Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
abeda2ed
Commit
abeda2ed
authored
Apr 29, 2020
by
Lucas Charles
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Migrate Container-Scanning CI template to rules syntax
See
https://gitlab.com/gitlab-org/gitlab/-/issues/36541
parent
ad3904e5
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
62 additions
and
8 deletions
+62
-8
changelogs/unreleased/e2300-cs-template.yml
changelogs/unreleased/e2300-cs-template.yml
+5
-0
ee/spec/lib/gitlab/ci/templates/container_scanning_gitlab_ci_yaml_spec.rb
...ab/ci/templates/container_scanning_gitlab_ci_yaml_spec.rb
+52
-0
lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
...ab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
+5
-8
No files found.
changelogs/unreleased/e2300-cs-template.yml
0 → 100644
View file @
abeda2ed
---
title
:
Migrate Container-Scanning template to rules syntax
merge_request
:
30775
author
:
type
:
changed
ee/spec/lib/gitlab/ci/templates/container_scanning_gitlab_ci_yaml_spec.rb
0 → 100644
View file @
abeda2ed
# frozen_string_literal: true
require
'spec_helper'
describe
'Container-Scanning.gitlab-ci.yml'
do
subject
(
:template
)
{
Gitlab
::
Template
::
GitlabCiYmlTemplate
.
find
(
'Container-Scanning'
)
}
describe
'the created pipeline'
do
let
(
:user
)
{
create
(
:admin
)
}
let
(
:default_branch
)
{
'master'
}
let
(
:project
)
{
create
(
:project
,
:custom_repo
,
files:
{
'README.txt'
=>
''
})
}
let
(
:service
)
{
Ci
::
CreatePipelineService
.
new
(
project
,
user
,
ref:
'master'
)
}
let
(
:pipeline
)
{
service
.
execute!
(
:push
)
}
let
(
:build_names
)
{
pipeline
.
builds
.
pluck
(
:name
)
}
before
do
stub_ci_pipeline_yaml_file
(
template
.
content
)
allow_any_instance_of
(
Ci
::
BuildScheduleWorker
).
to
receive
(
:perform
).
and_return
(
true
)
allow
(
project
).
to
receive
(
:default_branch
).
and_return
(
default_branch
)
end
context
'when project has no license'
do
it
'includes no jobs'
do
expect
{
pipeline
}.
to
raise_error
(
Ci
::
CreatePipelineService
::
CreateError
)
end
end
context
'when project has Ultimate license'
do
let
(
:license
)
{
create
(
:license
,
plan:
License
::
ULTIMATE_PLAN
)
}
before
do
allow
(
License
).
to
receive
(
:current
).
and_return
(
license
)
end
context
'by default'
do
it
'includes job'
do
expect
(
build_names
).
to
match_array
(
%w[container_scanning]
)
end
end
context
'when CONTAINER_SCANNING_DISABLED=1'
do
before
do
create
(
:ci_variable
,
project:
project
,
key:
'CONTAINER_SCANNING_DISABLED'
,
value:
'1'
)
end
it
'includes no jobs'
do
expect
{
pipeline
}.
to
raise_error
(
Ci
::
CreatePipelineService
::
CreateError
)
end
end
end
end
end
lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
View file @
abeda2ed
...
@@ -25,11 +25,8 @@ container_scanning:
...
@@ -25,11 +25,8 @@ container_scanning:
reports
:
reports
:
container_scanning
:
gl-container-scanning-report.json
container_scanning
:
gl-container-scanning-report.json
dependencies
:
[]
dependencies
:
[]
only
:
rules
:
refs
:
-
if
:
$CONTAINER_SCANNING_DISABLED
-
branches
when
:
never
variables
:
-
if
:
$CI_COMMIT_BRANCH &&
-
$GITLAB_FEATURES =~ /\bcontainer_scanning\b/
$GITLAB_FEATURES =~ /\bcontainer_scanning\b/
except
:
variables
:
-
$CONTAINER_SCANNING_DISABLED
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment