Loading templates/gitlab-ci-python.yml +32 −55 Original line number Diff line number Diff line Loading @@ -13,6 +13,14 @@ # program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth # Floor, Boston, MA 02110-1301, USA. # ========================================================================================= # default workflow rules workflow: rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never - when: always variables: # variabilized tracking image TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master" Loading Loading @@ -57,7 +65,6 @@ variables: PYTHON_REPOSITORY_USERNAME: 'gitlab-ci-token' PYTHON_REPOSITORY_PASSWORD: $CI_JOB_TOKEN .python-scripts: &python-scripts | # BEGSCRIPT set -e Loading Loading @@ -572,9 +579,6 @@ py-package: paths: - $PYTHON_PROJECT_DIR/dist/* rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never - if: '$PYTHON_PACKAGE_ENABLED == "true"' py-lint: Loading Loading @@ -604,16 +608,15 @@ py-lint: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID # exclude if $PYLINT_ENABLED not set - if: '$PYLINT_ENABLED != "true"' when: never # on production branch(es): if $PYLINT_ENABLED is set - if: '$PYLINT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' # on integration branch(es): if $PYLINT_ENABLED is set - if: '$PYLINT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF' # on non-production, non-integration branches, with $PYLINT_ENABLED set: auto & non-blocking - if: '$PYLINT_ENABLED == "true"' # on non-production, non-integration branches: manual & non-blocking - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: manual allow_failure: true # else: manual & non-blocking - when: always py-compile: extends: .python-base Loading @@ -622,9 +625,6 @@ py-compile: - install_requirements - _python -m compileall $PYTHON_COMPILE_ARGS rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on any branch: only when none of supported unit test framework is enabled - if: '$UNITTEST_ENABLED != "true" && $PYTEST_ENABLED != "true" && $NOSETESTS_ENABLED != "true"' Loading Loading @@ -657,9 +657,6 @@ py-unittest: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on any branch: when $UNITTEST_ENABLED is set - if: '$UNITTEST_ENABLED == "true"' Loading @@ -684,9 +681,6 @@ py-pytest: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on any branch: when $PYTEST_ENABLED is set - if: '$PYTEST_ENABLED == "true"' Loading @@ -710,9 +704,6 @@ py-nosetests: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on any branch: when $NOSETESTS_ENABLED is set - if: '$NOSETESTS_ENABLED == "true"' Loading Loading @@ -741,17 +732,15 @@ py-bandit: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID # exclude if $BANDIT_ENABLED not set - if: '$BANDIT_ENABLED != "true"' when: never # on production branch(es): if $BANDIT_ENABLED is set - if: '$BANDIT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' # on integration branch(es): if $BANDIT_ENABLED is set - if: '$BANDIT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF' # on non-production, non-integration branches, with $BANDIT_ENABLED set: manual & non-blocking - if: '$BANDIT_ENABLED == "true"' # on non-production, non-integration branches: manual & non-blocking - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: manual allow_failure: true # else: manual & non-blocking - when: always # Safety (dependency check) py-safety: Loading Loading @@ -779,17 +768,15 @@ py-safety: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID # exclude if $SAFETY_ENABLED not set - if: '$SAFETY_ENABLED != "true"' when: never # on production branch(es): if $SAFETY_ENABLED is set - if: '$SAFETY_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' # on integration branch(es): if $SAFETY_ENABLED is set - if: '$SAFETY_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF' # on non-production, non-integration branches, with $SAFETY_ENABLED set: manual & non-blocking - if: '$SAFETY_ENABLED == "true"' # on non-production, non-integration branches: manual & non-blocking - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: manual allow_failure: true # else: manual & non-blocking - when: always # Trivy (dependency check) py-trivy: Loading Loading @@ -840,19 +827,15 @@ py-trivy: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on production branch(es): if $TRIVY_ENABLED is set # exclude if $PYTHON_TRIVY_ENABLED not set - if: '$PYTHON_TRIVY_ENABLED != "true"' when: never # on production or integration branches: auto - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF' # on non-production, non-integration branches: manual & non-blocking - if: '$PYTHON_TRIVY_ENABLED == "true"' # useless but prevents GitLab warning - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: manual allow_failure: true # else: manual & non-blocking - when: always # (manual from master branch): triggers a release (tag creation) py-release: Loading @@ -868,16 +851,10 @@ py-release: paths: - $PYTHON_PROJECT_DIR/dist/* rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # exclude if $PYTHON_RELEASE_ENABLED not set - if: '$PYTHON_RELEASE_ENABLED != "true"' when: never # exclude on non-prod, non-integ branches - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: never # else: manual - if: '$PYTHON_RELEASE_ENABLED == "true"' # useless but prevents GitLab warning # on production or integration branch: manual, non blocking - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF' when: manual allow_failure: true Loading
templates/gitlab-ci-python.yml +32 −55 Original line number Diff line number Diff line Loading @@ -13,6 +13,14 @@ # program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth # Floor, Boston, MA 02110-1301, USA. # ========================================================================================= # default workflow rules workflow: rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never - when: always variables: # variabilized tracking image TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master" Loading Loading @@ -57,7 +65,6 @@ variables: PYTHON_REPOSITORY_USERNAME: 'gitlab-ci-token' PYTHON_REPOSITORY_PASSWORD: $CI_JOB_TOKEN .python-scripts: &python-scripts | # BEGSCRIPT set -e Loading Loading @@ -572,9 +579,6 @@ py-package: paths: - $PYTHON_PROJECT_DIR/dist/* rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never - if: '$PYTHON_PACKAGE_ENABLED == "true"' py-lint: Loading Loading @@ -604,16 +608,15 @@ py-lint: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID # exclude if $PYLINT_ENABLED not set - if: '$PYLINT_ENABLED != "true"' when: never # on production branch(es): if $PYLINT_ENABLED is set - if: '$PYLINT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' # on integration branch(es): if $PYLINT_ENABLED is set - if: '$PYLINT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF' # on non-production, non-integration branches, with $PYLINT_ENABLED set: auto & non-blocking - if: '$PYLINT_ENABLED == "true"' # on non-production, non-integration branches: manual & non-blocking - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: manual allow_failure: true # else: manual & non-blocking - when: always py-compile: extends: .python-base Loading @@ -622,9 +625,6 @@ py-compile: - install_requirements - _python -m compileall $PYTHON_COMPILE_ARGS rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on any branch: only when none of supported unit test framework is enabled - if: '$UNITTEST_ENABLED != "true" && $PYTEST_ENABLED != "true" && $NOSETESTS_ENABLED != "true"' Loading Loading @@ -657,9 +657,6 @@ py-unittest: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on any branch: when $UNITTEST_ENABLED is set - if: '$UNITTEST_ENABLED == "true"' Loading @@ -684,9 +681,6 @@ py-pytest: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on any branch: when $PYTEST_ENABLED is set - if: '$PYTEST_ENABLED == "true"' Loading @@ -710,9 +704,6 @@ py-nosetests: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on any branch: when $NOSETESTS_ENABLED is set - if: '$NOSETESTS_ENABLED == "true"' Loading Loading @@ -741,17 +732,15 @@ py-bandit: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID # exclude if $BANDIT_ENABLED not set - if: '$BANDIT_ENABLED != "true"' when: never # on production branch(es): if $BANDIT_ENABLED is set - if: '$BANDIT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' # on integration branch(es): if $BANDIT_ENABLED is set - if: '$BANDIT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF' # on non-production, non-integration branches, with $BANDIT_ENABLED set: manual & non-blocking - if: '$BANDIT_ENABLED == "true"' # on non-production, non-integration branches: manual & non-blocking - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: manual allow_failure: true # else: manual & non-blocking - when: always # Safety (dependency check) py-safety: Loading Loading @@ -779,17 +768,15 @@ py-safety: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID # exclude if $SAFETY_ENABLED not set - if: '$SAFETY_ENABLED != "true"' when: never # on production branch(es): if $SAFETY_ENABLED is set - if: '$SAFETY_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' # on integration branch(es): if $SAFETY_ENABLED is set - if: '$SAFETY_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF' # on non-production, non-integration branches, with $SAFETY_ENABLED set: manual & non-blocking - if: '$SAFETY_ENABLED == "true"' # on non-production, non-integration branches: manual & non-blocking - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: manual allow_failure: true # else: manual & non-blocking - when: always # Trivy (dependency check) py-trivy: Loading Loading @@ -840,19 +827,15 @@ py-trivy: paths: - $PYTHON_PROJECT_DIR/reports/ rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # on production branch(es): if $TRIVY_ENABLED is set # exclude if $PYTHON_TRIVY_ENABLED not set - if: '$PYTHON_TRIVY_ENABLED != "true"' when: never # on production or integration branches: auto - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF' # on non-production, non-integration branches: manual & non-blocking - if: '$PYTHON_TRIVY_ENABLED == "true"' # useless but prevents GitLab warning - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: manual allow_failure: true # else: manual & non-blocking - when: always # (manual from master branch): triggers a release (tag creation) py-release: Loading @@ -868,16 +851,10 @@ py-release: paths: - $PYTHON_PROJECT_DIR/dist/* rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never # exclude if $PYTHON_RELEASE_ENABLED not set - if: '$PYTHON_RELEASE_ENABLED != "true"' when: never # exclude on non-prod, non-integ branches - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' when: never # else: manual - if: '$PYTHON_RELEASE_ENABLED == "true"' # useless but prevents GitLab warning # on production or integration branch: manual, non blocking - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF' when: manual allow_failure: true
