Commit 5e62bda5 authored by Shinya Maeda's avatar Shinya Maeda

Merge branch 'caalberts-stop-review-apps-deployment' into 'master'

Temporarily disabling review app deployment

See merge request gitlab-org/gitlab!34236
parents d1362100 e43ec397
...@@ -146,37 +146,38 @@ dependency_scanning: ...@@ -146,37 +146,38 @@ dependency_scanning:
dependency_scanning: gl-dependency-scanning-report.json dependency_scanning: gl-dependency-scanning-report.json
expire_in: 1 week # GitLab-specific expire_in: 1 week # GitLab-specific
# We need to duplicate this job's definition because it seems it's impossible to # Temporarily disabling review apps
# override an included `only.refs`. ## We need to duplicate this job's definition because it seems it's impossible to
# See https://gitlab.com/gitlab-org/gitlab/issues/31371. ## override an included `only.refs`.
dast: ## See https://gitlab.com/gitlab-org/gitlab/issues/31371.
extends: #dast:
- .default-retry # extends:
- .reports:rules:dast # - .default-retry
# This is needed so that manual jobs with needs don't block the pipeline. # - .reports:rules:dast
# See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. # # This is needed so that manual jobs with needs don't block the pipeline.
dependencies: ["review-deploy"] # # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979.
stage: qa # GitLab-specific # dependencies: ["review-deploy"]
image: # stage: qa # GitLab-specific
name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION" # image:
variables: # name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION"
# To be done in a later iteration # variables:
# DAST_USERNAME: "root" # # To be done in a later iteration
# DAST_USERNAME_FIELD: "user[login]" # # DAST_USERNAME: "root"
# DAST_PASSWORD_FIELD: "user[passowrd]" # # DAST_USERNAME_FIELD: "user[login]"
DAST_VERSION: 1 # # DAST_PASSWORD_FIELD: "user[passowrd]"
script: # DAST_VERSION: 1
- 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"' # script:
# To be done in a later iteration # - 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"'
# - 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"' # # To be done in a later iteration
# - 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"' # # - 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"'
- /analyze -t $DAST_WEBSITE # # - 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"'
artifacts: # - /analyze -t $DAST_WEBSITE
paths: # artifacts:
- gl-dast-report.json # GitLab-specific # paths:
reports: # - gl-dast-report.json # GitLab-specific
dast: gl-dast-report.json # reports:
expire_in: 1 week # GitLab-specific # dast: gl-dast-report.json
# expire_in: 1 week # GitLab-specific
# To be done in a later iteration: https://gitlab.com/gitlab-org/gitlab/issues/31160#note_278188255 # To be done in a later iteration: https://gitlab.com/gitlab-org/gitlab/issues/31160#note_278188255
# schedule:dast: # schedule:dast:
......
...@@ -27,24 +27,25 @@ review-cleanup: ...@@ -27,24 +27,25 @@ review-cleanup:
- ruby -rrubygems scripts/review_apps/automated_cleanup.rb - ruby -rrubygems scripts/review_apps/automated_cleanup.rb
- gcp_cleanup - gcp_cleanup
review-build-cng: # Temporarily disabling review apps
extends: #review-build-cng:
- .default-retry # extends:
- .review:rules:review-build-cng # - .default-retry
image: ruby:2.6-alpine # - .review:rules:review-build-cng
stage: review-prepare # image: ruby:2.6-alpine
before_script: # stage: review-prepare
- source scripts/utils.sh # before_script:
- install_api_client_dependencies_with_apk # - source scripts/utils.sh
- install_gitlab_gem # - install_api_client_dependencies_with_apk
needs: # - install_gitlab_gem
- job: compile-production-assets # needs:
artifacts: false # - job: compile-production-assets
script: # artifacts: false
- BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng # script:
# When the job is manual, review-deploy is also manual and we don't want people # - BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng
# to have to manually start the jobs in sequence, so we do it for them. # # When the job is manual, review-deploy is also manual and we don't want people
- '[ -z $CI_JOB_MANUAL ] || play_job "review-deploy"' # # to have to manually start the jobs in sequence, so we do it for them.
# - '[ -z $CI_JOB_MANUAL ] || play_job "review-deploy"'
.review-workflow-base: .review-workflow-base:
extends: extends:
...@@ -60,36 +61,37 @@ review-build-cng: ...@@ -60,36 +61,37 @@ review-build-cng:
on_stop: review-stop on_stop: review-stop
auto_stop_in: 48 hours auto_stop_in: 48 hours
review-deploy: # Temporarily disabling review apps
extends: #review-deploy:
- .review-workflow-base # extends:
- .review:rules:mr-and-schedule-auto-if-frontend-manual-otherwise # - .review-workflow-base
stage: review # - .review:rules:mr-and-schedule-auto-if-frontend-manual-otherwise
dependencies: [] # stage: review
resource_group: "review/${CI_COMMIT_REF_NAME}" # dependencies: []
before_script: # resource_group: "review/${CI_COMMIT_REF_NAME}"
- export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION) # before_script:
- export GITALY_VERSION=$(<GITALY_SERVER_VERSION) # - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
- export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION) # - export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
- echo "${CI_ENVIRONMENT_URL}" > environment_url.txt # - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
- source ./scripts/utils.sh # - echo "${CI_ENVIRONMENT_URL}" > environment_url.txt
- install_api_client_dependencies_with_apk # - source ./scripts/utils.sh
- source scripts/review_apps/review-apps.sh # - install_api_client_dependencies_with_apk
script: # - source scripts/review_apps/review-apps.sh
- check_kube_domain # script:
- ensure_namespace # - check_kube_domain
- install_external_dns # - ensure_namespace
- download_chart # - install_external_dns
- date # - download_chart
- deploy || (display_deployment_debug && exit 1) # - date
# When the job is manual, review-qa-smoke is also manual and we don't want people # - deploy || (display_deployment_debug && exit 1)
# to have to manually start the jobs in sequence, so we do it for them. # # When the job is manual, review-qa-smoke is also manual and we don't want people
- '[ -z $CI_JOB_MANUAL ] || play_job "review-qa-smoke"' # # to have to manually start the jobs in sequence, so we do it for them.
- '[ -z $CI_JOB_MANUAL ] || play_job "review-performance"' # - '[ -z $CI_JOB_MANUAL ] || play_job "review-qa-smoke"'
artifacts: # - '[ -z $CI_JOB_MANUAL ] || play_job "review-performance"'
paths: [environment_url.txt] # artifacts:
expire_in: 2 days # paths: [environment_url.txt]
when: always # expire_in: 2 days
# when: always
.review-stop-base: .review-stop-base:
extends: .review-workflow-base extends: .review-workflow-base
...@@ -122,109 +124,110 @@ review-stop: ...@@ -122,109 +124,110 @@ review-stop:
script: script:
- delete_release - delete_release
.review-qa-base: # Temporarily disabling review apps
extends: #.review-qa-base:
- .default-retry # extends:
- .use-docker-in-docker # - .default-retry
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine-ruby-2.6 # - .use-docker-in-docker
stage: qa # image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine-ruby-2.6
# This is needed so that manual jobs with needs don't block the pipeline. # stage: qa
# See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. # # This is needed so that manual jobs with needs don't block the pipeline.
dependencies: ["review-deploy"] # # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979.
variables: # dependencies: ["review-deploy"]
QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa" # variables:
QA_CAN_TEST_GIT_PROTOCOL_V2: "false" # QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa"
QA_DEBUG: "true" # QA_CAN_TEST_GIT_PROTOCOL_V2: "false"
GITLAB_USERNAME: "root" # QA_DEBUG: "true"
GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" # GITLAB_USERNAME: "root"
GITLAB_ADMIN_USERNAME: "root" # GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" # GITLAB_ADMIN_USERNAME: "root"
GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}" # GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}" # GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
before_script: # EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}"
- export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_REF_SLUG}" # before_script:
- export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" # - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_REF_SLUG}"
- echo "${CI_ENVIRONMENT_URL}" # - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
- echo "${QA_IMAGE}" # - echo "${CI_ENVIRONMENT_URL}"
- source scripts/utils.sh # - echo "${QA_IMAGE}"
- install_api_client_dependencies_with_apk # - source scripts/utils.sh
- gem install gitlab-qa --no-document ${GITLAB_QA_VERSION:+ --version ${GITLAB_QA_VERSION}} # - install_api_client_dependencies_with_apk
artifacts: # - gem install gitlab-qa --no-document ${GITLAB_QA_VERSION:+ --version ${GITLAB_QA_VERSION}}
paths: # artifacts:
- ./qa/gitlab-qa-run-* # paths:
expire_in: 7 days # - ./qa/gitlab-qa-run-*
when: always # expire_in: 7 days
# when: always
review-qa-smoke: #
extends: #review-qa-smoke:
- .review-qa-base # extends:
- .review:rules:review-qa-smoke # - .review-qa-base
script: # - .review:rules:review-qa-smoke
- gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" # script:
# - gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"
review-qa-all: #
extends: #review-qa-all:
- .review-qa-base # extends:
- .review:rules:mr-only-manual # - .review-qa-base
parallel: 5 # - .review:rules:mr-only-manual
script: # parallel: 5
- export KNAPSACK_REPORT_PATH=knapsack/master_report.json # script:
- export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb # - export KNAPSACK_REPORT_PATH=knapsack/master_report.json
- gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation # - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb
# - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation
review-performance: #
extends: #review-performance:
- .default-retry # extends:
- .review:rules:mr-and-schedule-auto-if-frontend-manual-otherwise # - .default-retry
image: # - .review:rules:mr-and-schedule-auto-if-frontend-manual-otherwise
name: sitespeedio/sitespeed.io:6.3.1 # image:
entrypoint: [""] # name: sitespeedio/sitespeed.io:6.3.1
stage: qa # entrypoint: [""]
# This is needed so that manual jobs with needs don't block the pipeline. # stage: qa
# See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. # # This is needed so that manual jobs with needs don't block the pipeline.
dependencies: ["review-deploy"] # # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979.
before_script: # dependencies: ["review-deploy"]
- export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" # before_script:
- echo "${CI_ENVIRONMENT_URL}" # - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
- mkdir -p gitlab-exporter # - echo "${CI_ENVIRONMENT_URL}"
- wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js # - mkdir -p gitlab-exporter
- mkdir -p sitespeed-results # - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
script: # - mkdir -p sitespeed-results
- /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}" # script:
after_script: # - /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}"
- mv sitespeed-results/data/performance.json performance.json # after_script:
artifacts: # - mv sitespeed-results/data/performance.json performance.json
paths: # artifacts:
- sitespeed-results/ # paths:
reports: # - sitespeed-results/
performance: performance.json # reports:
expire_in: 31d # performance: performance.json
# expire_in: 31d
parallel-spec-reports: #
extends: #parallel-spec-reports:
- .review:rules:mr-only-manual # extends:
image: ruby:2.6-alpine # - .review:rules:mr-only-manual
stage: post-qa # image: ruby:2.6-alpine
dependencies: ["review-qa-all"] # stage: post-qa
variables: # dependencies: ["review-qa-all"]
NEW_PARALLEL_SPECS_REPORT: qa/report-new.html # variables:
BASE_ARTIFACT_URL: "${CI_PROJECT_URL}/-/jobs/${CI_JOB_ID}/artifacts/file/qa/" # NEW_PARALLEL_SPECS_REPORT: qa/report-new.html
script: # BASE_ARTIFACT_URL: "${CI_PROJECT_URL}/-/jobs/${CI_JOB_ID}/artifacts/file/qa/"
- apk add --update build-base libxml2-dev libxslt-dev && rm -rf /var/cache/apk/* # script:
- gem install nokogiri --no-document # - apk add --update build-base libxml2-dev libxslt-dev && rm -rf /var/cache/apk/*
- cd qa/gitlab-qa-run-*/gitlab-* # - gem install nokogiri --no-document
- ARTIFACT_DIRS=$(pwd |rev| awk -F / '{print $1,$2}' | rev | sed s_\ _/_) # - cd qa/gitlab-qa-run-*/gitlab-*
- cd - # - ARTIFACT_DIRS=$(pwd |rev| awk -F / '{print $1,$2}' | rev | sed s_\ _/_)
- '[[ -f $NEW_PARALLEL_SPECS_REPORT ]] || echo "{}" > ${NEW_PARALLEL_SPECS_REPORT}' # - cd -
- scripts/merge-html-reports ${NEW_PARALLEL_SPECS_REPORT} ${BASE_ARTIFACT_URL}${ARTIFACT_DIRS} qa/gitlab-qa-run-*/**/rspec.htm # - '[[ -f $NEW_PARALLEL_SPECS_REPORT ]] || echo "{}" > ${NEW_PARALLEL_SPECS_REPORT}'
artifacts: # - scripts/merge-html-reports ${NEW_PARALLEL_SPECS_REPORT} ${BASE_ARTIFACT_URL}${ARTIFACT_DIRS} qa/gitlab-qa-run-*/**/rspec.htm
when: always # artifacts:
paths: # when: always
- qa/report-new.html # paths:
- qa/gitlab-qa-run-* # - qa/report-new.html
reports: # - qa/gitlab-qa-run-*
junit: qa/gitlab-qa-run-*/**/rspec-*.xml # reports:
expire_in: 31d # junit: qa/gitlab-qa-run-*/**/rspec-*.xml
# expire_in: 31d
danger-review: danger-review:
extends: extends:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment