Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
R
RuQaD
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
caosdb
Software
FAIR Data Spaces
RuQaD
Merge requests
!6
ENH: SAST / SCA
Code
Review changes
Check out branch
Open in Workspace
Download
Patches
Plain diff
Expand sidebar
Merged
ENH: SAST / SCA
f-sast-sca
into
dev
Overview
9
Commits
7
Pipelines
6
Changes
5
1 unresolved thread
Show all comments
Merged
Daniel Hornung
requested to merge
f-sast-sca
into
dev
7 months ago
Overview
9
Commits
7
Pipelines
6
Changes
5
1 unresolved thread
Show all comments
New pipeline jobs.
New Makefile target for
requirements.txt
.
Issue: caosdb/customers/f-fit/management#23
Edited
7 months ago
by
Daniel Hornung
0
0
Merge request reports
Compare
dev
version 5
67b29bce
7 months ago
version 4
a2f7f3c9
7 months ago
version 3
f77a7d19
7 months ago
version 2
f77a7d19
7 months ago
version 1
c0c15dc0
7 months ago
dev (base)
and
latest version
latest version
3bf4227d
7 commits,
7 months ago
version 5
67b29bce
6 commits,
7 months ago
version 4
a2f7f3c9
4 commits,
7 months ago
version 3
f77a7d19
3 commits,
7 months ago
version 2
f77a7d19
30 commits,
7 months ago
version 1
c0c15dc0
31 commits,
7 months ago
5 files
+
198
−
59
Inline
Compare changes
Side-by-side
Inline
Show whitespace changes
Show one file at a time
Files
5
.gitlab-ci.yml
+
73
−
50
View file @ 3bf4227d
Edit in single-file editor
Open in Web IDE
Show comments on this file
Show full file
@@ -19,16 +19,25 @@
# along with this program. If not, see <https://www.gnu.org/licenses/>.
variables
:
CI_REGISTRY_IMAGE
:
$CI_REGISTRY/caosdb/customers/f-fit/ruqad/ruqad-demonstrator-fair-ds:$CI_COMMIT_REF_NAME
CI_REGISTRY_IMAGE
:
$CI_REGISTRY/caosdb/customers/f-fit/ruqad/ruqad-demonstrator-fair-ds:$CI_COMMIT_REF_NAME
# Taken from: https://forum.gitlab.com/t/clarification/54346
GITLAB_FEATURES
:
"
$GITLAB_FEATURES,dependency_scanning"
stages
:
-
info
-
setup
-
cert
-
style
-
code-analysis
-
test
-
deploy
# TEMPLATES ==========================================================
include
:
-
template
:
Jobs/SAST.gitlab-ci.yml
-
template
:
Jobs/Dependency-Scanning.gitlab-ci.yml
.env
:
&env
-
echo "Pipeline triggered by $TRIGGERED_BY_REPO@$TRIGGERED_BY_REF ($TRIGGERED_BY_HASH)"
-
echo "CI_REGISTRY_IMAGE = $CI_REGISTRY_IMAGE"
@@ -52,51 +61,15 @@ e2e_tests:
-
echo $KADITOKEN
-
python -m pytest end-to-end-tests/test_kadi.py
unittest_py3.9
:
tags
:
[
cached-dind
]
stage
:
test
image
:
python:3.9
script
:
&python_test_script
# TODO Remove this manual crawler installation after the crawler has been released in version 0.10.2
-
pip install --root-user-action=ignore git+https://gitlab.indiscale.com/caosdb/src/caosdb-crawler.git@dev
-
pip install .[all]
# actual test
-
pytest --cov=ruqad -vv ./unittests
unittest_py3.10
:
tags
:
[
cached-dind
]
stage
:
test
image
:
python:3.10
script
:
*python_test_script
unittest_py3.11
:
tags
:
[
cached-dind
]
stage
:
test
image
:
python:3.11
script
:
*python_test_script
unittest_py3.12
:
tags
:
[
cached-dind
]
stage
:
test
image
:
python:3.12
script
:
*python_test_script
unittest_py3.13
:
tags
:
[
cached-dind
]
stage
:
test
image
:
python:3.13
script
:
*python_test_script
build-testenv
:
tags
:
[
cached-dind
]
image
:
docker:20.10
stage
:
setup
timeout
:
2h
only
:
-
schedules
-
web
-
pushes
# rules
:
#
-
if: $CI_PIPELINE_SOURCE == "push"
#
-
if: $CI_PIPELINE_SOURCE == "schedule"
#
-
if: $CI_PIPELINE_SOURCE == "web"
needs
:
[]
script
:
-
df -h
@@ -117,21 +90,71 @@ code-style:
tags
:
[
docker
]
stage
:
style
image
:
$CI_REGISTRY_IMAGE
needs
:
-
job
:
build-testenv
optional
:
true
needs
:
[
build-testenv
]
allow_failure
:
true
script
:
-
autopep8 -r --diff --exit-code .
allow_failure
:
true
pylint
:
tags
:
[
docker
]
stage
:
style
image
:
$CI_REGISTRY_IMAGE
needs
:
-
job
:
build-testenv
optional
:
true
needs
:
[
build-testenv
]
allow_failure
:
true
script
:
-
pylint --unsafe-load-any-extension=y -d all -e E,F src/ruqad
-
pylint --unsafe-load-any-extension=y -d all -e E,F src/ruqad
# SAST/SCA: Everything else is configured in the templates. This is only necessary so that the job
# finds a matching runner and is run in the correct stage.
# SAST: Static Application Security Testing
sast
:
tags
:
[
docker
]
needs
:
[
info
]
stage
:
code-analysis
# Dependency scanning and vulnerabilities (SCA, Software Composition Analysis)
gemnasium-python-dependency_scanning
:
tags
:
[
docker
]
needs
:
[
info
]
stage
:
code-analysis
unittest_py3.9
:
tags
:
[
cached-dind
]
needs
:
[
build-testenv
]
stage
:
test
image
:
python:3.9
script
:
&python_test_script
# TODO Remove this manual crawler installation after the crawler has been released in version 0.10.2
-
pip install --root-user-action=ignore git+https://gitlab.indiscale.com/caosdb/src/caosdb-crawler.git@dev
-
pip install .[all]
# actual test
-
pytest --cov=ruqad -vv ./unittests
unittest_py3.10
:
tags
:
[
cached-dind
]
needs
:
[
build-testenv
]
stage
:
test
image
:
python:3.10
script
:
*python_test_script
unittest_py3.11
:
tags
:
[
cached-dind
]
needs
:
[
build-testenv
]
stage
:
test
image
:
python:3.11
script
:
*python_test_script
unittest_py3.12
:
tags
:
[
cached-dind
]
needs
:
[
build-testenv
]
stage
:
test
image
:
python:3.12
script
:
*python_test_script
unittest_py3.13
:
tags
:
[
cached-dind
]
needs
:
[
build-testenv
]
stage
:
test
image
:
python:3.13
script
:
*python_test_script
Loading