Pipeline Template
Linting
Python (ruff)
lint:
stage: lint
image: python:3.11-slim
rules:
- if: '$LINT_ENABLED == "true"'
script:
- pip install ruff
- ruff check .
- ruff format --check .
PHP (phpstan + php-cs-fixer)
lint:
stage: lint
image: php:8.2-cli
rules:
- if: '$LINT_ENABLED == "true"'
script:
- composer install
- vendor/bin/phpstan analyse
- vendor/bin/php-cs-fixer fix --dry-run --diff
Testing
Python (pytest)
test:
stage: test
image: python:3.11-slim
rules:
- if: '$TEST_ENABLED == "true"'
script:
- pip install -r requirements.txt
- pytest --cov --cov-report=term-missing
coverage: '/TOTAL.+ ([0-9]{1,3}%)/'
Ruby (rspec)
test:
stage: test
image: ruby:3.2
rules:
- if: '$TEST_ENABLED == "true"'
script:
- bundle install
- bundle exec rspec
Docker Build
build:
stage: build
image: docker:24
services:
- docker:24-dind
variables:
DOCKER_TLS_CERTDIR: ""
DOCKER_HOST: tcp://docker:2375
script:
- docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG .
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
- |
if [ "$CI_COMMIT_BRANCH" = "$CI_DEFAULT_BRANCH" ]; then
docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG $CI_REGISTRY_IMAGE:latest
docker push $CI_REGISTRY_IMAGE:latest
fi
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
Container Scanning
scan:
stage: scan
rules:
- if: '$SCAN_ENABLED == "true"'
include:
- template: Jobs/Container-Scanning.gitlab-ci.yml
Notifications
notify_success:
stage: notify
when: on_success
script:
- |
curl -X POST "$SLACK_WEBHOOK" \
-H "Content-Type: application/json" \
-d "{\"text\": \"Pipeline succeeded for $CI_PROJECT_NAME ($CI_COMMIT_REF_NAME)\"}"
notify_failure:
stage: notify
when: on_failure
script:
- |
curl -X POST "$SLACK_WEBHOOK" \
-H "Content-Type: application/json" \
-d "{\"text\": \"Pipeline FAILED for $CI_PROJECT_NAME ($CI_COMMIT_REF_NAME)\"}"