-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy path.gitlab-ci.yml
87 lines (79 loc) · 2.55 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
---
stages:
- diff
- lint
- test
- build
- deploy
- helm
lint:markdown:
stage: lint
image: registry.obmondo.com/obmondo/dockerfiles/markdownlint:latest
script:
- markdownlint --config .markdownlint --ignore 'argocd-helm-charts/*/*/**' --ignore 'build/vendor/**' --ignore 'build/kube-prometheus/**' .
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
lint_sh:
stage: lint
image: registry.obmondo.com/obmondo/dockerfiles/shlint:latest
script:
- 'find . -not -path ./argocd-helm-charts/\* -a -not -path ./build/kube-prometheus/libraries/\* -a -not -path ./build/vendor/\* -name \*.sh -o -name \*.bash | xargs shellcheck'
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
lint_yamllint:
stage: lint
image: registry.obmondo.com/obmondo/dockerfiles/yamllint:latest
script:
- yamllint --strict --config-file .yamllint .
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
lint:jsonnetfmt:
stage: lint
image:
name: bitnami/jsonnet:latest
entrypoint: ['']
script:
- './bin/lint-jsonnetfmt.sh'
rules:
- if: '$CI_PIPELINE_SOURCE == "web" || $CI_PIPELINE_SOURCE == "merge_request_event"'
helm:check_diff:
stage: diff
image:
name: registry.obmondo.com/obmondo/dockerfiles/kubernetes-build:latest
script:
- helm version
- "./bin/helm-diff.sh"
rules:
# MRs and started through UI, except if last commit starts with ":no-diff"
- if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_COMMIT_MESSAGE !~ /^:no-diff/ || $CI_PIPELINE_SOURCE == "web" && $CI_COMMIT_MESSAGE !~ /^:no-diff/'
changes:
- "argocd-helm-charts/**/*"
opa:gatekeeper:test_policy:
stage: test
image: alpine
script:
- wget https://github.com/open-policy-agent/opa/releases/download/v0.43.0/opa_linux_amd64_static -O /usr/local/bin/opa
- chmod +x /usr/local/bin/opa
- opa test ./argocd-helm-charts/gatekeeper/policies -v
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
git:push:
stage: deploy
image:
name: registry.obmondo.com/obmondo/dockerfiles/kubernetes-build:latest
script:
- ./bin/gitlab-build-and-create-mr.sh
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
changes:
- "build/**/*"
git:helm_update:
stage: helm
rules:
- if: '$CI_PIPELINE_SOURCE == "schedule"'
image:
name: registry.obmondo.com/obmondo/dockerfiles/helm:latest
entrypoint: [""]
script:
# argocd is pinned to specific version on purpose
- ./bin/helm-repo-update.sh --update-all --merge-request --gitlab-ci --skip-charts argo-cd