Sha256: d266a5e142edc22813ba50906dd4ebc2a361720cd91f82c855db142f8a903750
Contents?: true
Size: 1.82 KB
Versions: 1
Compression:
Stored size: 1.82 KB
Contents
stages:
- test
- deploy
workflow:
rules:
# For merge requests, create a pipeline.
- if: '$CI_MERGE_REQUEST_IID'
# For `master` branch, create a pipeline (this includes on schedules, pushes, merges, etc.).
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
# For tags, create a pipeline.
- if: '$CI_COMMIT_TAG'
.default:
image: "ruby:${RUBY_VERSION}"
tags:
- gitlab-org
before_script:
- gem install bundler
- bundle install -j $(nproc) --path vendor
cache:
key:
files:
- Gemfile
- gitlab-dangerfiles.gemspec
paths:
- vendor/ruby
- Gemfile.lock
policy: pull
test:rspec:
extends: .default
stage: test
script:
- bundle exec rspec
# On MRs, ensure that danger works without development dependencies
- '[ -z "$CI_MERGE_REQUEST_IID" ] || BUNDLE_ONLY=default bundle exec danger dry_run'
parallel:
matrix:
- RUBY_VERSION: ['3.0', '3.1', '3.2']
test:rubocop:
extends: .default
stage: test
script:
- bundle exec rubocop -P -E .
parallel:
matrix:
- RUBY_VERSION: ['3.0', '3.1', '3.2']
include:
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
- project: 'gitlab-org/quality/pipeline-common'
file:
- '/ci/danger-review.yml'
- '/ci/gem-release.yml'
# run security jobs on MRs
# see: https://gitlab.com/gitlab-org/gitlab/-/issues/218444#note_478761991
brakeman-sast:
rules:
- if: '$CI_MERGE_REQUEST_IID'
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
gemnasium-dependency_scanning:
rules:
- if: '$CI_MERGE_REQUEST_IID'
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
secret_detection:
rules:
- if: '$CI_MERGE_REQUEST_IID'
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| gitlab-dangerfiles-4.3.2 | .gitlab-ci.yml |