Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
f09f14e0
Commit
f09f14e0
authored
Oct 14, 2021
by
Albert Salim
Committed by
Lin Jen-Shin
Oct 14, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use child pipeline for review apps
parent
4ee03181
Changes
8
Show whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
263 additions
and
227 deletions
+263
-227
.gitlab-ci.yml
.gitlab-ci.yml
+0
-2
.gitlab/ci/review-apps/dast.gitlab-ci.yml
.gitlab/ci/review-apps/dast.gitlab-ci.yml
+0
-0
.gitlab/ci/review-apps/main.gitlab-ci.yml
.gitlab/ci/review-apps/main.gitlab-ci.yml
+106
-0
.gitlab/ci/review-apps/qa.gitlab-ci.yml
.gitlab/ci/review-apps/qa.gitlab-ci.yml
+126
-0
.gitlab/ci/review.gitlab-ci.yml
.gitlab/ci/review.gitlab-ci.yml
+10
-220
.gitlab/ci/rules.gitlab-ci.yml
.gitlab/ci/rules.gitlab-ci.yml
+18
-1
doc/development/testing_guide/img/review-app-parent-pipeline.png
...elopment/testing_guide/img/review-app-parent-pipeline.png
+0
-0
doc/development/testing_guide/review_apps.md
doc/development/testing_guide/review_apps.md
+3
-4
No files found.
.gitlab-ci.yml
View file @
f09f14e0
...
...
@@ -5,9 +5,7 @@ stages:
-
fixtures
-
test
-
post-test
-
review-prepare
-
review
-
dast
-
qa
-
post-qa
-
pages
...
...
.gitlab/ci/dast.gitlab-ci.yml
→
.gitlab/ci/
review-apps/
dast.gitlab-ci.yml
View file @
f09f14e0
File moved
.gitlab/ci/review-apps/main.gitlab-ci.yml
0 → 100644
View file @
f09f14e0
stages
:
-
prepare
-
deploy
-
qa
-
post-qa
-
dast
include
:
-
local
:
.gitlab/ci/global.gitlab-ci.yml
-
local
:
.gitlab/ci/rules.gitlab-ci.yml
-
local
:
.gitlab/ci/review-apps/qa.gitlab-ci.yml
-
local
:
.gitlab/ci/review-apps/dast.gitlab-ci.yml
.base-before_script
:
&base-before_script
-
source ./scripts/utils.sh
-
source ./scripts/review_apps/review-apps.sh
-
install_api_client_dependencies_with_apk
review-build-cng
:
extends
:
-
.default-retry
-
.review:rules:review-build-cng
image
:
${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine3.13
stage
:
prepare
variables
:
CNG_PROJECT_ACCESS_TOKEN
:
"
${CNG_MIRROR_PROJECT_ACCESS_TOKEN}"
# "Multi-pipeline (from 'gitlab-org/gitlab' 'review-build-cng' job)" at https://gitlab.com/gitlab-org/build/CNG-mirror/-/settings/access_tokens
CNG_PROJECT_PATH
:
"
gitlab-org/build/CNG-mirror"
before_script
:
-
source ./scripts/utils.sh
-
install_gitlab_gem
script
:
-
./scripts/trigger-build cng
.review-workflow-base
:
extends
:
-
.default-retry
image
:
registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-helm3.5-kubectl1.17
variables
:
HOST_SUFFIX
:
"
${CI_ENVIRONMENT_SLUG}"
DOMAIN
:
"
-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
GITLAB_HELM_CHART_REF
:
"
v5.2.1"
environment
:
name
:
review/${CI_COMMIT_REF_SLUG}${FREQUENCY}
url
:
https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
on_stop
:
review-stop
auto_stop_in
:
48 hours
review-deploy
:
extends
:
-
.review-workflow-base
-
.review:rules:review-deploy
stage
:
deploy
needs
:
[
"
review-build-cng"
]
resource_group
:
"
review/${CI_COMMIT_REF_NAME}"
before_script
:
-
export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
-
export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
-
export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
-
echo "${CI_ENVIRONMENT_URL}" > environment_url.txt
-
*base-before_script
script
:
-
check_kube_domain
-
download_chart
-
date
-
deploy || (display_deployment_debug && exit 1)
-
verify_deploy || exit
1
-
disable_sign_ups || (delete_release && exit 1)
after_script
:
# Run seed-dast-test-data.sh only when DAST_RUN is set to true. This is to pupulate review app with data for DAST scan.
# Set DAST_RUN to true when jobs are manually scheduled.
-
if [ "$DAST_RUN" == "true" ]; then source scripts/review_apps/seed-dast-test-data.sh; TRACE=1 trigger_proj_user_creation; fi
artifacts
:
paths
:
-
environment_url.txt
-
curl_output.txt
expire_in
:
7 days
when
:
always
.review-stop-base
:
extends
:
.review-workflow-base
environment
:
action
:
stop
dependencies
:
[]
variables
:
# We're cloning the repo instead of downloading the script for now
# because some repos are private and CI_JOB_TOKEN cannot access files.
# See https://gitlab.com/gitlab-org/gitlab/issues/191273
GIT_DEPTH
:
1
before_script
:
-
*base-before_script
review-delete-deployment
:
extends
:
-
.review-stop-base
-
.review:rules:review-delete-deployment
stage
:
prepare
script
:
-
delete_release
review-stop
:
extends
:
-
.review-stop-base
-
.review:rules:review-stop
stage
:
post-qa
script
:
-
delete_k8s_release_namespace
.gitlab/ci/review-apps/qa.gitlab-ci.yml
0 → 100644
View file @
f09f14e0
.review-qa-base
:
extends
:
-
.use-docker-in-docker
image
:
name
:
${QA_IMAGE}
entrypoint
:
[
"
"
]
stage
:
qa
needs
:
[
"
review-deploy"
]
variables
:
QA_DEBUG
:
"
true"
QA_CAN_TEST_GIT_PROTOCOL_V2
:
"
false"
QA_GENERATE_ALLURE_REPORT
:
"
true"
GITLAB_USERNAME
:
"
root"
GITLAB_PASSWORD
:
"
${REVIEW_APPS_ROOT_PASSWORD}"
GITLAB_ADMIN_USERNAME
:
"
root"
GITLAB_ADMIN_PASSWORD
:
"
${REVIEW_APPS_ROOT_PASSWORD}"
GITHUB_ACCESS_TOKEN
:
"
${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
EE_LICENSE
:
"
${REVIEW_APPS_EE_LICENSE}"
SIGNUP_DISABLED
:
"
true"
before_script
:
# Use $CI_MERGE_REQUEST_SOURCE_BRANCH_SHA so that GitLab image built in omnibus-gitlab-mirror and QA image are in sync.
-
if [ -n "$CI_MERGE_REQUEST_SOURCE_BRANCH_SHA" ]; then
git checkout -f ${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA};
fi
-
export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
-
echo "${CI_ENVIRONMENT_URL}"
-
cd qa
artifacts
:
paths
:
-
qa/tmp
expire_in
:
7 days
when
:
always
.allure-report-base
:
image
:
name
:
${GITLAB_DEPENDENCY_PROXY}andrcuns/allure-report-publisher:0.3.4
entrypoint
:
[
"
"
]
stage
:
post-qa
variables
:
GIT_STRATEGY
:
none
STORAGE_CREDENTIALS
:
$QA_ALLURE_REPORT_GCS_CREDENTIALS
GITLAB_AUTH_TOKEN
:
$GITLAB_QA_MR_ALLURE_REPORT_TOKEN
allow_failure
:
true
script
:
-
|
allure-report-publisher upload gcs \
--results-glob="qa/tmp/allure-results/*" \
--bucket="gitlab-qa-allure-reports" \
--prefix="$ALLURE_REPORT_PATH_PREFIX/$CI_COMMIT_REF_SLUG" \
--update-pr="comment" \
--copy-latest \
--ignore-missing-results \
--color
review-qa-smoke
:
extends
:
-
.review-qa-base
-
.review:rules:review-qa-smoke
retry
:
1
# This is confusing but this means "2 runs at max".
variables
:
QA_RUN_TYPE
:
review-qa-smoke
script
:
-
bin/test Test::Instance::Smoke "${CI_ENVIRONMENT_URL}"
review-qa-all
:
extends
:
-
.review-qa-base
-
.review:rules:review-qa-all
variables
:
QA_RUN_TYPE
:
review-qa-all
parallel
:
5
script
:
-
export KNAPSACK_REPORT_PATH=knapsack/master_report.json
-
export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb
-
|
bin/test Test::Instance::All "${CI_ENVIRONMENT_URL}" \
-- \
--color --format documentation \
--format RspecJunitFormatter --out tmp/rspec.xml
artifacts
:
reports
:
junit
:
qa/tmp/rspec.xml
review-performance
:
extends
:
-
.default-retry
-
.review:rules:review-performance
image
:
name
:
sitespeedio/sitespeed.io
entrypoint
:
[
"
"
]
stage
:
qa
needs
:
[
"
review-deploy"
]
before_script
:
-
export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
-
echo "${CI_ENVIRONMENT_URL}"
-
mkdir -p gitlab-exporter
-
wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
-
mkdir -p sitespeed-results
script
:
-
/start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}"
after_script
:
-
mv sitespeed-results/data/performance.json performance.json
artifacts
:
paths
:
-
sitespeed-results/
reports
:
performance
:
performance.json
expire_in
:
31d
allure-report-qa-smoke
:
extends
:
-
.allure-report-base
-
.review:rules:review-qa-smoke-report
needs
:
[
"
review-qa-smoke"
]
variables
:
ALLURE_REPORT_PATH_PREFIX
:
gitlab-review-smoke
ALLURE_JOB_NAME
:
review-qa-smoke
allure-report-qa-all
:
extends
:
-
.allure-report-base
-
.review:rules:review-qa-all-report
needs
:
[
"
review-qa-all"
]
variables
:
ALLURE_REPORT_PATH_PREFIX
:
gitlab-review-all
ALLURE_JOB_NAME
:
review-qa-all
.gitlab/ci/review.gitlab-ci.yml
View file @
f09f14e0
...
...
@@ -16,229 +16,19 @@ review-cleanup:
-
ruby -rrubygems scripts/review_apps/automated_cleanup.rb
-
gcp_cleanup
.base-before_script
:
&base-before_script
-
source ./scripts/utils.sh
-
source ./scripts/review_apps/review-apps.sh
-
install_api_client_dependencies_with_apk
review-build-cng
:
start-review-app-pipeline
:
extends
:
-
.default-retry
-
.review:rules:review-build-cng
image
:
${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine3.13
stage
:
review-prepare
-
.review:rules:review-app-pipeline
stage
:
review
needs
:
-
job
:
compile-production-assets
-
job
:
build-assets-image
artifacts
:
false
variables
:
CNG_PROJECT_ACCESS_TOKEN
:
"
${CNG_MIRROR_PROJECT_ACCESS_TOKEN}"
# "Multi-pipeline (from 'gitlab-org/gitlab' 'review-build-cng' job)" at https://gitlab.com/gitlab-org/build/CNG-mirror/-/settings/access_tokens
CNG_PROJECT_PATH
:
"
gitlab-org/build/CNG-mirror"
before_script
:
-
source ./scripts/utils.sh
-
install_gitlab_gem
script
:
-
./scripts/trigger-build cng
.review-workflow-base
:
extends
:
-
.default-retry
image
:
registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-helm3.5-kubectl1.17
variables
:
HOST_SUFFIX
:
"
${CI_ENVIRONMENT_SLUG}"
DOMAIN
:
"
-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
GITLAB_HELM_CHART_REF
:
"
v5.2.1"
environment
:
name
:
review/${CI_COMMIT_REF_SLUG}${FREQUENCY}
url
:
https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
on_stop
:
review-stop
auto_stop_in
:
48 hours
review-deploy
:
extends
:
-
.review-workflow-base
-
.review:rules:review-deploy
stage
:
review
needs
:
[
"
review-build-cng"
]
resource_group
:
"
review/${CI_COMMIT_REF_NAME}"
before_script
:
-
export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
-
export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
-
export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
-
echo "${CI_ENVIRONMENT_URL}" > environment_url.txt
-
*base-before_script
script
:
-
check_kube_domain
-
download_chart
-
date
-
deploy || (display_deployment_debug && exit 1)
-
verify_deploy || exit
1
-
disable_sign_ups || (delete_release && exit 1)
after_script
:
# Run seed-dast-test-data.sh only when DAST_RUN is set to true. This is to pupulate review app with data for DAST scan.
# Set DAST_RUN to true when jobs are manually scheduled.
-
if [ "$DAST_RUN" == "true" ]; then source scripts/review_apps/seed-dast-test-data.sh; TRACE=1 trigger_proj_user_creation; fi
artifacts
:
paths
:
-
environment_url.txt
-
curl_output.txt
expire_in
:
7 days
when
:
always
.review-stop-base
:
extends
:
.review-workflow-base
environment
:
action
:
stop
dependencies
:
[]
variables
:
# We're cloning the repo instead of downloading the script for now
# because some repos are private and CI_JOB_TOKEN cannot access files.
# See https://gitlab.com/gitlab-org/gitlab/issues/191273
GIT_DEPTH
:
1
before_script
:
-
*base-before_script
review-delete-deployment
:
extends
:
-
.review-stop-base
-
.review:rules:review-delete-deployment
stage
:
prepare
script
:
-
delete_release
review-stop
:
extends
:
-
.review-stop-base
-
.review:rules:review-stop
stage
:
post-qa
script
:
-
delete_k8s_release_namespace
.review-qa-base
:
extends
:
-
.use-docker-in-docker
image
:
name
:
${QA_IMAGE}
entrypoint
:
[
"
"
]
stage
:
qa
needs
:
[
"
build-qa-image"
,
"
review-deploy"
]
variables
:
QA_DEBUG
:
"
true"
QA_CAN_TEST_GIT_PROTOCOL_V2
:
"
false"
QA_GENERATE_ALLURE_REPORT
:
"
true"
GITLAB_USERNAME
:
"
root"
GITLAB_PASSWORD
:
"
${REVIEW_APPS_ROOT_PASSWORD}"
GITLAB_ADMIN_USERNAME
:
"
root"
GITLAB_ADMIN_PASSWORD
:
"
${REVIEW_APPS_ROOT_PASSWORD}"
GITHUB_ACCESS_TOKEN
:
"
${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
EE_LICENSE
:
"
${REVIEW_APPS_EE_LICENSE}"
SIGNUP_DISABLED
:
"
true"
before_script
:
# Use $CI_MERGE_REQUEST_SOURCE_BRANCH_SHA so that GitLab image built in omnibus-gitlab-mirror and QA image are in sync.
-
if [ -n "$CI_MERGE_REQUEST_SOURCE_BRANCH_SHA" ]; then
git checkout -f ${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA};
fi
-
export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
-
echo "${CI_ENVIRONMENT_URL}"
-
cd qa
artifacts
:
paths
:
-
qa/tmp
expire_in
:
7 days
when
:
always
.allure-report-base
:
image
:
name
:
${GITLAB_DEPENDENCY_PROXY}andrcuns/allure-report-publisher:0.3.4
entrypoint
:
[
"
"
]
stage
:
post-qa
variables
:
GIT_STRATEGY
:
none
STORAGE_CREDENTIALS
:
$QA_ALLURE_REPORT_GCS_CREDENTIALS
GITLAB_AUTH_TOKEN
:
$GITLAB_QA_MR_ALLURE_REPORT_TOKEN
allow_failure
:
true
script
:
-
|
allure-report-publisher upload gcs \
--results-glob="qa/tmp/allure-results/*" \
--bucket="gitlab-qa-allure-reports" \
--prefix="$ALLURE_REPORT_PATH_PREFIX/$CI_COMMIT_REF_SLUG" \
--update-pr="comment" \
--copy-latest \
--ignore-missing-results \
--color
review-qa-smoke
:
extends
:
-
.review-qa-base
-
.review:rules:review-qa-smoke
retry
:
1
# This is confusing but this means "2 runs at max".
variables
:
QA_RUN_TYPE
:
review-qa-smoke
script
:
-
bin/test Test::Instance::Smoke "${CI_ENVIRONMENT_URL}"
review-qa-all
:
extends
:
-
.review-qa-base
-
.review:rules:review-qa-all
parallel
:
5
variables
:
QA_RUN_TYPE
:
review-qa-all
script
:
-
export KNAPSACK_REPORT_PATH=knapsack/master_report.json
-
export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb
-
|
bin/test Test::Instance::All "${CI_ENVIRONMENT_URL}" \
-- \
--color --format documentation \
--format RspecJunitFormatter --out tmp/rspec.xml
artifacts
:
reports
:
junit
:
qa/tmp/rspec.xml
review-performance
:
extends
:
-
.default-retry
-
.review:rules:review-performance
image
:
name
:
sitespeedio/sitespeed.io
entrypoint
:
[
"
"
]
stage
:
qa
needs
:
[
"
review-deploy"
]
before_script
:
-
export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
-
echo "${CI_ENVIRONMENT_URL}"
-
mkdir -p gitlab-exporter
-
wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
-
mkdir -p sitespeed-results
script
:
-
/start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}"
after_script
:
-
mv sitespeed-results/data/performance.json performance.json
artifacts
:
paths
:
-
sitespeed-results/
reports
:
performance
:
performance.json
expire_in
:
31d
allure-report-qa-smoke
:
extends
:
-
.allure-report-base
-
.review:rules:review-qa-smoke-report
needs
:
[
"
review-qa-smoke"
]
variables
:
ALLURE_REPORT_PATH_PREFIX
:
gitlab-review-smoke
ALLURE_JOB_NAME
:
review-qa-smoke
allure-report-qa-all
:
extends
:
-
.allure-report-base
-
.review:rules:review-qa-all-report
needs
:
[
"
review-qa-all"
]
variables
:
ALLURE_REPORT_PATH_PREFIX
:
gitlab-review-all
ALLURE_JOB_NAME
:
review-qa-all
-
job
:
build-qa-image
artifacts
:
false
trigger
:
include
:
-
local
:
.gitlab/ci/review-apps/main.gitlab-ci.yml
strategy
:
depend
danger-review
:
extends
:
...
...
.gitlab/ci/rules.gitlab-ci.yml
View file @
f09f14e0
...
...
@@ -116,6 +116,7 @@
-
"
.gitlab/ci/frontend.gitlab-ci.yml"
-
"
.gitlab/ci/build-images.gitlab-ci.yml"
-
"
.gitlab/ci/review.gitlab-ci.yml"
-
"
.gitlab/ci/review-apps/**/*"
-
"
scripts/review_apps/base-config.yaml"
-
"
scripts/review_apps/review-apps.sh"
-
"
scripts/trigger-build"
...
...
@@ -1378,7 +1379,7 @@
################
# Review rules #
################
.review:rules:review-
build-cng
:
.review:rules:review-
app-pipeline
:
rules
:
-
<<
:
*if-not-ee
when
:
never
...
...
@@ -1395,6 +1396,22 @@
allow_failure
:
true
-
<<
:
*if-dot-com-gitlab-org-schedule
.review:rules:review-build-cng:
rules
:
-
<<
:
*if-not-ee
when
:
never
-
<<
:
*if-dot-com-gitlab-org-merge-request
changes
:
*ci-review-patterns
-
<<
:
*if-dot-com-gitlab-org-merge-request
changes
:
*frontend-patterns
-
<<
:
*if-dot-com-gitlab-org-merge-request
changes
:
*code-patterns
allow_failure
:
true
-
<<
:
*if-dot-com-gitlab-org-merge-request
changes
:
*qa-patterns
allow_failure
:
true
-
<<
:
*if-dot-com-gitlab-org-schedule
.review:rules:review-deploy:
rules
:
-
<<
:
*if-not-ee
...
...
doc/development/testing_guide/img/review-app-parent-pipeline.png
0 → 100644
View file @
f09f14e0
134 KB
doc/development/testing_guide/review_apps.md
View file @
f09f14e0
...
...
@@ -6,12 +6,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# Review Apps
Review Apps are automatically deployed by
[
the
pipeline
](
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/6665
)
.
Review Apps are deployed using the
`start-review-app-pipeline`
job. This job triggers a child pipeline containing a series of jobs to perform the various tasks needed to deploy a Review App.
## When are Review Apps automatically deployed?
![
start-review-app-pipeline job
](
img/review-app-parent-pipeline.png
)
A Review App is automatically deployed for
:
For any of the following scenarios, the
`start-review-app-pipeline`
job would be automatically started
:
-
for merge requests with CI config changes
-
for merge requests with frontend changes
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment