107 lines
2.7 KiB
YAML
107 lines
2.7 KiB
YAML
stages :
|
|
- scan
|
|
- compile
|
|
- test
|
|
- check
|
|
- package
|
|
- release
|
|
|
|
# 安全扫描
|
|
security-scan:
|
|
stage: scan
|
|
tags:
|
|
- linux-maven
|
|
script:
|
|
- echo "=============== 开始安全扫描任务 ==============="
|
|
- $OPENSCA_CLI -path $CI_PROJECT_DIR -token $OPENSCA_TOKEN -proj "" -out $CI_PROJECT_DIR/results/result.html,$CI_PROJECT_DIR/results/result.dsdx.json
|
|
artifacts:
|
|
paths:
|
|
- results/
|
|
untracked: false
|
|
when: on_success
|
|
expire_in: 30 days
|
|
|
|
# 编译
|
|
compile :
|
|
stage : compile
|
|
tags :
|
|
- linux-maven
|
|
only :
|
|
- master
|
|
script:
|
|
- echo "=============== 开始编译任务 ==============="
|
|
- mvn clean compile -DskipTests
|
|
|
|
# 集成测试
|
|
integration-test:
|
|
stage : test
|
|
tags :
|
|
- linux-maven
|
|
only :
|
|
- master
|
|
script :
|
|
- echo "=============== 开始集成测试 ==============="
|
|
- mvn test
|
|
artifacts :
|
|
when : always
|
|
reports:
|
|
junit:
|
|
- cs-base/target/surefire-reports/TEST-*.xml
|
|
- cs-crypto/target/surefire-reports/TEST-*.xml
|
|
- cs-protocol/target/surefire-reports/TEST-*.xml
|
|
- cs-database/target/surefire-reports/TEST-*.xml
|
|
- cs-authentication/target/surefire-reports/TEST-*.xml
|
|
- cs-restful/target/surefire-reports/TEST-*.xml
|
|
- cs-integrate-test/target/surefire-reports/TEST-*.xml
|
|
dependencies:
|
|
- compile
|
|
|
|
# 代码质量检查
|
|
sonarqube-check :
|
|
stage : check
|
|
tags :
|
|
- linux-maven
|
|
image : maven:3-eclipse-temurin-17
|
|
variables :
|
|
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
|
|
GIT_DEPTH : "0" # Tells git to fetch all the branches of the project, required by the analysis task
|
|
cache :
|
|
key : "${CI_JOB_NAME}"
|
|
paths:
|
|
- .sonar/cache
|
|
script :
|
|
- mvn verify sonar:sonar -Dsonar.exclusions=target/generated-sources/**/*
|
|
allow_failure: true
|
|
only :
|
|
- merge_requests
|
|
- master
|
|
- main
|
|
- develop
|
|
dependencies :
|
|
- integration-test
|
|
|
|
# 打包
|
|
package :
|
|
stage : package
|
|
tags :
|
|
- linux-maven
|
|
only :
|
|
- master
|
|
script:
|
|
- echo "=============== 开始打包任务 ==============="
|
|
- mvn clean package -DskipTests
|
|
|
|
# 发布
|
|
release_job :
|
|
stage : release
|
|
image : registry.gitlab.com/gitlab-org/release-cli:latest
|
|
tags :
|
|
- linux-maven
|
|
rules :
|
|
- if: $CI_COMMIT_TAG # Run this job when a tag is created
|
|
script :
|
|
- echo "running release_job"
|
|
release: # See https://docs.gitlab.com/ee/ci/yaml/#release for available properties
|
|
tag_name : '$CI_COMMIT_TAG'
|
|
name : 'Release: $CI_COMMIT_TAG'
|
|
description: './CHANGELOG.md' |