.gitlab-ci.yml 27.7 KB
Newer Older
Stan Hu's avatar
Stan Hu committed
1
image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.5.3-golang-1.9-git-2.18-chrome-69.0-node-10.x-yarn-1.12-postgresql-9.6-graphicsmagick-1.3.29"
2

3 4 5 6 7
.dedicated-runner: &dedicated-runner
  retry: 1
  tags:
    - gitlab-org

8
.default-cache: &default-cache
Stan Hu's avatar
Stan Hu committed
9
  key: "debian-stretch-ruby-2.5.3-node-10.x"
10
  paths:
11 12
    - vendor/ruby
    - .yarn-cache/
13
    - vendor/gitaly-ruby
14 15 16 17 18 19 20 21 22 23

.push-cache: &push-cache
  cache:
    <<: *default-cache
    policy: push

.pull-cache: &pull-cache
  cache:
    <<: *default-cache
    policy: pull
24

25 26
variables:
  MYSQL_ALLOW_EMPTY_PASSWORD: "1"
Kamil Trzcinski's avatar
Kamil Trzcinski committed
27
  RAILS_ENV: "test"
Mike Greiling's avatar
Mike Greiling committed
28
  NODE_ENV: "test"
Kamil Trzcinski's avatar
Kamil Trzcinski committed
29
  SIMPLECOV: "true"
30
  GIT_DEPTH: "20"
31
  GIT_SUBMODULE_STRATEGY: "none"
32
  GET_SOURCES_ATTEMPTS: "3"
33
  KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/${CI_PROJECT_NAME}/rspec_report-master.json
34
  FLAKY_RSPEC_SUITE_REPORT_PATH: rspec_flaky/report-suite.json
35
  BUILD_ASSETS_IMAGE: "false"
36

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
37
before_script:
Kamil Trzcinski's avatar
Test  
Kamil Trzcinski committed
38
  - bundle --version
39
  - date
40
  - source scripts/utils.sh
41
  - date
42
  - source scripts/prepare_build.sh
43 44 45 46
  - date

after_script:
  - date
47

Kamil Trzcinski's avatar
Kamil Trzcinski committed
48
stages:
49 50
  - build
  - prepare
51
  - merge
52 53 54
  - test
  - post-test
  - pages
55
  - post-cleanup
56

57
# Predefined scopes
58
.tests-metadata-state: &tests-metadata-state
59
  <<: *dedicated-runner
60
  variables:
61
    TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache"
62 63
  before_script:
    - source scripts/utils.sh
64 65 66
  artifacts:
    expire_in: 31d
    paths:
67
      - knapsack/
68
      - rspec_flaky/
69

70 71
.use-pg: &use-pg
  services:
72
    - postgres:9.6
73 74 75
    - redis:alpine

.use-mysql: &use-mysql
76
  services:
77
    - mysql:5.7
78
    - redis:alpine
79

80 81
.rails4: &rails4
  allow_failure: false
82
  except:
83
    variables:
84 85
      - $CI_COMMIT_REF_NAME =~ /(^docs[\/-].*|.*-docs$)/
      - $CI_COMMIT_REF_NAME =~ /(^qa[\/-].*|.*-qa$)/
86 87
      - $CI_COMMIT_REF_NAME =~ /norails4/
      - $RAILS5_DISABLED
88
  variables:
89 90
    BUNDLE_GEMFILE: "Gemfile.rails4"
    RAILS5: "false"
91

92 93
# Skip all jobs except the ones that begin with 'docs/'.
# Used for commits including ONLY documentation changes.
94
# https://docs.gitlab.com/ce/development/documentation/#testing
95 96
.except-docs: &except-docs
  except:
97
    - /(^docs[\/-].*|.*-docs$)/
98

99 100 101 102
.except-qa: &except-qa
  except:
    - /(^qa[\/-].*|.*-qa$)/

103 104 105 106 107
.except-docs-and-qa: &except-docs-and-qa
  except:
    - /(^docs[\/-].*|.*-docs$)/
    - /(^qa[\/-].*|.*-qa$)/

108 109 110
# Jobs that only need to pull cache
.dedicated-no-docs-pull-cache-job: &dedicated-no-docs-pull-cache-job
  <<: *dedicated-runner
111
  <<: *except-docs
112 113 114 115 116 117 118 119 120 121 122
  <<: *pull-cache
  dependencies:
    - setup-test-env
  stage: test

# Jobs that do not need a DB
.dedicated-no-docs-no-db-pull-cache-job: &dedicated-no-docs-no-db-pull-cache-job
  <<: *dedicated-no-docs-pull-cache-job
  variables:
    SETUP_DB: "false"

123 124 125 126
.dedicated-no-docs-and-no-qa-pull-cache-job: &dedicated-no-docs-and-no-qa-pull-cache-job
  <<: *dedicated-no-docs-pull-cache-job
  <<: *except-docs-and-qa

127
.single-script-job: &single-script-job
Stan Hu's avatar
Stan Hu committed
128
  image: ruby:2.5-alpine
129
  stage: test
130 131 132 133 134 135 136 137 138 139 140
  cache: {}
  dependencies: []
  variables: &single-script-job-variables
    GIT_STRATEGY: none
  before_script:
    # We need to download the script rather than clone the repo since the
    # package-and-qa job will not be able to run when the branch gets
    # deleted (when merging the MR).
    - export SCRIPT_NAME="${SCRIPT_NAME:-$CI_JOB_NAME}"
    - apk add --update openssl
    - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/$SCRIPT_NAME
Ian Baum's avatar
Ian Baum committed
141
    - chmod 755 $(basename $SCRIPT_NAME)
142

143 144 145 146 147
.rake-exec: &rake-exec
  <<: *dedicated-no-docs-no-db-pull-cache-job
  script:
    - bundle exec rake $CI_JOB_NAME

148
.rspec-metadata: &rspec-metadata
149
  <<: *dedicated-runner
150
  <<: *except-docs-and-qa
151
  <<: *pull-cache
152
  stage: test
153
  script:
154
    - JOB_NAME=( $CI_JOB_NAME )
155 156
    - TEST_TOOL=${JOB_NAME[0]}
    - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${TEST_TOOL}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
157
    - export KNAPSACK_GENERATE_REPORT=true
158
    - export SUITE_FLAKY_RSPEC_REPORT_PATH=${FLAKY_RSPEC_SUITE_REPORT_PATH}
159 160
    - export FLAKY_RSPEC_REPORT_PATH=rspec_flaky/all_${TEST_TOOL}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
    - export NEW_FLAKY_RSPEC_REPORT_PATH=rspec_flaky/new_${TEST_TOOL}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
161
    - export FLAKY_RSPEC_GENERATE_REPORT=true
162
    - export CACHE_CLASSES=true
163
    - cp ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH}
164
    - '[[ -f $FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_REPORT_PATH}'
165
    - '[[ -f $NEW_FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${NEW_FLAKY_RSPEC_REPORT_PATH}'
Jacob Vosmaer's avatar
Jacob Vosmaer committed
166
    - scripts/gitaly-test-spawn
167
    - knapsack rspec "--color --format documentation --format RspecJunitFormatter --out junit_rspec.xml"
168 169
  artifacts:
    expire_in: 31d
170
    when: always
171
    paths:
172 173
      - coverage/
      - knapsack/
174
      - rspec_flaky/
175
      - tmp/capybara/
176 177
    reports:
      junit: junit_rspec.xml
178

179 180
.rspec-metadata-pg: &rspec-metadata-pg
  <<: *rspec-metadata
181 182
  <<: *use-pg

183
.rspec-metadata-pg-rails4: &rspec-metadata-pg-rails4
184
  <<: *rspec-metadata-pg
185
  <<: *rails4
186

187 188
.rspec-metadata-mysql: &rspec-metadata-mysql
  <<: *rspec-metadata
189 190
  <<: *use-mysql

191
.rspec-metadata-mysql-rails4: &rspec-metadata-mysql-rails4
192
  <<: *rspec-metadata-mysql
193
  <<: *rails4
194

195 196 197 198 199 200 201
.only-canonical-masters: &only-canonical-masters
  only:
    - master@gitlab-org/gitlab-ce
    - master@gitlab-org/gitlab-ee
    - master@gitlab/gitlabhq
    - master@gitlab/gitlab-ee

202
.gitlab-setup: &gitlab-setup
203
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
204 205
  <<: *use-pg
  variables:
206
    SETUP_DB: "false"
207
  script:
208 209 210 211 212 213 214 215 216 217 218
    # Manually clone gitlab-test and only seed this project in
    # db/fixtures/development/04_project.rb thanks to SIZE=1 below
    - git clone https://gitlab.com/gitlab-org/gitlab-test.git
       /home/git/repositories/gitlab-org/gitlab-test.git
    - scripts/gitaly-test-spawn
    - force=yes SIZE=1 FIXTURE_PATH="db/fixtures/development" bundle exec rake gitlab:setup
  artifacts:
    when: on_failure
    expire_in: 1d
    paths:
      - log/development.log
219

220 221
# DB migration, rollback, and seed jobs
.db-migrate-reset: &db-migrate-reset
222
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
223 224 225 226
  script:
    - bundle exec rake db:migrate:reset

.migration-paths: &migration-paths
227
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
228
  variables:
229
    SETUP_DB: "false"
230 231 232
  script:
    - git fetch https://gitlab.com/gitlab-org/gitlab-ce.git v9.3.0
    - git checkout -f FETCH_HEAD
Stan Hu's avatar
Stan Hu committed
233 234
    - sed -i "s/gem 'oj', '~> 2.17.4'//" Gemfile
    - bundle update google-protobuf grpc
235 236 237 238 239
    - bundle install $BUNDLE_INSTALL_FLAGS
    - date
    - cp config/gitlab.yml.example config/gitlab.yml
    - bundle exec rake db:drop db:create db:schema:load db:seed_fu
    - date
240
    - git checkout -f $CI_COMMIT_SHA
241 242 243 244 245 246 247 248 249
    - bundle install $BUNDLE_INSTALL_FLAGS
    - date
    - . scripts/prepare_build.sh
    - date
    - bundle exec rake db:migrate

##
# Trigger a package build in omnibus-gitlab repository
#
250
package-and-qa:
251
  <<: *single-script-job
252
  variables:
253
    <<: *single-script-job-variables
254
    SCRIPT_NAME: trigger-build
255
  retry: 0
256
  script:
257
    - gem install gitlab --no-document
258
    - ./$SCRIPT_NAME omnibus
259
  when: manual
260 261 262 263
  only:
    - //@gitlab-org/gitlab-ce
    - //@gitlab-org/gitlab-ee

264 265 266 267 268 269 270
# Review docs base
.review-docs: &review-docs
  <<: *dedicated-runner
  <<: *single-script-job
  variables:
    <<: *single-script-job-variables
    SCRIPT_NAME: trigger-build-docs
271
  environment:
272
    name: review-docs/$CI_COMMIT_REF_SLUG
273
    # DOCS_REVIEW_APPS_DOMAIN and DOCS_GITLAB_REPO_SUFFIX are CI variables
274
    # Discussion: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14236/diffs#note_40140693
275
    url: http://$CI_ENVIRONMENT_SLUG.$DOCS_REVIEW_APPS_DOMAIN/$DOCS_GITLAB_REPO_SUFFIX
276
    on_stop: review-docs-cleanup
277 278 279 280 281 282

# Trigger a manual docs build in gitlab-docs only on non docs-only branches.
# Useful to preview the docs changes live.
review-docs-deploy-manual:
  <<: *review-docs
  stage: build
283
  script:
284
    - gem install gitlab --no-document
285
    - ./$SCRIPT_NAME deploy
286 287
  when: manual
  only:
288 289
    - branches@gitlab-org/gitlab-ce
    - branches@gitlab-org/gitlab-ee
290 291 292 293 294 295 296 297
  <<: *except-docs-and-qa

# Always trigger a docs build in gitlab-docs only on docs-only branches.
# Useful to preview the docs changes live.
review-docs-deploy:
  <<: *review-docs
  stage: post-test
  script:
298
    - gem install gitlab --no-document
299 300
    - ./$SCRIPT_NAME deploy
  only:
301 302
    - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ce
    - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ee
303
  <<: *except-qa
304 305 306 307 308 309

# Cleanup remote environment of gitlab-docs
review-docs-cleanup:
  <<: *review-docs
  stage: post-cleanup
  environment:
310
    name: review-docs/$CI_COMMIT_REF_SLUG
311 312
    action: stop
  script:
313
    - gem install gitlab --no-document
314
    - ./$SCRIPT_NAME cleanup
315 316 317 318
  when: manual
  only:
    - branches@gitlab-org/gitlab-ce
    - branches@gitlab-org/gitlab-ee
319

320 321 322 323
##
# Trigger a docker image build in CNG (Cloud Native GitLab) repository
#
cloud-native-image:
Stan Hu's avatar
Stan Hu committed
324
  image: ruby:2.5-alpine
325
  before_script: []
326
  dependencies: []
327
  stage: post-test
328
  allow_failure: true
329 330
  variables:
    GIT_DEPTH: "1"
331 332
  cache: {}
  script:
333 334
    - gem install gitlab --no-document
    - CNG_PROJECT_PATH="gitlab-org/build/CNG" BUILD_TRIGGER_TOKEN=$CI_JOB_TOKEN ./scripts/trigger-build cng
335 336 337 338
  only:
    - tags@gitlab-org/gitlab-ce
    - tags@gitlab-org/gitlab-ee

339 340 341
# Retrieve knapsack and rspec_flaky reports
retrieve-tests-metadata:
  <<: *tests-metadata-state
342
  <<: *except-docs-and-qa
343
  stage: prepare
344
  cache:
345
    key: tests_metadata
346
    policy: pull
347
  script:
348
    - mkdir -p knapsack/${CI_PROJECT_NAME}/
349
    - wget -O $KNAPSACK_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_RSPEC_SUITE_REPORT_PATH || rm $KNAPSACK_RSPEC_SUITE_REPORT_PATH
350
    - '[[ -f $KNAPSACK_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}'
351
    - mkdir -p rspec_flaky/
352 353
    - wget -O $FLAKY_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$FLAKY_RSPEC_SUITE_REPORT_PATH || rm $FLAKY_RSPEC_SUITE_REPORT_PATH
    - '[[ -f $FLAKY_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_SUITE_REPORT_PATH}'
354

355 356
update-tests-metadata:
  <<: *tests-metadata-state
357
  <<: *only-canonical-masters
358
  stage: post-test
359
  cache:
360
    key: tests_metadata
361 362
    paths:
      - knapsack/
363
      - rspec_flaky/
364
    policy: push
365
  script:
366
    - retry gem install fog-aws mime-types activesupport --no-document
367
    - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec-pg_node_*.json
368
    - scripts/merge-reports ${FLAKY_RSPEC_SUITE_REPORT_PATH} rspec_flaky/all_*_*.json
369
    - FLAKY_RSPEC_GENERATE_REPORT=1 scripts/prune-old-flaky-specs ${FLAKY_RSPEC_SUITE_REPORT_PATH}
blackst0ne's avatar
blackst0ne committed
370
    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH'
371
    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $FLAKY_RSPEC_SUITE_REPORT_PATH'
372
    - rm -f knapsack/${CI_PROJECT_NAME}/*_node_*.json
373
    - rm -f rspec_flaky/all_*.json rspec_flaky/new_*.json
374 375 376

flaky-examples-check:
  <<: *dedicated-runner
Stan Hu's avatar
Stan Hu committed
377
  image: ruby:2.5-alpine
378 379 380 381 382
  services: []
  before_script: []
  variables:
    SETUP_DB: "false"
    USE_BUNDLE_INSTALL: "false"
383
    NEW_FLAKY_SPECS_REPORT: rspec_flaky/report-new.json
384
  stage: post-test
385
  allow_failure: true
386
  retry: 0
387 388 389 390
  only:
    - branches
  except:
    - master
391
    - /(^docs[\/-].*|.*-docs$)/
392
    - /(^qa[\/-].*|.*-qa$)/
393 394 395 396 397 398
  artifacts:
    expire_in: 30d
    paths:
      - rspec_flaky/
  script:
    - '[[ -f $NEW_FLAKY_SPECS_REPORT ]] || echo "{}" > ${NEW_FLAKY_SPECS_REPORT}'
399
    - scripts/merge-reports ${NEW_FLAKY_SPECS_REPORT} rspec_flaky/new_*_*.json
400
    - scripts/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT
401

402
compile-assets:
403
  <<: *dedicated-runner
404
  <<: *except-docs
405
  <<: *use-pg
406
  stage: prepare
407 408
  cache:
    <<: *default-cache
409
  script:
410
    - node --version
411
    - date
412
    - yarn install --frozen-lockfile --cache-folder .yarn-cache
413
    - date
414
    - free -m
Mike Greiling's avatar
Mike Greiling committed
415
    - bundle exec rake gitlab:assets:compile
416 417 418
  variables:
    # we override the max_old_space_size to prevent OOM errors
    NODE_OPTIONS: --max_old_space_size=3584
419 420 421
  artifacts:
    expire_in: 7d
    paths:
422
      - node_modules
423
      - public/assets
424 425 426 427 428 429 430 431 432 433 434

setup-test-env:
  <<: *dedicated-runner
  <<: *except-docs
  <<: *use-pg
  stage: prepare
  cache:
    <<: *default-cache
  script:
    - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init'
    - scripts/gitaly-test-build # Do not use 'bundle exec' here
435
    - BUNDLE_GEMFILE=Gemfile.rails4 bundle install $BUNDLE_INSTALL_FLAGS
436 437 438
  artifacts:
    expire_in: 7d
    paths:
439
      - tmp/tests
440
      - config/secrets.yml
441
      - vendor/gitaly-ruby
442

443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486
# GitLab Review apps
.review-base: &review-base
  <<: *dedicated-no-docs-no-db-pull-cache-job
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
  stage: test
  cache: {}
  dependencies: []
  environment: &review-environment
    name: review/${CI_COMMIT_REF_NAME}
    url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
  only:
    refs:
      - branches@gitlab-org/gitlab-ce
      - branches@gitlab-org/gitlab-ee
    kubernetes: active
  except:
    refs:
      - master
      - /(^docs[\/-].*|.*-docs$)/
  before_script: []

.review-docker: &review-docker
  <<: *review-base
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine
  services:
    - docker:stable-dind
  tags:
    - gitlab-org
    - docker
  variables: &review-docker-variables
    GIT_DEPTH: "1"
    DOCKER_DRIVER: overlay2
    DOCKER_HOST: tcp://docker:2375
    LATEST_QA_IMAGE: "gitlab/${CI_PROJECT_NAME}-qa:nightly"
    QA_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/${CI_PROJECT_NAME}-qa:${CI_COMMIT_REF_SLUG}"

build-qa-image:
  <<: *review-docker
  stage: prepare
  script:
    - time docker build --cache-from ${LATEST_QA_IMAGE} --tag ${QA_IMAGE} ./qa/
    - echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY}
    - time docker push ${QA_IMAGE}

487
danger-review:
488
  <<: *pull-cache
489
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger
490 491
  stage: test
  allow_failure: true
492 493
  dependencies: []
  before_script: []
494
  only:
495 496
    variables:
      - $DANGER_GITLAB_API_TOKEN
497 498 499 500 501
  except:
    refs:
      - master
    variables:
      - $CI_COMMIT_REF_NAME =~ /^ce-to-ee-.*/
502
      - $CI_COMMIT_REF_NAME =~ /.*-stable(-ee)?-prepare-.*/
503 504
  script:
    - git version
505
    - node --version
506
    - yarn install --frozen-lockfile --cache-folder .yarn-cache
507 508
    - danger --fail-on-errors=true

509 510
rspec-pg:
  <<: *rspec-metadata-pg
511
  parallel: 50
512 513 514

rspec-mysql:
  <<: *rspec-metadata-mysql
515
  parallel: 50
516 517 518

rspec-pg-rails4:
  <<: *rspec-metadata-pg-rails4
519
  parallel: 50
520 521 522

rspec-mysql-rails4:
  <<: *rspec-metadata-mysql-rails4
523
  parallel: 50
524

525
static-analysis:
526 527 528 529
  <<: *dedicated-no-docs-no-db-pull-cache-job
  dependencies:
    - compile-assets
    - setup-test-env
530
  script:
531
    - scripts/static-analysis
Lin Jen-Shin's avatar
Lin Jen-Shin committed
532
  cache:
Stan Hu's avatar
Stan Hu committed
533
    key: "debian-stretch-ruby-2.5.3-node-10.x-and-rubocop"
Lin Jen-Shin's avatar
Lin Jen-Shin committed
534 535 536 537
    paths:
      - vendor/ruby
      - .yarn-cache/
      - tmp/rubocop_cache
538

539 540 541 542
# Documentation checks:
# - Check validity of relative links
# - Make sure cURL examples in API docs use the full switches
docs lint:
543
  <<: *dedicated-runner
544
  <<: *except-qa
Evan Read's avatar
Evan Read committed
545
  image: "registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-docs-lint"
546 547 548 549 550
  stage: test
  cache: {}
  dependencies: []
  before_script: []
  script:
551
    - scripts/lint-doc.sh
552
    - scripts/lint-changelog-yaml
Evan Read's avatar
Evan Read committed
553 554
    - mv doc/ /tmp/gitlab-docs/content/
    - cd /tmp/gitlab-docs
555 556 557
    # Build HTML from Markdown
    - bundle exec nanoc
    # Check the internal links
558 559
    # Disabled until https://gitlab.com/gitlab-com/gitlab-docs/issues/305 is resolved
    # - bundle exec nanoc check internal_links
560

561 562
downtime_check:
  <<: *rake-exec
563 564 565 566
  except:
    - master
    - tags
    - /^[\d-]+-stable(-ee)?$/
567
    - /(^docs[\/-].*|.*-docs$)/
568
    - /(^qa[\/-].*|.*-qa$)/
569

570
rails4_gemfile_lock_check:
571 572 573
  <<: *dedicated-no-docs-no-db-pull-cache-job
  <<: *except-docs-and-qa
  script:
574
    - scripts/rails4-gemfile-lock-check
575

576 577
ee_compat_check:
  <<: *rake-exec
578
  dependencies: []
579 580 581
  except:
    - master
    - tags
582
    - /[\d-]+-stable(-ee)?/
583
    - /^security-/
584 585
    - branches@gitlab-org/gitlab-ee
    - branches@gitlab/gitlab-ee
586
  retry: 0
587
  artifacts:
588
    name: "${CI_JOB_NAME}_${CI_COMIT_REF_NAME}_${CI_COMMIT_SHA}"
589
    when: always
590 591 592 593
    expire_in: 10d
    paths:
      - ee_compat_check/patches/*.patch

594
db:migrate:reset-pg:
595 596 597
  <<: *db-migrate-reset
  <<: *use-pg

598
db:migrate:reset-mysql:
599 600 601
  <<: *db-migrate-reset
  <<: *use-mysql

602 603 604 605 606 607
db:check-schema-pg:
  <<: *db-migrate-reset
  <<: *use-pg
  script:
    - source scripts/schema_changed.sh

608 609 610 611 612 613 614 615
migration:path-pg:
  <<: *migration-paths
  <<: *use-pg

migration:path-mysql:
  <<: *migration-paths
  <<: *use-mysql

616
.db-rollback: &db-rollback
617
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
618
  script:
619
    - bundle exec rake db:migrate VERSION=20170523121229
620
    - bundle exec rake db:migrate
621

622
db:rollback-pg:
623 624 625
  <<: *db-rollback
  <<: *use-pg

626
db:rollback-mysql:
627 628 629
  <<: *db-rollback
  <<: *use-mysql

630 631
gitlab:setup-pg:
  <<: *gitlab-setup
632 633
  <<: *use-pg

634 635
gitlab:setup-mysql:
  <<: *gitlab-setup
636 637
  <<: *use-mysql

638
# Frontend-related jobs
639
gitlab:assets:compile:
640
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
Stan Hu's avatar
Stan Hu committed
641
  image: dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.5.3-git-2.18-chrome-69.0-node-8.x-yarn-1.2-graphicsmagick-1.3.29-docker-18.06.1
642
  dependencies: []
643 644
  services:
    - docker:stable-dind
645 646 647 648 649
  variables:
    NODE_ENV: "production"
    RAILS_ENV: "production"
    SETUP_DB: "false"
    SKIP_STORAGE_VALIDATION: "true"
650
    WEBPACK_REPORT: "true"
651 652
    # we override the max_old_space_size to prevent OOM errors
    NODE_OPTIONS: --max_old_space_size=3584
653 654
    DOCKER_DRIVER: overlay2
    DOCKER_HOST: tcp://docker:2375
655
  script:
656
    - date
657
    - yarn install --frozen-lockfile --production --cache-folder .yarn-cache
658
    - date
659
    - free -m
660
    - bundle exec rake gitlab:assets:compile
661
    - scripts/build_assets_image
662 663 664 665
  artifacts:
    name: webpack-report
    expire_in: 31d
    paths:
666
      - webpack-report/
667
      - public/assets/
668
  only:
669 670
    - //@gitlab-org/gitlab-ce
    - //@gitlab-org/gitlab-ee
671
    - //@gitlab/gitlabhq
672
    - //@gitlab/gitlab-ee
673
  tags:
674 675
    - gitlab-org-delivery
    - high-cpu
676

677
karma:
Rémy Coutable's avatar
Rémy Coutable committed
678
  <<: *dedicated-no-docs-pull-cache-job
679
  <<: *use-pg
680 681 682
  dependencies:
    - compile-assets
    - setup-test-env
683 684 685
  variables:
    # we override the max_old_space_size to prevent OOM errors
    NODE_OPTIONS: --max_old_space_size=3584
686
  script:
687
    - export BABEL_ENV=coverage CHROME_LOG_FILE=chrome_debug.log
688
    - date
Jacob Vosmaer's avatar
Jacob Vosmaer committed
689
    - scripts/gitaly-test-spawn
690
    - date
691
    - bundle exec rake karma
692
  coverage: '/^Statements *: (\d+\.\d+%)/'
693 694 695
  artifacts:
    name: coverage-javascript
    expire_in: 31d
696
    when: always
697
    paths:
698 699
      - chrome_debug.log
      - coverage-javascript/
700 701
    reports:
      junit: junit_karma.xml
702

703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728
jest:
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
  <<: *use-pg
  dependencies:
  - compile-assets
  - setup-test-env
  script:
    - scripts/gitaly-test-spawn
    - date
    - bundle exec rake karma:fixtures
    - date
    - yarn jest --ci --coverage
  artifacts:
    name: coverage-frontend
    expire_in: 31d
    when: always
    paths:
    - coverage-frontend/
    - junit_jest.xml
    reports:
      junit: junit_jest.xml
  cache:
    key: jest
    paths:
      - tmp/jest/jest/

Shinya Maeda's avatar
Shinya Maeda committed
729
code_quality:
730
  <<: *dedicated-no-docs-no-db-pull-cache-job
731 732
  image: docker:stable
  allow_failure: true
733 734 735
  # gitlab-org runners set `privileged: false` but we need to have it set to true
  # since we're using Docker in Docker
  tags: []
736
  before_script: []
737
  services:
738
    - docker:stable-dind
739 740 741 742 743
  variables:
    SETUP_DB: "false"
    DOCKER_DRIVER: overlay2
  cache: {}
  dependencies: []
744
  script:
745 746
    # Extract "MAJOR.MINOR" from CI_SERVER_VERSION and generate "MAJOR-MINOR-stable" for Security Products
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
Shinya Maeda's avatar
Shinya Maeda committed
747 748 749 750 751
    - docker run
        --env SOURCE_CODE="$PWD"
        --volume "$PWD":/code
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
752
  artifacts:
753 754
    reports:
      codequality: gl-code-quality-report.json
755
    expire_in: 1 week
756

757
sast:
758 759
  <<: *dedicated-no-docs-no-db-pull-cache-job
  image: docker:stable
760
  variables:
761 762 763 764
    SAST_CONFIDENCE_LEVEL: 2
    DOCKER_DRIVER: overlay2
  allow_failure: true
  tags: []
765
  before_script: []
766 767 768 769
  cache: {}
  dependencies: []
  services:
    - docker:stable-dind
770
  script:
771 772 773 774 775 776
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
    - docker run
        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
        --volume "$PWD:/code"
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
777
  artifacts:
778 779
    reports:
      sast: gl-sast-report.json
780

781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800
dependency_scanning:
  <<: *dedicated-no-docs-no-db-pull-cache-job
  image: docker:stable
  variables:
    DOCKER_DRIVER: overlay2
  allow_failure: true
  tags: []
  before_script: []
  cache: {}
  dependencies: []
  services:
    - docker:stable-dind
  script:
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
    - docker run
        --env DEP_SCAN_DISABLE_REMOTE_CHECKS="${DEP_SCAN_DISABLE_REMOTE_CHECKS:-false}"
        --volume "$PWD:/code"
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$SP_VERSION" /code
  artifacts:
801 802
    reports:
      dependency_scanning: gl-dependency-scanning-report.json
803

804
qa:internal:
805
  <<: *dedicated-no-docs-no-db-pull-cache-job
806 807 808 809 810 811
  services: []
  script:
    - cd qa/
    - bundle install
    - bundle exec rspec

812
qa:selectors:
813
  <<: *dedicated-no-docs-no-db-pull-cache-job
814 815 816 817
  services: []
  script:
    - cd qa/
    - bundle install
818
    - bundle exec bin/qa Test::Sanity::Selectors
819

820 821 822 823 824 825 826 827 828 829 830 831 832 833 834
.qa-frontend-node: &qa-frontend-node
  stage: test
  variables:
    NODE_OPTIONS: --max_old_space_size=3584
  cache:
    key: "$CI_JOB_NAME"
    paths:
      - .yarn-cache/
  dependencies: []
  before_script: []
  script:
    - date
    - yarn install --frozen-lockfile --cache-folder .yarn-cache
    - date
    - yarn run webpack-prod
835
  <<: *except-docs
836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853

qa-frontend-node:6:
  <<: *qa-frontend-node
  image: node:6-alpine

qa-frontend-node:8:
  <<: *qa-frontend-node
  image: node:8-alpine

qa-frontend-node:10:
  <<: *qa-frontend-node
  image: node:10-alpine

qa-frontend-node:latest:
  <<: *qa-frontend-node
  image: node:alpine
  allow_failure: true

854
coverage:
855 856 857 858 859 860 861
  # Don't include dedicated-no-docs-no-db-pull-cache-job here since we need to
  # download artifacts from all the rspec jobs instead of from setup-test-env only
  <<: *dedicated-runner
  <<: *except-docs-and-qa
  <<: *pull-cache
  variables:
    SETUP_DB: "false"
862
  stage: post-test
863 864
  script:
    - bundle exec scripts/merge-simplecov
865
  coverage: '/LOC \((\d+\.\d+%)\) covered.$/'
866 867 868 869 870 871 872
  artifacts:
    name: coverage
    expire_in: 31d
    paths:
    - coverage/index.html
    - coverage/assets/

873
lint:javascript:report:
874
  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
875
  stage: post-test
876
  dependencies: []
877
  before_script: []
878
  script:
879
    - date
880
    - yarn run eslint-report || true # ignore exit code
881 882 883 884
  artifacts:
    name: eslint-report
    expire_in: 31d
    paths:
885
      - eslint-report.html
886 887

pages:
888
  <<: *dedicated-no-docs-no-db-pull-cache-job
889 890 891 892
  before_script: []
  stage: pages
  dependencies:
    - coverage
893 894
    - karma
    - gitlab:assets:compile
895
    - lint:javascript:report
896 897 898
  script:
    - mv public/ .public/
    - mkdir public/
899
    - mv coverage/ public/coverage-ruby/ || true
900
    - mv coverage-javascript/ public/coverage-javascript/ || true
901
    - mv eslint-report.html public/ || true
902
    - mv webpack-report/ public/webpack-report/ || true
903 904
    - cp .public/assets/application-*.css public/application.css || true
    - cp .public/assets/application-*.css.gz public/application.css.gz || true
905 906 907 908
  artifacts:
    paths:
      - public
  only:
909
    - master@gitlab-org/gitlab-ce
910
    - master@gitlab-org/gitlab-ee
911 912 913 914

# Insurance in case a gem needed by one of our releases gets yanked from
# rubygems.org in the future.
cache gems:
915
  <<: *dedicated-no-docs-no-db-pull-cache-job
916 917 918 919 920
  script:
    - bundle package --all --all-platforms
  artifacts:
    paths:
      - vendor/cache
921 922
  only:
    - master@gitlab-org/gitlab-ce
923
    - master@gitlab-org/gitlab-ee
924
    - tags
925 926

gitlab_git_test:
927
  <<: *dedicated-runner
928
  <<: *except-docs-and-qa
929 930
  variables:
    SETUP_DB: "false"
931
  before_script: []
932
  dependencies: []
933
  cache: {}
934 935
  script:
    - spec/support/prepare-gitlab-git-test-for-commit --check-for-changes
936 937 938 939 940 941 942

no_ee_check:
  <<: *dedicated-runner
  <<: *except-docs-and-qa
  variables:
    SETUP_DB: "false"
  before_script: []
943
  dependencies: []
944 945 946 947 948
  cache: {}
  script:
    - scripts/no-ee-check
  only:
    - //@gitlab-org/gitlab-ce
949

Ian Baum's avatar
Ian Baum committed
950
# GitLab Review apps
951 952
review-deploy:
  <<: *review-base
953 954
  retry: 2
  allow_failure: true
955 956
  variables:
    GIT_DEPTH: "1"
957 958
    HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
    DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
959
    GITLAB_HELM_CHART_REF: "master"
960 961 962 963 964 965 966
    API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}"
  environment:
    <<: *review-environment
    on_stop: review-stop
  before_script:
    - apk update && apk add jq
    - gem install gitlab --no-document
967 968 969 970 971
  script:
    - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
    - export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
    - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
    - source ./scripts/review_apps/review-apps.sh
972
    - wait_for_job_to_be_done "gitlab:assets:compile"
973 974 975 976 977
    - BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng
    - check_kube_domain
    - download_gitlab_chart
    - ensure_namespace
    - install_tiller
Ian Baum's avatar
Ian Baum committed
978
    - install_external_dns
979 980 981 982 983
    - time deploy
    - add_license

.review-qa-base: &review-qa-base
  <<: *review-docker
984 985
  retry: 2
  allow_failure: true
986 987 988 989 990 991 992 993 994 995 996
  variables:
    <<: *review-docker-variables
    API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}"
    QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa"
    QA_CAN_TEST_GIT_PROTOCOL_V2: "false"
    GITLAB_USERNAME: "root"
    GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
    GITLAB_ADMIN_USERNAME: "root"
    GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
    GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
    EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}"
997
    QA_DEBUG: "true"
998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020
  artifacts:
    paths:
      - ./qa/gitlab-qa-run-*
    expire_in: 7 days
    when: always
  before_script:
    - echo "${QA_IMAGE}"
    - echo "${CI_ENVIRONMENT_URL}"
    - apk update && apk add curl jq
    - source ./scripts/review_apps/review-apps.sh
    - gem install gitlab-qa --no-document ${GITLAB_QA_VERSION:+ --version ${GITLAB_QA_VERSION}}
    - wait_for_job_to_be_done "review-deploy"

review-qa-smoke:
  <<: *review-qa-base
  script:
    - gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"

review-qa-all:
  <<: *review-qa-base
  script:
    - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"
  when: manual
1021

1022 1023
review-stop:
  <<: *review-base
1024 1025 1026
  <<: *single-script-job
  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
  allow_failure: true
Ian Baum's avatar
Ian Baum committed
1027
  variables:
1028
    <<: *single-script-job-variables
Ian Baum's avatar
Ian Baum committed
1029
    SCRIPT_NAME: "review_apps/review-apps.sh"
1030 1031 1032 1033
  when: manual
  environment:
    <<: *review-environment
    action: stop
1034
  script:
Ian Baum's avatar
Ian Baum committed
1035
    - source $(basename "${SCRIPT_NAME}")
1036 1037 1038
    - delete
    - cleanup

1039 1040
schedule:review-cleanup:
  <<: *review-base
1041
  stage: build
1042 1043 1044
  allow_failure: true
  variables:
    GIT_DEPTH: "1"
1045 1046
  environment:
    name: review/auto-cleanup
1047 1048
  only:
    refs:
Ian Baum's avatar
Ian Baum committed
1049
      - schedules@gitlab-org/gitlab-ce