-
Notifications
You must be signed in to change notification settings - Fork 60
/
Copy path.gitlab-ci.yml
76 lines (70 loc) · 2.03 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
include:
- local: 'ui/packages/ce/.gitlab-ci.yml'
.ui_checks: &ui_checks
rules:
- if: $CI_COMMIT_TAG =~ /^ui\/[0-9.]+$/
- if: $CI_COMMIT_TAG =~ /^v[a-zA-Z0-9_.-]*/
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
.ui_cache: &ui_cache
image: node:21.1.0-alpine
cache: &cache
key: "$CI_COMMIT_REF_SLUG"
paths:
- cache/Cypress
- .pnpm-store
policy: pull
check-code-style:
<<: *ui_checks
<<: *ui_cache
stage: test
before_script:
- corepack enable
- corepack prepare [email protected] --activate
- export PNPM_HOME=/usr/local/bin
- pnpm config set store-dir /builds/postgres-ai/database-lab/.pnpm-store/
script:
- pnpm --dir ui/ i
- pnpm --dir ui/ --filter @postgres.ai/ce lint
interruptible: true
cache:
<<: *cache
policy: push
semgrep-sast:
stage: test
image: returntocorp/semgrep
<<: *ui_checks
<<: *ui_cache
variables:
# See more at semgrep.dev/explore.
SEMGREP_RULES: >-
p/security-audit
p/secrets
p/default
p/owasp-top-ten
p/javascript
p/react
# Upload findings to GitLab SAST Dashboard:
SEMGREP_GITLAB_JSON: "1"
script: semgrep ci --gitlab-sast > gl-sast-report.json || true
artifacts:
reports:
sast: gl-sast-report.json
e2e-ce-ui-test:
<<: *ui_checks
image: node:21.1.0
stage: integration-test
variables:
CYPRESS_CACHE_FOLDER: '$CI_PROJECT_DIR/cache/Cypress'
before_script:
- apt update
- apt install -y curl libgtk2.0-0 libgtk-3-0 libgbm-dev libnotify-dev libgconf-2-4 libnss3 libxss1 libasound2 libxtst6 xauth xvfb
- npm install -g wait-on
- npm install -g pnpm
# TODO: Set up caching.
# - pnpm config set store-dir /builds/postgres-ai/database-lab/.pnpm-store/
script:
- pnpm --dir ui/ i --no-frozen-lockfile
- pnpm --dir ui/ --filter @postgres.ai/ce exec cypress install
- pnpm --dir ui/ --filter @postgres.ai/ce start & wait-on http://localhost:3001
- pnpm --dir ui/ --filter @postgres.ai/ce cy:run