stages : - compile - test - check - package - release # 编译 compile : stage : compile tags : - linux-maven only : - master script: - echo "=============== 开始编译任务 ===============" - mvn clean compile -DskipTests # 集成测试 integration-test: stage : test tags : - linux-maven only : - master script : - echo "=============== 开始集成测试 ===============" - mvn test artifacts : when : always reports: junit: - cs-base/target/surefire-reports/TEST-*.xml - cs-crypto/target/surefire-reports/TEST-*.xml - cs-protocol/target/surefire-reports/TEST-*.xml - cs-database/target/surefire-reports/TEST-*.xml - cs-authentication/target/surefire-reports/TEST-*.xml - cs-restful/target/surefire-reports/TEST-*.xml - cs-integrate-test/target/surefire-reports/TEST-*.xml dependencies: - compile security-test-job: stage: test tags: - linux-maven script: - echo "do opensca scan..." - /root/.config/opensca-cli/opensca-cli -path $CI_PROJECT_DIR -token glpat-8LV_ERinz1jsKFf9prg_ -out $CI_PROJECT_DIR/results/result.html,$CI_PROJECT_DIR/results/result.dsdx.json artifacts: paths: - results/ untracked: false when: on_success expire_in: 30 days # 代码质量检查 sonarqube-check : stage : check tags : - linux-maven image : maven:3-eclipse-temurin-17 variables : SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache GIT_DEPTH : "0" # Tells git to fetch all the branches of the project, required by the analysis task cache : key : "${CI_JOB_NAME}" paths: - .sonar/cache script : - mvn verify sonar:sonar -Dsonar.exclusions=target/generated-sources/**/* allow_failure: true only : - merge_requests - master - main - develop dependencies : - integration-test # 打包 package : stage : package tags : - linux-maven only : - master script: - echo "=============== 开始打包任务 ===============" - mvn clean package -DskipTests # 发布 release_job : stage : release image : registry.gitlab.com/gitlab-org/release-cli:latest tags : - linux-maven rules : - if: $CI_COMMIT_TAG # Run this job when a tag is created script : - echo "running release_job" release: # See https://docs.gitlab.com/ee/ci/yaml/#release for available properties tag_name : '$CI_COMMIT_TAG' name : 'Release: $CI_COMMIT_TAG' description: './CHANGELOG.md'