-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
134 lines (109 loc) · 2.55 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
include:
- template: Security/SAST.gitlab-ci.yml
stages:
- lint
- tests
- dist
- deploy
variables:
DEBIAN_FRONTEND: noninteractive
SAST_DEFAULT_ANALYZERS: bandit
PASS_VERSION: 1.7.3
# Dependencies definitions
# ------------------------
.script: &script
script:
- mkdir -p ~/.local/share/keyrings/
- cp tests/assets/db/gnome-keyring.keyring ~/.local/share/keyrings/pass-import.keyring
- pip3 install --upgrade green coverage defusedxml pyaml cryptography pykeepass secretstorage file-magic
- make
- dbus-run-session -- make tests
- make install
- cd ~
- pass import --help
.tests: &tests
stage: tests
before_script:
- apt-get update -q && apt-get install -y make pass python3-pip grep dbus gnome-keyring
<<: *script
.distribution: &distribution
stage: dist
<<: *script
only:
- tags
- web
# Jobs definitions
# ----------------
# Code Linter
shellcheck:
stage: lint
image: koalaman/shellcheck-alpine
script:
- shellcheck --shell=bash scripts/*
prospector:
stage: lint
image: python:latest
allow_failure: True
before_script:
- pip install prospector[with_everything] defusedxml dominate
script:
- make lint
sast:
stage: lint
# Code tests
python 3.8:
image: python:3.8
coverage: '/\d+\%\s*$/'
artifacts:
expire_in: 2 days
paths:
- htmlcov/
<<: *tests
python 3.7:
image: python:3.7
<<: *tests
python 3.6:
image: python:3.6
<<: *tests
# Distribution tests
archlinux:
image: archlinux/base
before_script:
- pacman -Syu --noconfirm --noprogressbar which grep make python-pip pass
dbus gnome-keyring file
<<: *distribution
ubuntu:
image: ubuntu
before_script:
- apt-get update -q && apt-get install -y make pass python3-pip grep dbus
gnome-keyring
<<: *distribution
debian:
image: debian
before_script:
- apt-get update -q && apt-get install -y make pass python3-pip grep wget
dbus gnome-keyring
- wget https://git.zx2c4.com/password-store/snapshot/password-store-$PASS_VERSION.tar.xz
- tar -xf password-store-$PASS_VERSION.tar.xz
- make --directory=password-store-$PASS_VERSION install
<<: *distribution
fedora:
image: fedora
before_script:
- dnf -y install make gpg pass python3-pip grep which dbus dbus-daemon
gnome-keyring --setopt=install_weak_deps=False
<<: *distribution
# Code coverage deployment
pages:
stage: deploy
dependencies:
- python 3.8
script:
- mv htmlcov/ public/
artifacts:
expire_in: 1 day
paths:
- public
only:
- master