forked from NVIDIA/NeMo-Guardrails
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
90 lines (79 loc) · 2.35 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
stages:
- tests
- build
- docker-test
sast:
stage: tests
include:
- template: Security/SAST.gitlab-ci.yml
variables:
PIP_CACHE_DIR: "${CI_PROJECT_DIR}/.cache/pip"
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG
LATEST_TAG: $CI_REGISTRY_IMAGE:latest
cache:
key: "${CI_JOB_NAME}"
paths:
- .cache/pip
- .venv
# Jobs templates
.install-deps-template: &install-deps
before_script:
- pip install poetry
- poetry --version
- poetry config virtualenvs.in-project true
- poetry install --extras all --with dev
.test-template: &test
<<: *install-deps
stage: tests
coverage: /(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/
script: make test
# Tests jobs
python3.9:
<<: *test
image: python:3.9
python3.10:
<<: *test
image: python:3.10
python3.11:
<<: *test
image: python:3.11
# Build job
build:
stage: build
image: docker:19.03.12
services:
- docker:19.03.12-dind
variables:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "/certs"
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- docker build -t $IMAGE_TAG -f ./qa/Dockerfile.qa .
- docker push $IMAGE_TAG
only:
- tags
tags:
- gitlab-runner-bignlp-api
# Docker test job
docker-test:
stage: docker-test
image: docker:19.03.12
services:
- docker:19.03.12-dind
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- docker pull $IMAGE_TAG
- docker run --rm $IMAGE_TAG pytest || (docker rmi $IMAGE_TAG && exit 1)
only:
- tags
tags:
- gitlab-runner-bignlp-api