - $CI_COMMIT_REF_NAME =~ /(^qa[\/-].*|.*-qa$)/
85 86
      - $CI_COMMIT_REF_NAME =~ /norails4/
      - $RAILS5_DISABLED
87
  variables:
88 89
    BUNDLE_GEMFILE: "Gemfile.rails4"
    RAILS5: "false"
90

91 92
# Skip all jobs except the ones that begin with 'docs/'.
# Used for commits including ONLY documentation changes.
93
# https://docs.gitlab.com/ce/development/documentation/#testing
94 95
.except-docs: &except-docs
  except:
96
    - /(^docs[\/-].*|.*-docs$)/
97

98 99 100 101
.except-qa: &except-qa
  except:
    - /(^qa[\/-].*|.*-qa$)/

102 103 104 105 106
.except-docs-and-qa: &except-docs-and-qa
  except:
    - /(^docs[\/-].*|.*-docs$)/
    - /(^qa[\/-].*|.*-qa$)/

107 108 109
# Jobs that only need to pull cache
.dedicated-no-docs-pull-cache-job: &dedicated-no-docs-pull-cache-job
  <<: *dedicated-runner
110
  <<: *except-docs
111 112 113 114 115 116 117 118 119 120 121
  <<: *pull-cache
  dependencies:
    - setup-test-env
  stage: test

# Jobs that do not need a DB
.dedicated-no-docs-no-db-pull-cache-job: &dedicated-no-docs-no-db-pull-cache-job
  <<: *dedicated-no-docs-pull-cache-job
  variables:
    SETUP_DB: "false"

122 123 124 125
.dedicated-no-docs-and-no-qa-pull-cache-job: &dedicated-no-docs-and-no-qa-pull-cache-job
  <<: *dedicated-no-docs-pull-cache-job
  <<: *except-docs-and-qa

126
.single-script-job: &single-script-job
Stan Hu's avatar
Stan Hu committed
127
  image: ruby:2.5-alpine
128
  stage: test
129 130 131 132 133 134 135 136 137 138 139
  cache: {}
  dependencies: []
  variables: &single-script-job-variables
    GIT_STRATEGY: none
  before_script:
    # We need to download the script rather than clone the repo since the
    # package-and-qa job will not be able to run when the branch gets
    # deleted (when merging the MR).
    - export SCRIPT_NAME="${SCRIPT_NAME:-$CI_JOB_NAME}"
    - apk add --update openssl
    - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/$SCRIPT_NAME
Ian Baum's avatar
Ian Baum committed
140
    - chmod 755 $(basename $SCRIPT_NAME)
141

142 143 144 145 146
.rake-exec: &rake-exec
  <<: *dedicated-no-docs-no-db-pull-cache-job
  script:
    - bundle exec rake $CI_JOB_NAME

147
.rspec-metadata: &rspec-metadata
148
  <<: *dedicated-runner
149
  <<: *except-docs-and-qa
150
  <<: *pull-cache
151
  stage: test
152
  script:
153
    - JOB_NAME=( $CI_JOB_NAME )
154 155
    - TEST_TOOL=${JOB_NAME[0]}
    - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${TEST_TOOL}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
156
    - export KNAPSACK_GENERATE_REPORT=true
157
    - export SUITE_FLAKY_RSPEC_REPORT_PATH=${FLAKY_RSPEC_SUITE_REPORT_PATH}
158 159
    - export FLAKY_RSPEC_REPORT_PATH=rspec_flaky/all_${TEST_TOOL}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
    - export NEW_FLAKY_RSPEC_REPORT_PATH=rspec_flaky/new_${TEST_TOOL}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
160
    - export FLAKY_RSPEC_GENERATE_REPORT=true
161
    - export CACHE_CLASSES=true
162
    - cp ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH}
163
    - '[[ -f $FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_REPORT_PATH}'
164
    - '[[ -f $NEW_FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${NEW_FLAKY_RSPEC_REPORT_PATH}'
Jacob Vosmaer's avatar
Jacob Vosmaer committed
165
    - scripts/gitaly-test-spawn
166
    - knapsack rspec "--color --format documentation --format RspecJunitFormatter --out junit_rspec.xml"
167 168
  artifacts:
    expire_in: 31d
169
    when: always
170
    paths:
171 172
      - coverage/
      - knapsack/
173
      - rspec_flaky/
174
      - tmp/capybara/
175 176
    reports:
      junit: junit_rspec.xml
177

178 179
.rspec-metadata-pg: &rspec-metadata-pg
  <<: *rspec-metadata
180 181
  <<: *use-pg

182
.rspec-metadata-pg-rails4: &rspec-metadata-pg-rails4
183
  <<: *rspec-metadata-pg
184
  <<: *rails4
185

186 187
.rspec-metadata-mysql: &rspec-metadata-mysql
  <<: *rspec-metadata
188 189
  <<: *use-mysql

190
.rspec-metadata-mysql-rails4: &rspec-metadata-mysql-rails4
191
  <<: *rspec-metadata-mysql
192
  <<: *rails4
193

194 195 196 197 198 199 200
.only-canonical-masters: &only-canonical-masters
  only:
    - master@gitlab-org/gitlab-ce
    - master@gitlab-org/gitlab-ee
    - master@gitlab/gitlabhq
    - master@gitlab/gitlab-ee

201
.gitlab-setup: &gitlab-setup
202
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
203 204
  <<: *use-pg
  variables:
205
    SETUP_DB: "false"
206
  script:
207 208 209 210 211 212 213 214 215 216 217
    # Manually clone gitlab-test and only seed this project in
    # db/fixtures/development/04_project.rb thanks to SIZE=1 below
    - git clone https://gitlab.com/gitlab-org/gitlab-test.git
       /home/git/repositories/gitlab-org/gitlab-test.git
    - scripts/gitaly-test-spawn
    - force=yes SIZE=1 FIXTURE_PATH="db/fixtures/development" bundle exec rake gitlab:setup
  artifacts:
    when: on_failure
    expire_in: 1d
    paths:
      - log/development.log
218

219 220
# DB migration, rollback, and seed jobs
.db-migrate-reset: &db-migrate-reset
221
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
222 223 224 225
  script:
    - bundle exec rake db:migrate:reset

.migration-paths: &migration-paths
226
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
227
  variables:
228
    SETUP_DB: "false"
229 230 231
  script:
    - git fetch https://gitlab.com/gitlab-org/gitlab-ce.git v9.3.0
    - git checkout -f FETCH_HEAD
Stan Hu's avatar
Stan Hu committed
232 233
    - sed -i "s/gem 'oj', '~> 2.17.4'//" Gemfile
    - bundle update google-protobuf grpc
234 235 236 237 238
    - bundle install $BUNDLE_INSTALL_FLAGS
    - date
    - cp config/gitlab.yml.example config/gitlab.yml
    - bundle exec rake db:drop db:create db:schema:load db:seed_fu
    - date
239
    - git checkout -f $CI_COMMIT_SHA
240 241 242 243 244 245 246 247 248
    - bundle install $BUNDLE_INSTALL_FLAGS
    - date
    - . scripts/prepare_build.sh
    - date
    - bundle exec rake db:migrate

##
# Trigger a package build in omnibus-gitlab repository
#
249
package-and-qa:
250
  <<: *single-script-job
251
  variables:
252
    <<: *single-script-job-variables
253
    SCRIPT_NAME: trigger-build
254
  retry: 0
255
  script:
256
    - gem install gitlab --no-document
257
    - ./$SCRIPT_NAME omnibus
258
  when: manual
259 260 261 262
  only:
    - //@gitlab-org/gitlab-ce
    - //@gitlab-org/gitlab-ee

263 264 265 266 267 268 269
# Review docs base
.review-docs: &review-docs
  <<: *dedicated-runner
  <<: *single-script-job
  variables:
    <<: *single-script-job-variables
    SCRIPT_NAME: trigger-build-docs
270
  environment:
271
    name: review-docs/$CI_COMMIT_REF_SLUG
272
    # DOCS_REVIEW_APPS_DOMAIN and DOCS_GITLAB_REPO_SUFFIX are CI variables
273
    # Discussion: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14236/diffs#note_40140693
274
    url: http://$CI_ENVIRONMENT_SLUG.$DOCS_REVIEW_APPS_DOMAIN/$DOCS_GITLAB_REPO_SUFFIX
275
    on_stop: review-docs-cleanup
276 277 278 279 280 281

# Trigger a manual docs build in gitlab-docs only on non docs-only branches.
# Useful to preview the docs changes live.
review-docs-deploy-manual:
  <<: *review-docs
  stage: build
282
  script:
283
    - gem install gitlab --no-document
284
    - ./$SCRIPT_NAME deploy
285 286
  when: manual
  only:
287 288
    - branches@gitlab-org/gitlab-ce
    - branches@gitlab-org/gitlab-ee
289 290 291 292 293 294 295 296
  <<: *except-docs-and-qa

# Always trigger a docs build in gitlab-docs only on docs-only branches.
# Useful to preview the docs changes live.
review-docs-deploy:
  <<: *review-docs
  stage: post-test
  script:
297
    - gem install gitlab --no-document
298 299
    - ./$SCRIPT_NAME deploy
  only:
300 301
    - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ce
    - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ee
302
  <<: *except-qa
303 304 305 306 307 308

# Cleanup remote environment of gitlab-docs
review-docs-cleanup:
  <<: *review-docs
  stage: post-cleanup
  environment:
309
    name: review-docs/$CI_COMMIT_REF_SLUG
310 311
    action: stop
  script:
312
    - gem install gitlab --no-document
313
    - ./$SCRIPT_NAME cleanup
314 315 316 317
  when: manual
  only:
    - branches@gitlab-org/gitlab-ce
    - branches@gitlab-org/gitlab-ee
318

319 320 321 322
##
# Trigger a docker image build in CNG (Cloud Native GitLab) repository
#
cloud-native-image:
Stan Hu's avatar
Stan Hu committed
323
  image: ruby:2.5-alpine
324
  before_script: []
325
  dependencies: []
326
  stage: post-test
327
  allow_failure: true
328 329
  variables:
    GIT_DEPTH: "1"
330 331
  cache: {}
  script:
332 333
    - gem install gitlab --no-document
    - CNG_PROJECT_PATH="gitlab-org/build/CNG" BUILD_TRIGGER_TOKEN=$CI_JOB_TOKEN ./scripts/trigger-build cng
334 335 336 337
  only:
    - tags@gitlab-org/gitlab-ce
    - tags@gitlab-org/gitlab-ee

338 339 340
# Retrieve knapsack and rspec_flaky reports
retrieve-tests-metadata:
  <<: *tests-metadata-state
341
  <<: *except-docs-and-qa
342
  stage: prepare
343
  cache:
344
    key: tests_metadata
345
    policy: pull
346
  script:
347
    - mkdir -p knapsack/${CI_PROJECT_NAME}/
348
    - wget -O $KNAPSACK_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_RSPEC_SUITE_REPORT_PATH || rm $KNAPSACK_RSPEC_SUITE_REPORT_PATH
349
    - '[[ -f $KNAPSACK_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}'
350
    - mkdir -p rspec_flaky/
351 352
    - wget -O $FLAKY_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$FLAKY_RSPEC_SUITE_REPORT_PATH || rm $FLAKY_RSPEC_SUITE_REPORT_PATH
    - '[[ -f $FLAKY_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_SUITE_REPORT_PATH}'
353

354 355
update-tests-metadata:
  <<: *tests-metadata-state
356
  <<: *only-canonical-masters
357
  stage: post-test
358
  cache:
359
    key: tests_metadata
360 361
    paths:
      - knapsack/
362
      - rspec_flaky/
363
    policy: push
364
  script:
365
    - retry gem install fog-aws mime-types activesupport --no-document
366
    - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec-pg_node_*.json
367
    - scripts/merge-reports ${FLAKY_RSPEC_SUITE_REPORT_PATH} rspec_flaky/all_*_*.json
368
    - FLAKY_RSPEC_GENERATE_REPORT=1 scripts/prune-old-flaky-specs ${FLAKY_RSPEC_SUITE_REPORT_PATH}
blackst0ne's avatar
blackst0ne committed
369
    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH'
370
    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $FLAKY_RSPEC_SUITE_REPORT_PATH'
371
    - rm -f knapsack/${CI_PROJECT_NAME}/*_node_*.json
372
    - rm -f rspec_flaky/all_*.json rspec_flaky/new_*.json
373 374 375

flaky-examples-check:
  <<: *dedicated-runner
Stan Hu's avatar
Stan Hu committed
376
  image: ruby:2.5-alpine
377 378 379 380 381
  services: []
  before_script: []
  variables:
    SETUP_DB: "false"
    USE_BUNDLE_INSTALL: "false"
382
    NEW_FLAKY_SPECS_REPORT: rspec_flaky/report-new.json
383
  stage: post-test
384
  allow_failure: true
385
  retry: 0
386 387 388 389
  only:
    - branches
  except:
    - master
390
    - /(^docs[\/-].*|.*-docs$)/
391
    - /(^qa[\/-].*|.*-qa$)/
392 393 394 395 396 397
  artifacts:
    expire_in: 30d
    paths:
      - rspec_flaky/
  script:
    - '[[ -f $NEW_FLAKY_SPECS_REPORT ]] || echo "{}" > ${NEW_FLAKY_SPECS_REPORT}'
398
    - scripts/merge-reports ${NEW_FLAKY_SPECS_REPORT} rspec_flaky/new_*_*.json
399
    - scripts/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT
400

401
compile-assets:
402
  <<: *dedicated-runner
403
  <<: *except-docs
404
  <<: *use-pg
405
  stage: prepare
406 407
  cache:
    <<: *default-cache
408
  script:
409
    - node --version
410
    - date
411
    - yarn install --frozen-lockfile --cache-folder .yarn-cache
412
    - date
413
    - free -m
Mike Greiling's avatar
Mike Greiling committed
414
    - bundle exec rake gitlab:assets:compile
415 416 417
  variables:
    # we override the max_old_space_size to prevent OOM errors
    NODE_OPTIONS: --max_old_space_size=3584
418 419 420
  artifacts:
    expire_in: 7d
    paths:
421
      - node_modules
422
      - public/assets
423 424 425 426 427 428 429 430 431 432 433

setup-test-env:
  <<: *dedicated-runner
  <<: *except-docs
  <<: *use-pg
  stage: prepare
  cache:
    <<: *default-cache
  script:
    - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init'
    - scripts/gitaly-test-build # Do not use 'bundle exec' here
434
    - BUNDLE_GEMFILE=Gemfile.rails4 bundle install $BUNDLE_INSTALL_FLAGS
435 436 437
  artifacts:
    expire_in: 7d
    paths:
438
      - tmp/tests
439
      - config/secrets.yml
440
      - vendor/gitaly-ruby
441

442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485
# GitLab Review apps
.review-base: &review-base
  <<: *dedicated-no-docs-no-db-pull-cache-job
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
  stage: test
  cache: {}
  dependencies: []
  environment: &review-environment
    name: review/${CI_COMMIT_REF_NAME}
    url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
  only:
    refs:
      - branches@gitlab-org/gitlab-ce
      - branches@gitlab-org/gitlab-ee
    kubernetes: active
  except:
    refs:
      - master
      - /(^docs[\/-].*|.*-docs$)/
  before_script: []

.review-docker: &review-docker
  <<: *review-base
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine
  services:
    - docker:stable-dind
  tags:
    - gitlab-org
    - docker
  variables: &review-docker-variables
    GIT_DEPTH: "1"
    DOCKER_DRIVER: overlay2
    DOCKER_HOST: tcp://docker:2375
    LATEST_QA_IMAGE: "gitlab/${CI_PROJECT_NAME}-qa:nightly"
    QA_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/${CI_PROJECT_NAME}-qa:${CI_COMMIT_REF_SLUG}"

build-qa-image:
  <<: *review-docker
  stage: prepare
  script:
    - time docker build --cache-from ${LATEST_QA_IMAGE} --tag ${QA_IMAGE} ./qa/
    - echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY}
    - time docker push ${QA_IMAGE}

486
danger-review:
487
  <<: *pull-cache
488
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger
489 490
  stage: test
  allow_failure: true
491 492
  dependencies: []
  before_script: []
493
  only:
494 495
    variables:
      - $DANGER_GITLAB_API_TOKEN
496 497 498 499 500
  except:
    refs:
      - master
    variables:
      - $CI_COMMIT_REF_NAME =~ /^ce-to-ee-.*/
501
      - $CI_COMMIT_REF_NAME =~ /.*-stable(-ee)?-prepare-.*/
502 503
  script:
    - git version
504
    - node --version
505
    - yarn install --frozen-lockfile --cache-folder .yarn-cache
506 507
    - danger --fail-on-errors=true

508 509
rspec-pg:
  <<: *rspec-metadata-pg
510
  parallel: 50
511 512 513

rspec-mysql:
  <<: *rspec-metadata-mysql
514
  parallel: 50
515 516 517

rspec-pg-rails4:
  <<: *rspec-metadata-pg-rails4
518
  parallel: 50
519 520 521

rspec-mysql-rails4:
  <<: *rspec-metadata-mysql-rails4
522
  parallel: 50
523

524
static-analysis:
525 526 527 528
  <<: *dedicated-no-docs-no-db-pull-cache-job
  dependencies:
    - compile-assets
    - setup-test-env
529
  script:
530
    - scripts/static-analysis
Lin Jen-Shin's avatar
Lin Jen-Shin committed
531
  cache:
Stan Hu's avatar
Stan Hu committed
532
    key: "debian-stretch-ruby-2.5.3-node-10.x-and-rubocop"
Lin Jen-Shin's avatar
Lin Jen-Shin committed
533 534 535 536
    paths:
      - vendor/ruby
      - .yarn-cache/
      - tmp/rubocop_cache
537

538 539 540 541
# Documentation checks:
# - Check validity of relative links
# - Make sure cURL examples in API docs use the full switches
docs lint:
542
  <<: *dedicated-runner
543
  <<: *except-qa
Evan Read's avatar
Evan Read committed
544
  image: "registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-docs-lint"
545 546 547 548 549
  stage: test
  cache: {}
  dependencies: []
  before_script: []
  script:
550
    - scripts/lint-doc.sh
551
    - scripts/lint-changelog-yaml
Evan Read's avatar
Evan Read committed
552 553
    - mv doc/ /tmp/gitlab-docs/content/
    - cd /tmp/gitlab-docs
554 555 556 557 558
    # Build HTML from Markdown
    - bundle exec nanoc
    # Check the internal links
    - bundle exec nanoc check internal_links

559 560
downtime_check:
  <<: *rake-exec
561 562 563 564
  except:
    - master
    - tags
    - /^[\d-]+-stable(-ee)?$/
565
    - /(^docs[\/-].*|.*-docs$)/
566
    - /(^qa[\/-].*|.*-qa$)/
567

568
rails4_gemfile_lock_check:
569 570 571
  <<: *dedicated-no-docs-no-db-pull-cache-job
  <<: *except-docs-and-qa
  script:
572
    - scripts/rails4-gemfile-lock-check
573

574 575
ee_compat_check:
  <<: *rake-exec
576
  dependencies: []
577 578 579
  except:
    - master
    - tags
580
    - /[\d-]+-stable(-ee)?/
581
    - /^security-/
582 583
    - branches@gitlab-org/gitlab-ee
    - branches@gitlab/gitlab-ee
584
  retry: 0
585
  artifacts:
586
    name: "${CI_JOB_NAME}_${CI_COMIT_REF_NAME}_${CI_COMMIT_SHA}"
587
    when: always
588 589 590 591
    expire_in: 10d
    paths:
      - ee_compat_check/patches/*.patch

592
db:migrate:reset-pg:
593 594 595
  <<: *db-migrate-reset
  <<: *use-pg

596
db:migrate:reset-mysql:
597 598 599
  <<: *db-migrate-reset
  <<: *use-mysql

600 601 602 603 604 605
db:check-schema-pg:
  <<: *db-migrate-reset
  <<: *use-pg
  script:
    - source scripts/schema_changed.sh

606 607 608 609 610 611 612 613
migration:path-pg:
  <<: *migration-paths
  <<: *use-pg

migration:path-mysql:
  <<: *migration-paths
  <<: *use-mysql

614
.db-rollback: &db-rollback
615
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
616
  script:
617
    - bundle exec rake db:migrate VERSION=20170523121229
618
    - bundle exec rake db:migrate
619

620
db:rollback-pg:
621 622 623
  <<: *db-rollback
  <<: *use-pg

624
db:rollback-mysql:
625 626 627
  <<: *db-rollback
  <<: *use-mysql

628 629
gitlab:setup-pg:
  <<: *gitlab-setup
630 631
  <<: *use-pg

632 633
gitlab:setup-mysql:
  <<: *gitlab-setup
634 635
  <<: *use-mysql

636
# Frontend-related jobs
637
gitlab:assets:compile:
638
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
Stan Hu's avatar
Stan Hu committed
639
  image: dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.5.3-git-2.18-chrome-69.0-node-8.x-yarn-1.2-graphicsmagick-1.3.29-docker-18.06.1
640
  dependencies: []
641 642
  services:
    - docker:stable-dind
643 644 645 646 647
  variables:
    NODE_ENV: "production"
    RAILS_ENV: "production"
    SETUP_DB: "false"
    SKIP_STORAGE_VALIDATION: "true"
648
    WEBPACK_REPORT: "true"
649 650
    # we override the max_old_space_size to prevent OOM errors
    NODE_OPTIONS: --max_old_space_size=3584
651 652
    DOCKER_DRIVER: overlay2
    DOCKER_HOST: tcp://docker:2375
653
  script:
654
    - date
655
    - yarn install --frozen-lockfile --production --cache-folder .yarn-cache
656
    - date
657
    - free -m
658
    - bundle exec rake gitlab:assets:compile
659
    - scripts/build_assets_image
660 661 662 663
  artifacts:
    name: webpack-report
    expire_in: 31d
    paths:
664
      - webpack-report/
665
      - public/assets/
666
  only:
667 668 669 670
    - //@gitlab-org/gitlab-ce
    - //@gitlab-org/gitlab-ee
    - //@gitlab/gitabhq
    - //@gitlab/gitlab-ee
671
  tags:
672 673
    - gitlab-org-delivery
    - high-cpu
674

675
karma:
Rémy Coutable's avatar
Rémy Coutable committed
676
  <<: *dedicated-no-docs-pull-cache-job
677
  <<: *use-pg
678 679 680
  dependencies:
    - compile-assets
    - setup-test-env
681 682 683
  variables:
    # we override the max_old_space_size to prevent OOM errors
    NODE_OPTIONS: --max_old_space_size=3584
684
  script:
685
    - export BABEL_ENV=coverage CHROME_LOG_FILE=chrome_debug.log
686
    - date
Jacob Vosmaer's avatar
Jacob Vosmaer committed
687
    - scripts/gitaly-test-spawn
688
    - date
689
    - bundle exec rake karma
690
  coverage: '/^Statements *: (\d+\.\d+%)/'
691 692 693
  artifacts:
    name: coverage-javascript
    expire_in: 31d
694
    when: always
695
    paths:
696 697
      - chrome_debug.log
      - coverage-javascript/
698 699
    reports:
      junit: junit_karma.xml
700

Shinya Maeda's avatar
Shinya Maeda committed
701
code_quality:
702
  <<: *dedicated-no-docs-no-db-pull-cache-job
703 704
  image: docker:stable
  allow_failure: true
705 706 707
  # gitlab-org runners set `privileged: false` but we need to have it set to true
  # since we're using Docker in Docker
  tags: []
708
  before_script: []
709
  services:
710
    - docker:stable-dind
711 712 713 714 715
  variables:
    SETUP_DB: "false"
    DOCKER_DRIVER: overlay2
  cache: {}
  dependencies: []
716
  script:
717 718
    # Extract "MAJOR.MINOR" from CI_SERVER_VERSION and generate "MAJOR-MINOR-stable" for Security Products
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
Shinya Maeda's avatar
Shinya Maeda committed
719 720 721 722 723
    - docker run
        --env SOURCE_CODE="$PWD"
        --volume "$PWD":/code
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
724
  artifacts:
725 726
    reports:
      codequality: gl-code-quality-report.json
727
    expire_in: 1 week
728

729
sast:
730 731
  <<: *dedicated-no-docs-no-db-pull-cache-job
  image: docker:stable
732
  variables:
733 734 735 736
    SAST_CONFIDENCE_LEVEL: 2
    DOCKER_DRIVER: overlay2
  allow_failure: true
  tags: []
737
  before_script: []
738 739 740 741
  cache: {}
  dependencies: []
  services:
    - docker:stable-dind
742
  script:
743 744 745 746 747 748
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
    - docker run
        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
        --volume "$PWD:/code"
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
749
  artifacts:
750 751
    reports:
      sast: gl-sast-report.json
752

753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772
dependency_scanning:
  <<: *dedicated-no-docs-no-db-pull-cache-job
  image: docker:stable
  variables:
    DOCKER_DRIVER: overlay2
  allow_failure: true
  tags: []
  before_script: []
  cache: {}
  dependencies: []
  services:
    - docker:stable-dind
  script:
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
    - docker run
        --env DEP_SCAN_DISABLE_REMOTE_CHECKS="${DEP_SCAN_DISABLE_REMOTE_CHECKS:-false}"
        --volume "$PWD:/code"
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$SP_VERSION" /code
  artifacts:
773 774
    reports:
      dependency_scanning: gl-dependency-scanning-report.json
775

776
qa:internal:
777
  <<: *dedicated-no-docs-no-db-pull-cache-job
778 779 780 781 782 783
  services: []
  script:
    - cd qa/
    - bundle install
    - bundle exec rspec

784
qa:selectors:
785
  <<: *dedicated-no-docs-no-db-pull-cache-job
786 787 788 789
  services: []
  script:
    - cd qa/
    - bundle install
790
    - bundle exec bin/qa Test::Sanity::Selectors
791

792 793 794 795 796 797 798 799 800 801 802 803 804 805 806
.qa-frontend-node: &qa-frontend-node
  stage: test
  variables:
    NODE_OPTIONS: --max_old_space_size=3584
  cache:
    key: "$CI_JOB_NAME"
    paths:
      - .yarn-cache/
  dependencies: []
  before_script: []
  script:
    - date
    - yarn install --frozen-lockfile --cache-folder .yarn-cache
    - date
    - yarn run webpack-prod
807
  <<: *except-docs
808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825

qa-frontend-node:6:
  <<: *qa-frontend-node
  image: node:6-alpine

qa-frontend-node:8:
  <<: *qa-frontend-node
  image: node:8-alpine

qa-frontend-node:10:
  <<: *qa-frontend-node
  image: node:10-alpine

qa-frontend-node:latest:
  <<: *qa-frontend-node
  image: node:alpine
  allow_failure: true

826
coverage:
827 828 829 830 831 832 833
  # Don't include dedicated-no-docs-no-db-pull-cache-job here since we need to
  # download artifacts from all the rspec jobs instead of from setup-test-env only
  <<: *dedicated-runner
  <<: *except-docs-and-qa
  <<: *pull-cache
  variables:
    SETUP_DB: "false"
834
  stage: post-test
835 836
  script:
    - bundle exec scripts/merge-simplecov
837
  coverage: '/LOC \((\d+\.\d+%)\) covered.$/'
838 839 840 841 842 843 844
  artifacts:
    name: coverage
    expire_in: 31d
    paths:
    - coverage/index.html
    - coverage/assets/

845
lint:javascript:report:
846
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
847
  stage: post-test
848
  dependencies: []
849
  before_script: []
850
  script:
851
    - date
852
    - yarn run eslint-report || true # ignore exit code
853 854 855 856
  artifacts:
    name: eslint-report
    expire_in: 31d
    paths:
857
      - eslint-report.html
858 859

pages:
860
  <<: *dedicated-no-docs-no-db-pull-cache-job
861 862 863 864
  before_script: []
  stage: pages
  dependencies:
    - coverage
865 866
    - karma
    - gitlab:assets:compile
867
    - lint:javascript:report
868 869 870
  script:
    - mv public/ .public/
    - mkdir public/
871
    - mv coverage/ public/coverage-ruby/ || true
872
    - mv coverage-javascript/ public/coverage-javascript/ || true
873
    - mv eslint-report.html public/ || true
874
    - mv webpack-report/ public/webpack-report/ || true
875 876
    - cp .public/assets/application-*.css public/application.css || true
    - cp .public/assets/application-*.css.gz public/application.css.gz || true
877 878 879 880
  artifacts:
    paths:
      - public
  only:
881
    - master@gitlab-org/gitlab-ce
882
    - master@gitlab-org/gitlab-ee
883 884 885 886

# Insurance in case a gem needed by one of our releases gets yanked from
# rubygems.org in the future.
cache gems:
887
  <<: *dedicated-no-docs-no-db-pull-cache-job
888 889 890 891 892
  script:
    - bundle package --all --all-platforms
  artifacts:
    paths:
      - vendor/cache
893 894
  only:
    - master@gitlab-org/gitlab-ce
895
    - master@gitlab-org/gitlab-ee
896
    - tags
897 898

gitlab_git_test:
899
  <<: *dedicated-runner
900
  <<: *except-docs-and-qa
901 902
  variables:
    SETUP_DB: "false"
903
  before_script: []
904
  dependencies: []
905
  cache: {}
906 907
  script:
    - spec/support/prepare-gitlab-git-test-for-commit --check-for-changes
908 909 910 911 912 913 914

no_ee_check:
  <<: *dedicated-runner
  <<: *except-docs-and-qa
  variables:
    SETUP_DB: "false"
  before_script: []
915
  dependencies: []
916 917 918 919 920
  cache: {}
  script:
    - scripts/no-ee-check
  only:
    - //@gitlab-org/gitlab-ce
921

Ian Baum's avatar
Ian Baum committed
922
# GitLab Review apps
923 924
review-deploy:
  <<: *review-base
925 926
  variables:
    GIT_DEPTH: "1"
927 928
    HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
    DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
929
    GITLAB_HELM_CHART_REF: "master"
930 931 932 933 934 935 936
    API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}"
  environment:
    <<: *review-environment
    on_stop: review-stop
  before_script:
    - apk update && apk add jq
    - gem install gitlab --no-document
937 938 939 940 941
  script:
    - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
    - export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
    - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
    - source ./scripts/review_apps/review-apps.sh
942
    - wait_for_job_to_be_done "gitlab:assets:compile"
943 944 945 946 947
    - BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng
    - check_kube_domain
    - download_gitlab_chart
    - ensure_namespace
    - install_tiller
Ian Baum's avatar
Ian Baum committed
948
    - install_external_dns
949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964
    - time deploy
    - add_license

.review-qa-base: &review-qa-base
  <<: *review-docker
  variables:
    <<: *review-docker-variables
    API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}"
    QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa"
    QA_CAN_TEST_GIT_PROTOCOL_V2: "false"
    GITLAB_USERNAME: "root"
    GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
    GITLAB_ADMIN_USERNAME: "root"
    GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
    GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
    EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}"
965
    QA_DEBUG: "true"
966 967 968 969 970 971 972 973 974 975 976 977 978 979 980
  artifacts:
    paths:
      - ./qa/gitlab-qa-run-*
    expire_in: 7 days
    when: always
  before_script:
    - echo "${QA_IMAGE}"
    - echo "${CI_ENVIRONMENT_URL}"
    - apk update && apk add curl jq
    - source ./scripts/review_apps/review-apps.sh
    - gem install gitlab-qa --no-document ${GITLAB_QA_VERSION:+ --version ${GITLAB_QA_VERSION}}
    - wait_for_job_to_be_done "review-deploy"

review-qa-smoke:
  <<: *review-qa-base
981
  retry: 2
982 983 984 985 986 987 988 989
  script:
    - gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"

review-qa-all:
  <<: *review-qa-base
  script:
    - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"
  when: manual
990

991 992
review-stop:
  <<: *review-base
993 994 995
  <<: *single-script-job
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
  allow_failure: true
Ian Baum's avatar
Ian Baum committed
996
  variables:
997
    <<: *single-script-job-variables
Ian Baum's avatar
Ian Baum committed
998
    SCRIPT_NAME: "review_apps/review-apps.sh"
999 1000 1001 1002
  when: manual
  environment:
    <<: *review-environment
    action: stop
1003
  script:
Ian Baum's avatar
Ian Baum committed
1004
    - source $(basename "${SCRIPT_NAME}")
1005 1006 1007
    - delete
    - cleanup

1008 1009
schedule:review-cleanup:
  <<: *review-base
1010
  stage: build
1011 1012 1013
  allow_failure: true
  variables:
    GIT_DEPTH: "1"
1014 1015
  environment:
    name: review/auto-cleanup
1016 1017
  only:
    refs:
Ian Baum's avatar
Ian Baum committed
1018
      - schedules@gitlab-org/gitlab-ce
1019
      - schedules@gitlab-org/gitlab-ee
1020
    kubernetes: active
1021
  except:
1022
    - tags
1023
    - /(^docs[\/-].*|.*-docs$)/
1024 1025 1026 1027
  before_script:
    - gem install gitlab --no-document
  script:
    - ruby -rrubygems scripts/review_apps/automated_cleanup.rb