diff --git a/.gitlab/merge_request_templates/new_feature.md b/.gitlab/merge_request_templates/new_feature.md index 74abae94c94dc0768bb5c51fe51ad253fce113fe..491b7f98ded7e0da03d18c95978eafcb7d86619f 100644 --- a/.gitlab/merge_request_templates/new_feature.md +++ b/.gitlab/merge_request_templates/new_feature.md @@ -8,8 +8,8 @@ Closes #999 ## Checklist * General: - * [ ] use [rules](https://docs.gitlab.com/ee/ci/yaml/#rules) instead of [only/except](https://docs.gitlab.com/ee/ci/yaml/#onlyexcept-advanced) - * [ ] optimized [cache](https://docs.gitlab.com/ee/ci/caching/) configuration (wherever applicable) + * [ ] use [rules](https://docs.gitlab.com/ci/yaml/#rules) instead of [only/except](https://docs.gitlab.com/ci/yaml/#onlyexcept-advanced) + * [ ] optimized [cache](https://docs.gitlab.com/ci/caching/) configuration (wherever applicable) * Publicly usable: * [ ] untagged runners * [ ] no proxy configuration but support `http_proxy`/`https_proxy`/`no_proxy` diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d66de58e5056078a12ecaeff3b4a13d89a110a62..2a784e569bae41015edf396d98185f99489bb960 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -61,7 +61,7 @@ To contribute: 1. Create an issue describing the bug or enhancement you want to propose (select the right issue template). 2. Make sure the issue has been reviewed and agreed. -3. Create a Merge Request, from your **own** fork (see [forking workflow](https://docs.gitlab.com/ee/user/project/repository/forking_workflow.html) documentation). +3. Create a Merge Request, from your **own** fork (see [forking workflow](https://docs.gitlab.com/user/project/repository/forking_workflow/) documentation). Don't hesitate to mark your MR as `Draft` as long as you think it's not ready to be reviewed. ### Git Commit Conventions diff --git a/package-lock.json b/package-lock.json index 47f7915f49e5e315d78304edf2c4d1a1cd5b6862..a96c1b37b3dccd4754944c6d1508869e8bef75b6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -22,18 +22,18 @@ "marked": "^12.0.0", "ng-process-env": "^16.0.6", "ngx-markdown": "^18.0.0", - "rxjs": "7.8.1", + "rxjs": "7.8.2", "tslib": "^2.3.0", "zone.js": "0.14.8" }, "devDependencies": { "@angular/build": "^18.1.0", - "@angular/cli": "18.2.11", + "@angular/cli": "18.2.14", "@angular/compiler-cli": "18.1.0", "@angular/language-service": "18.1.0", "@biomejs/biome": "1.9.4", "@playwright/test": "^1.45.2", - "@types/node": "22.10.6", + "@types/node": "22.13.6", "ts-node": "10.9.2", "typescript": "^5.4.5" } @@ -51,13 +51,13 @@ } }, "node_modules/@angular-devkit/architect": { - "version": "0.1802.11", - "resolved": "https://registry.npmjs.org/@angular-devkit/architect/-/architect-0.1802.11.tgz", - "integrity": "sha512-p+XIc/j51aI83ExNdeZwvkm1F4wkuKMGUUoj0MVUUi5E6NoiMlXYm6uU8+HbRvPBzGy5+3KOiGp3Fks0UmDSAA==", + "version": "0.1802.14", + "resolved": "https://registry.npmjs.org/@angular-devkit/architect/-/architect-0.1802.14.tgz", + "integrity": "sha512-eplaGCXSlPwf1f4XwyzsYTd8/lJ0/Adm6XsODsBxvkZlIpLcps80/h2lH5MVJpoDREzIFu1BweDpYCoNK5yYZg==", "dev": true, "license": "MIT", "dependencies": { - "@angular-devkit/core": "18.2.11", + "@angular-devkit/core": "18.2.14", "rxjs": "7.8.1" }, "engines": { @@ -66,10 +66,20 @@ "yarn": ">= 1.13.0" } }, + "node_modules/@angular-devkit/architect/node_modules/rxjs": { + "version": "7.8.1", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", + "integrity": "sha512-AA3TVj+0A2iuIoQkWEK/tqFjBq2j+6PO6Y0zJcvzLAFhEFIO3HL0vls9hWLncZbAAbK0mar7oZ4V079I/qPMxg==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "tslib": "^2.1.0" + } + }, "node_modules/@angular-devkit/core": { - "version": "18.2.11", - "resolved": "https://registry.npmjs.org/@angular-devkit/core/-/core-18.2.11.tgz", - "integrity": "sha512-H9P1shRGigORWJHUY2BRa2YurT+DVminrhuaYHsbhXBRsPmgB2Dx/30YLTnC1s5XmR9QIRUCsg/d3kyT1wd5Zg==", + "version": "18.2.14", + "resolved": "https://registry.npmjs.org/@angular-devkit/core/-/core-18.2.14.tgz", + "integrity": "sha512-UGIGOjXuOyCW+5S4tINu7e6LOu738CmTw3h7Ui1I8OzdTIYJcYJrei8sgrwDwOYADRal+p0MeMlnykH3TM5XBA==", "dev": true, "license": "MIT", "dependencies": { @@ -94,14 +104,24 @@ } } }, + "node_modules/@angular-devkit/core/node_modules/rxjs": { + "version": "7.8.1", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", + "integrity": "sha512-AA3TVj+0A2iuIoQkWEK/tqFjBq2j+6PO6Y0zJcvzLAFhEFIO3HL0vls9hWLncZbAAbK0mar7oZ4V079I/qPMxg==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "tslib": "^2.1.0" + } + }, "node_modules/@angular-devkit/schematics": { - "version": "18.2.11", - "resolved": "https://registry.npmjs.org/@angular-devkit/schematics/-/schematics-18.2.11.tgz", - "integrity": "sha512-efRK3FotTFp4KD5u42jWfXpHUALXB9kJNsWiB4wEImKFH6CN+vjBspJQuLqk2oeBFh/7D2qRMc5P+2tZHM5hdw==", + "version": "18.2.14", + "resolved": "https://registry.npmjs.org/@angular-devkit/schematics/-/schematics-18.2.14.tgz", + "integrity": "sha512-mukjZIHHB7gWratq8fZwUq5WZ+1bF4feG/idXr1wgQ+/FqWjs2PP7HDesHVcPymmRulpTyCpB7TNB1O1fgnCpA==", "dev": true, "license": "MIT", "dependencies": { - "@angular-devkit/core": "18.2.11", + "@angular-devkit/core": "18.2.14", "jsonc-parser": "3.3.1", "magic-string": "0.30.11", "ora": "5.4.1", @@ -113,6 +133,16 @@ "yarn": ">= 1.13.0" } }, + "node_modules/@angular-devkit/schematics/node_modules/rxjs": { + "version": "7.8.1", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", + "integrity": "sha512-AA3TVj+0A2iuIoQkWEK/tqFjBq2j+6PO6Y0zJcvzLAFhEFIO3HL0vls9hWLncZbAAbK0mar7oZ4V079I/qPMxg==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "tslib": "^2.1.0" + } + }, "node_modules/@angular/animations": { "version": "18.1.0", "resolved": "https://registry.npmjs.org/@angular/animations/-/animations-18.1.0.tgz", @@ -128,14 +158,14 @@ } }, "node_modules/@angular/build": { - "version": "18.2.11", - "resolved": "https://registry.npmjs.org/@angular/build/-/build-18.2.11.tgz", - "integrity": "sha512-AgirvSCmqUKiDE3C0rl3JA68OkOqQWDKUvjqRHXCkhxldLVOVoeIl87+jBYK/v9gcmk+K+ju+5wbGEfu1FjhiQ==", + "version": "18.2.14", + "resolved": "https://registry.npmjs.org/@angular/build/-/build-18.2.14.tgz", + "integrity": "sha512-9g24Oe/ZLULacW3hEpRCjSZIJPJTzN5BeFbA27epSV5NsrQOoeUGsEpRs90Zmt6eReO0fW1BGshWRoZtpSedcw==", "dev": true, "license": "MIT", "dependencies": { "@ampproject/remapping": "2.3.0", - "@angular-devkit/architect": "0.1802.11", + "@angular-devkit/architect": "0.1802.14", "@babel/core": "7.25.2", "@babel/helper-annotate-as-pure": "7.24.7", "@babel/helper-split-export-declaration": "7.24.7", @@ -157,7 +187,7 @@ "rollup": "4.22.4", "sass": "1.77.6", "semver": "7.6.3", - "vite": "5.4.6", + "vite": "5.4.14", "watchpack": "2.4.1" }, "engines": { @@ -676,18 +706,18 @@ } }, "node_modules/@angular/cli": { - "version": "18.2.11", - "resolved": "https://registry.npmjs.org/@angular/cli/-/cli-18.2.11.tgz", - "integrity": "sha512-0JI1xjOLRemBPjdT/yVlabxc3Zkjqa/lhvVxxVC1XhKoW7yGxIGwNrQ4pka4CcQtCuktO6KPMmTGIu8YgC3cpw==", + "version": "18.2.14", + "resolved": "https://registry.npmjs.org/@angular/cli/-/cli-18.2.14.tgz", + "integrity": "sha512-kWgRRQtJPkr8iwN7DMbTi3sXOnv7H5QhbU/GgD3nNX3D8YCSPmnby4PAE/P3wn7FsIK9JsSchsCt7MZ37Urh9A==", "dev": true, "license": "MIT", "dependencies": { - "@angular-devkit/architect": "0.1802.11", - "@angular-devkit/core": "18.2.11", - "@angular-devkit/schematics": "18.2.11", + "@angular-devkit/architect": "0.1802.14", + "@angular-devkit/core": "18.2.14", + "@angular-devkit/schematics": "18.2.14", "@inquirer/prompts": "5.3.8", "@listr2/prompt-adapter-inquirer": "2.0.15", - "@schematics/angular": "18.2.11", + "@schematics/angular": "18.2.14", "@yarnpkg/lockfile": "1.1.0", "ini": "4.1.3", "jsonc-parser": "3.3.1", @@ -2489,13 +2519,13 @@ } }, "node_modules/@playwright/test": { - "version": "1.49.1", - "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.49.1.tgz", - "integrity": "sha512-Ky+BVzPz8pL6PQxHqNRW1k3mIyv933LML7HktS8uik0bUXNCdPhoS/kLihiO1tMf/egaJb4IutXd7UywvXEW+g==", + "version": "1.50.1", + "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.50.1.tgz", + "integrity": "sha512-Jii3aBg+CEDpgnuDxEp/h7BimHcUTDlpEtce89xEumlJ5ef2hqepZ+PWp1DDpYC/VO9fmWVI1IlEaoI5fK9FXQ==", "dev": true, "license": "Apache-2.0", "dependencies": { - "playwright": "1.49.1" + "playwright": "1.50.1" }, "bin": { "playwright": "cli.js" @@ -2739,14 +2769,14 @@ ] }, "node_modules/@schematics/angular": { - "version": "18.2.11", - "resolved": "https://registry.npmjs.org/@schematics/angular/-/angular-18.2.11.tgz", - "integrity": "sha512-jT54mc9+hPOwie9bji/g2krVuK1kkNh2PNFGwfgCg3Ofmt3hcyOBai1DKuot5uLTX4VCCbvfwiVR/hJniQl2SA==", + "version": "18.2.14", + "resolved": "https://registry.npmjs.org/@schematics/angular/-/angular-18.2.14.tgz", + "integrity": "sha512-CHh6ew2Az71UlvVcnYeuMEwjwkZqR7y/9ebLzFRvczC71ZL8qPVBpBTVGbCpGBd54VEbCZVWRxBQoZZ5LP/aBw==", "dev": true, "license": "MIT", "dependencies": { - "@angular-devkit/core": "18.2.11", - "@angular-devkit/schematics": "18.2.11", + "@angular-devkit/core": "18.2.14", + "@angular-devkit/schematics": "18.2.14", "jsonc-parser": "3.3.1" }, "engines": { @@ -2985,9 +3015,9 @@ } }, "node_modules/@types/node": { - "version": "22.10.6", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.6.tgz", - "integrity": "sha512-qNiuwC4ZDAUNcY47xgaSuS92cjf8JbSUoaKS77bmLG1rU7MlATVSiw/IlrjtIyyskXBZ8KkNfjK/P5na7rgXbQ==", + "version": "22.13.6", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.6.tgz", + "integrity": "sha512-GYmF65GI7417CpZXsEXMjT8goQQDnpRnJnDw6jIYa+le3V/lMazPZ4vZmK1B/9R17fh2VLr2zuy9d/h5xgrLAg==", "dev": true, "license": "MIT", "dependencies": { @@ -6466,6 +6496,15 @@ "url": "https://github.com/sponsors/jonschlinkert" } }, + "node_modules/ng-process-env/node_modules/rxjs": { + "version": "7.8.1", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", + "integrity": "sha512-AA3TVj+0A2iuIoQkWEK/tqFjBq2j+6PO6Y0zJcvzLAFhEFIO3HL0vls9hWLncZbAAbK0mar7oZ4V079I/qPMxg==", + "license": "Apache-2.0", + "dependencies": { + "tslib": "^2.1.0" + } + }, "node_modules/ng-process-env/node_modules/typescript": { "version": "5.0.4", "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz", @@ -7025,13 +7064,13 @@ } }, "node_modules/playwright": { - "version": "1.49.1", - "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.49.1.tgz", - "integrity": "sha512-VYL8zLoNTBxVOrJBbDuRgDWa3i+mfQgDTrL8Ah9QXZ7ax4Dsj0MSq5bYgytRnDVVe+njoKnfsYkH3HzqVj5UZA==", + "version": "1.50.1", + "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.50.1.tgz", + "integrity": "sha512-G8rwsOQJ63XG6BbKj2w5rHeavFjy5zynBA9zsJMMtBoe/Uf757oG12NXz6e6OirF7RCrTVAKFXbLmn1RbL7Qaw==", "dev": true, "license": "Apache-2.0", "dependencies": { - "playwright-core": "1.49.1" + "playwright-core": "1.50.1" }, "bin": { "playwright": "cli.js" @@ -7044,9 +7083,9 @@ } }, "node_modules/playwright-core": { - "version": "1.49.1", - "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.49.1.tgz", - "integrity": "sha512-BzmpVcs4kE2CH15rWfzpjzVGhWERJfmnXmniSyKeRZUs9Ws65m+RGIi7mjJK/euCegfn3i7jvqWeWyHe9y3Vgg==", + "version": "1.50.1", + "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.50.1.tgz", + "integrity": "sha512-ra9fsNWayuYumt+NiM069M6OkcRb1FZSK8bgi66AtpFoWkg2+y0bJSNmkFrWhMbEBbVKC/EruAHH3g0zmtwGmQ==", "dev": true, "license": "Apache-2.0", "bin": { @@ -7370,9 +7409,10 @@ "optional": true }, "node_modules/rxjs": { - "version": "7.8.1", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", - "integrity": "sha512-AA3TVj+0A2iuIoQkWEK/tqFjBq2j+6PO6Y0zJcvzLAFhEFIO3HL0vls9hWLncZbAAbK0mar7oZ4V079I/qPMxg==", + "version": "7.8.2", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.2.tgz", + "integrity": "sha512-dhKf903U/PQZY6boNNtAGdWbG85WAbjT/1xYoZIC7FAY0yWapOBQVsVrDl58W86//e1VpMNBtRV4MaXfdMySFA==", + "license": "Apache-2.0", "dependencies": { "tslib": "^2.1.0" } @@ -8150,9 +8190,9 @@ } }, "node_modules/vite": { - "version": "5.4.6", - "resolved": "https://registry.npmjs.org/vite/-/vite-5.4.6.tgz", - "integrity": "sha512-IeL5f8OO5nylsgzd9tq4qD2QqI0k2CQLGrWD0rCN0EQJZpBK5vJAx0I+GDkMOXxQX/OfFHMuLIx6ddAxGX/k+Q==", + "version": "5.4.14", + "resolved": "https://registry.npmjs.org/vite/-/vite-5.4.14.tgz", + "integrity": "sha512-EK5cY7Q1D8JNhSaPKVK4pwBFvaTmZxEnoKXLG/U9gmdDcihQGNzFlgIvaxezFR4glP1LsuiedwMBqCXH3wZccA==", "dev": true, "license": "MIT", "dependencies": { diff --git a/package.json b/package.json index 8a0380c75ae3da282f17f5939a36c29f689a6c6a..960213fd9b39381d9c74750450c32d1add45aaef 100644 --- a/package.json +++ b/package.json @@ -22,18 +22,18 @@ "marked": "^12.0.0", "ng-process-env": "^16.0.6", "ngx-markdown": "^18.0.0", - "rxjs": "7.8.1", + "rxjs": "7.8.2", "tslib": "^2.3.0", "zone.js": "0.14.8" }, "devDependencies": { "@angular/build": "^18.1.0", - "@angular/cli": "18.2.11", + "@angular/cli": "18.2.14", "@angular/compiler-cli": "18.1.0", "@angular/language-service": "18.1.0", "@biomejs/biome": "1.9.4", "@playwright/test": "^1.45.2", - "@types/node": "22.10.6", + "@types/node": "22.13.6", "ts-node": "10.9.2", "typescript": "^5.4.5" } diff --git a/src/assets/kicker-aggregated.json b/src/assets/kicker-aggregated.json index 73f801333fa2ced0a73ce9cac7cc688c15ca9810..eda114a3065874a36f8feac096a3bd90bc3f644f 100644 --- a/src/assets/kicker-aggregated.json +++ b/src/assets/kicker-aggregated.json @@ -1 +1 @@ -{"extensions":[],"presets":[{"name":"OpenShift Sandbox","description":"[OpenShift Sandbox](https://developers.redhat.com/developer-sandbox) by RedHat","values":{"OS_URL":"https://api.sandbox.x8i5.p1.openshiftapps.com:6443","OS_ENVIRONMENT_URL":"https://%{environment_name}.apps.sandbox.x8i5.p1.openshiftapps.com","K8S_URL":"https://api.sandbox.x8i5.p1.openshiftapps.com:6443","K8S_ENVIRONMENT_URL":"https://%{environment_name}.apps.sandbox.x8i5.p1.openshiftapps.com"},"extension_id":null,"project":{"tag":"1.0.0","tags":["1.0.0"],"name":"kicker-extras","path":"to-be-continuous/tools/kicker-extras","web_url":"https://gitlab.com/to-be-continuous/tools/kicker-extras"}},{"name":"SonarCloud","description":"[SonarCloud](https://www.sonarsource.com/products/sonarcloud/) (SaaS)","values":{"SONAR_HOST_URL":"https://sonarcloud.io"},"extension_id":null,"project":{"tag":"1.0.0","tags":["1.0.0"],"name":"kicker-extras","path":"to-be-continuous/tools/kicker-extras","web_url":"https://gitlab.com/to-be-continuous/tools/kicker-extras"}}],"templates":[{"name":"Angular","description":"Build, test and analyse your [Angular](https://angular.io/) projects","template_path":"templates/gitlab-ci-angular.yml","kind":"build","prefix":"ng","is_component":true,"variables":[{"name":"NG_CLI_IMAGE","description":"The Docker image used to run Angular-CLI (`ng`) - **set the version required by your project**","default":"registry.hub.docker.com/trion/ng-cli-karma:latest"},{"name":"NPM_CONFIG_REGISTRY","description":"NPM [registry](https://docs.npmjs.com/configuring-your-registry-settings-as-an-npm-enterprise-user)","type":"url","advanced":true},{"name":"NPM_CONFIG_SCOPED_REGISTRIES","description":"Space separated list of NPM [scoped registries](https://docs.npmjs.com/cli/v8/using-npm/scope#associating-a-scope-with-a-registry) (formatted as `@somescope:https://some.npm.registry/some/repo @anotherscope:https://another.npm.registry/another/repo`)","advanced":true},{"name":"NG_WORKSPACE_DIR","description":"Angular workspace directory","default":".","advanced":true},{"name":"NG_INSTALL_EXTRA_OPTS","description":"Extra options to install project dependencies (with [`npm ci`](https://docs.npmjs.com/cli/ci.html/))","advanced":true},{"name":"NG_BUILD_ARGS","description":"Angular [ng build](https://angular.io/cli/build) arguments","default":"build","advanced":true},{"name":"NG_TEST_ARGS","description":"Angular [ng test](https://angular.io/cli/test) arguments","default":"test --code-coverage --reporters progress,junit --watch=false --no-progress","advanced":true}],"features":[{"id":"lint","name":"Angular lint","description":"Angular lint analysis","disable_with":"NG_LINT_DISABLED","variables":[{"name":"NG_LINT_ARGS","description":"Angular [ng lint](https://angular.io/cli/lint) arguments","default":"lint","advanced":true}]},{"id":"publish","name":"Publish","description":"[publishes](https://docs.npmjs.com/cli/v6/commands/npm-publish) the project packages to a npm registry","enable_with":"NG_PUBLISH_ENABLED","variables":[{"name":"NG_PUBLISH_ARGS","description":"npm [publish](https://docs.npmjs.com/cli/v6/commands/npm-publish) arguments","advanced":true},{"name":"NG_PUBLISH_PROJECTS","description":"Space separated list of projects to publish. If no project is specified, all workspace projects are published.","advanced":true},{"name":"NPM_PUBLISH_REGISTRY","description":"npm registry to publish to. If none is specified, uses GitLab project npm packages registry","secret":true},{"name":"NPM_PUBLISH_TOKEN","description":"NPM publication registry authentication token","secret":true}]},{"id":"e2e-test","name":"e2e-test","description":"Run your [e2e tests](https://angular.io/cli/e2e) on your angular project","enable_with":"NG_E2E_ENABLED","variables":[{"name":"NG_E2E_ARGS","description":"ng [e2e](https://angular.io/cli/e2e) arguments","default":"e2e","advanced":true}]},{"id":"ng-outdated","name":"ng-outdated","description":"This job performs outdated analysis ([npm outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated)), to find dependencies that might be updated.","disable_with":"NG_OUTDATED_DISABLED","variables":[{"name":"NG_OUTDATED_ARGS","description":"npm [outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated) arguments","default":"--long"},{"name":"NG_OUTDATED_ALLOW_FAILURE","description":"Allow the job to fail and therefore not block the pipeline","type":"boolean","default":"true","advanced":true}]},{"id":" ng-audit","name":"ng-audit","description":"This job performs an audit using ([npm audit](https://docs.npmjs.com/cli/v8/commands/npm-audit)), to find vulnerabilities (security).","disable_with":"NG_AUDIT_DISABLED","variables":[{"name":"NG_AUDIT_ARGS","description":"npm [audit](https://docs.npmjs.com/cli/v8/commands/npm-audit) arguments","default":"--audit-level=low"}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [@cyclonedx/cyclonedx-npm](https://www.npmjs.com/package/@cyclonedx/cyclonedx-npm)","disable_with":"NG_SBOM_DISABLED","variables":[{"name":"NG_SBOM_VERSION","description":"Version of the @cyclonedx/cyclonedx-npm used for SBOM analysis","advanced":true},{"name":"NG_SBOM_OPTS","description":"Options for @cyclonedx/cyclonedx-npm used for SBOM analysis","default":"--omit dev","advanced":true}]}],"extension_id":null,"project":{"tag":"4.10.2","tags":["4.10.2","4.10.1","4.10.0","4.10","4.9.1","4.9.0","4.9","4.8.2","4.8.1","4.8.0","4.8","4.7.0","4.7","4.6.0","4.6","4.5.1","4.5.0","4.5","4.4.0","4.4","4.3.2","4.3.1","4.3.0","4.3","4.2.3","4.2.2","4.2.1","4.2.0","4.2","4.1.1","4.1.0","4.1","4.0.0","4.0","4","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.2.0","2.2","2.1.0","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.1","1.0.0"],"name":"angular","path":"to-be-continuous/angular","web_url":"https://gitlab.com/to-be-continuous/angular","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26451062/logo.png"}},{"name":"Ansible","description":"Provision your infrastructure and deploy your application with [Ansible](https://www.ansible.com/)","template_path":"templates/gitlab-ci-ansible.yml","kind":"hosting","prefix":"ansible","is_component":true,"variables":[{"name":"ANSIBLE_IMAGE","description":"The Docker image used to run Ansible. The image may contain your Ansible sources. **set the version required by your project**","default":"registry.hub.docker.com/cytopia/ansible:latest-tools"},{"name":"ANSIBLE_PROJECT_DIR","description":"Ansible project root directory","default":".","advanced":true},{"name":"ANSIBLE_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"ANSIBLE_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.acme.com`)_"},{"name":"ANSIBLE_VAULT_PASSWORD","description":"The Ansible vault password used to decrypt vars","secret":true},{"name":"ANSIBLE_PRIVATE_KEY","description":"The Ansible SSH private key to use in all stages (can be overridden per env)","secret":true},{"name":"ANSIBLE_PUBLIC_KEY","description":"The Ansible SSH public key associated to the private key to be use in all stages (can be overridden per env)","advanced":true},{"name":"ANSIBLE_DEFAULT_INVENTORY","description":"The default inventory, if used"},{"name":"ANSIBLE_DEFAULT_TAGS","description":"The default tags, if used"},{"name":"ANSIBLE_DEFAULT_EXTRA_ARGS","description":"Optional default args to add to the ansible-playbook command line","advanced":true},{"name":"ANSIBLE_FORCE_COLOR","description":"Forces color on Ansible output","type":"boolean","default":"true","advanced":true},{"name":"ANSIBLE_REQUIREMENTS_FILE","description":"The file used to install roles with `ansible-galaxy role install`","default":"requirements.yml","advanced":true},{"name":"ANSIBLE_GALAXY_EXTRA_ARGS","description":"`ansible-galaxy role install` command [extra options](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html#role-install)","advanced":true},{"name":"ANSIBLE_SCRIPTS_DIR","description":"The Ansible scripts base directory (relative to `$ANSIBLE_PROJECT_DIR`)","default":".","advanced":true},{"name":"ANSIBLE_HOST_KEY_CHECKING","description":"Enable or disable the SSH host key checking","type":"boolean","default":"false","advanced":true},{"name":"ANSIBLE_DEFAULT_ROLES_PATH","description":"The default path where the roles should be installed","default":"$CI_PROJECT_DIR/roles","advanced":true}],"features":[{"id":"lint","name":"Ansible Lint","description":"Static code analysis of your Ansible scripts with [Ansible Lint](https://docs.ansible.com/ansible-lint/)","disable_with":"ANSIBLE_LINT_DISABLED","variables":[{"name":"ANSIBLE_LINT_IMAGE","description":"The Docker image used to run Ansible Lint.","default":"registry.hub.docker.com/haxorof/ansible-lint:latest"}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","variables":[{"name":"ANSIBLE_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"ANSIBLE_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"ANSIBLE_REVIEW_INVENTORY","description":"The inventory for `review` env (only define to override default)"},{"name":"ANSIBLE_REVIEW_TAGS","description":"The tags for `review` env (only define to override default)"},{"name":"ANSIBLE_REVIEW_CLEANUP_TAGS","description":"The tags to cleanup the `review` env","mandatory":true},{"name":"ANSIBLE_REVIEW_EXTRA_ARGS","description":"The command line extra args for `review` env (only define to override default)","advanced":true},{"name":"ANSIBLE_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"ANSIBLE_REVIEW_PLAYBOOK_FILE","description":"The playbook filename for `review` env","mandatory":true},{"name":"ANSIBLE_REVIEW_CLEANUP_PLAYBOOK_FILE","description":"The playbook filename to cleanup `review` env (only define if different from deployment playbook)","advanced":true},{"name":"ANSIBLE_REVIEW_PRIVATE_KEY","description":"The SSH private key to be use in `review` env (only define to override default)","secret":true},{"name":"ANSIBLE_REVIEW_PUBLIC_KEY","description":"The SSH public key associated to the private key to be use in `review` env (only define to override default)","advanced":true},{"name":"ANSIBLE_REVIEW_VAULT_PASSWORD","description":"The Ansible vault password for `review` env (only define to override default)","secret":true,"advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"ANSIBLE_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"ANSIBLE_INTEG_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `integration` env","default":"never"},{"name":"ANSIBLE_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"ANSIBLE_INTEG_INVENTORY","description":"The inventory for `integration` env (only define to override default)"},{"name":"ANSIBLE_INTEG_TAGS","description":"The tags for `integration` env (only define to override default)"},{"name":"ANSIBLE_INTEG_CLEANUP_TAGS","description":"The tags to cleanup the `integration` env","mandatory":true},{"name":"ANSIBLE_INTEG_EXTRA_ARGS","description":"The command line extra args for `integration` env (only define to override default)","advanced":true},{"name":"ANSIBLE_INTEG_PLAYBOOK_FILE","description":"The playbook filename for `integration` env","mandatory":true},{"name":"ANSIBLE_INTEG_CLEANUP_PLAYBOOK_FILE","description":"The playbook filename to cleanup `integration` env (only define if different from deployment playbook)","advanced":true},{"name":"ANSIBLE_INTEG_PRIVATE_KEY","description":"The SSH private key to be use in `integration` env (only define to override default)","secret":true,"advanced":true},{"name":"ANSIBLE_INTEG_PUBLIC_KEY","description":"The SSH public key associated to the private key to be use in `integration` env (only define to override default)","advanced":true},{"name":"ANSIBLE_INTEG_VAULT_PASSWORD","description":"The Ansible vault password for `integration` env (only define to override default)","secret":true,"advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"ANSIBLE_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"ANSIBLE_STAGING_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `staging` env","default":"never"},{"name":"ANSIBLE_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"ANSIBLE_STAGING_INVENTORY","description":"The inventory for `staging` env (only define to override default)"},{"name":"ANSIBLE_STAGING_TAGS","description":"The tags for `staging` env (only define to override default)"},{"name":"ANSIBLE_STAGING_CLEANUP_TAGS","description":"The tags to cleanup the `staging` env","mandatory":true},{"name":"ANSIBLE_STAGING_EXTRA_ARGS","description":"The command line extra args for `staging` env (only define to override default)","advanced":true},{"name":"ANSIBLE_STAGING_PLAYBOOK_FILE","description":"The playbook filename for `staging` env","mandatory":true},{"name":"ANSIBLE_STAGING_CLEANUP_PLAYBOOK_FILE","description":"The playbook filename to cleanup `staging` env (only define if different from deployment playbook)","advanced":true},{"name":"ANSIBLE_STAGING_PRIVATE_KEY","description":"The SSH private key to be use in `staging` env (only define to override default)","secret":true,"advanced":true},{"name":"ANSIBLE_STAGING_PUBLIC_KEY","description":"The SSH public key associated to the private key to be use in `staging` env (only define to override default)","advanced":true},{"name":"ANSIBLE_STAGING_VAULT_PASSWORD","description":"The Ansible vault password for `staging` env (only define to override default)","secret":true,"advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"ANSIBLE_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"ANSIBLE_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"ANSIBLE_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"ANSIBLE_PROD_INVENTORY","description":"The inventory for `production` env (only define to override default)"},{"name":"ANSIBLE_PROD_TAGS","description":"The tags for `production` env (only define to override default)"},{"name":"ANSIBLE_PROD_EXTRA_ARGS","description":"The command line extra args for `production` env (only define to override default)","advanced":true},{"name":"ANSIBLE_PROD_PLAYBOOK_FILE","description":"The playbook filename for `production` env","mandatory":true},{"name":"ANSIBLE_PROD_PRIVATE_KEY","description":"The SSH private key to be use in `production` env (only define to override default)","secret":true,"advanced":true},{"name":"ANSIBLE_PROD_PUBLIC_KEY","description":"The SSH public key associated to the private key to be use in `production` env (only define to override default)","advanced":true},{"name":"ANSIBLE_PROD_VAULT_PASSWORD","description":"The Ansible vault password for `production` env (only define to override default)","secret":true,"advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-ansible-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp-auth-provider","name":"Google Cloud","description":"This variant uses [Application Default Credentials][gcp-adc] through the `GOOGLE_APPLICATION_CREDENTIALS` variable using Workload Identity federation.","template_path":"templates/gitlab-ci-ansible-gcp.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `production` environment","advanced":true}]}],"extension_id":null,"project":{"tag":"6.4.0","tags":["6.4.0","6.4","6.3.4","6.3.3","6.3.2","6.3.1","6.3.0","6.3","6.2.0","6.2","6.1.3","6.1.2","6.1.1","6.1.0","6.1","6.0.1","6.0.0","6.0","6","5.1.0","5.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.5.2","3.5.1","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.3.0","2.3","2.2.0","2.2","2.1.4","2.1.3","2.1.2","2.1.1","2.1.0","2.0.1","2.0.0","2","1.2.1","1.2.0","1.1.0","1.0.0"],"name":"ansible","path":"to-be-continuous/ansible","web_url":"https://gitlab.com/to-be-continuous/ansible","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26473639/logo.png"}},{"name":"Amazon Web Services","description":"Deploy your application to [Amazon Web Services](https://aws.amazon.com/)","template_path":"templates/gitlab-ci-aws.yml","kind":"hosting","prefix":"aws","is_component":true,"variables":[{"name":"AWS_CLI_IMAGE","description":"The Docker image used to run AWS CLI commands","default":"registry.hub.docker.com/amazon/aws-cli:latest"},{"name":"AWS_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"AWS_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.aws.acme.com`)_"},{"name":"AWS_SCRIPTS_DIR","description":"Directory where AWS scripts (deploy & cleanup) are located","default":".","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","enable_with":"AWS_REVIEW_ENABLED","variables":[{"name":"AWS_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"AWS_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"AWS_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"AWS_INTEG_ENABLED","variables":[{"name":"AWS_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"AWS_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"AWS_STAGING_ENABLED","variables":[{"name":"AWS_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"AWS_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"AWS_PROD_ENABLED","variables":[{"name":"AWS_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"AWS_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AWS_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"}]}],"variants":[{"id":"oidc","name":"OpenID Connect","description":"Enables [federated authentication using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)","template_path":"templates/gitlab-ci-aws-oidc.yml","variables":[{"name":"AWS_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"AWS_OIDC_ROLE_ARN","description":"Default IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/)","advanced":true},{"name":"AWS_REVIEW_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/) on `review` env _(only define to override default)_","advanced":true},{"name":"AWS_INTEG_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/) on `integration` env _(only define to override default)_","advanced":true},{"name":"AWS_STAGING_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/) on `staging` env _(only define to override default)_","advanced":true},{"name":"AWS_PROD_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/) on `production` env _(only define to override default)_","advanced":true}]},{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-aws-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"5.2.3","tags":["5.2.3","5.2.2","5.2.1","5.2.0","5.2","5.1.0","5.1","5.0.2","5.0.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.3.2","2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.0","2.1","2.0.0","2.0","2","1.4.0","1.4","1.3.0","1.3","1.2.0","1.2","1.1.3","1.1.2","1.1.1","1.1.0","1.0.2","1.0.1","1.0.0","1"],"name":"aws","path":"to-be-continuous/aws","web_url":"https://gitlab.com/to-be-continuous/aws","avatar":"https://gitlab.com/uploads/-/system/project/avatar/30120028/logo.png"}},{"name":"Azure","description":"Deploy your application to [Azure](https://azure.microsoft.com/)","template_path":"templates/gitlab-ci-azure.yml","kind":"hosting","prefix":"azure","is_component":true,"variables":[{"name":"AZURE_CLI_IMAGE","description":"The Docker image used to run Azure CLI commands","default":"mcr.microsoft.com/azure-cli:latest"},{"name":"AZURE_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"AZURE_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.azure.acme.com`)_"},{"name":"AZURE_SCRIPTS_DIR","description":"Directory where Azure scripts (deploy & cleanup) are located","default":".","advanced":true},{"name":"AZURE_SP_CLIENT_ID","description":"Default Service Principal client ID _(only define if using Service Principal authentication with credentials)_","advanced":true},{"name":"AZURE_SP_PASSWORD","description":"Default Service Principal password (client secret or certificate (File type)) (only define if using Service Principal authentication with credentials)","advanced":true,"secret":true},{"name":"AZURE_SP_TENANT_ID","description":"Default Service Principal tenant ID _(only define if using Service Principal authentication with credentials)_","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","enable_with":"AZURE_REVIEW_ENABLED","variables":[{"name":"AZURE_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"AZURE_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"AZURE_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AZURE_REVIEW_SP_CLIENT_ID","description":"Service Principal client ID for `review` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true},{"name":"AZURE_REVIEW_SP_PASSWORD","description":"Service Principal password (client secret or certificate (File type)) for `review` env - (only define if using Service Principal authentication with credentials and if different from default)","advanced":true,"secret":true},{"name":"AZURE_REVIEW_SP_TENANT_ID","description":"Service Principal tenant ID for `review` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"AZURE_INTEG_ENABLED","variables":[{"name":"AZURE_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"AZURE_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AZURE_INTEG_SP_CLIENT_ID","description":"Service Principal client ID for `integration` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true},{"name":"AZURE_INTEG_SP_PASSWORD","description":"Service Principal password (client secret or certificate (File type)) for `integration` env - (only define if using Service Principal authentication with credentials and if different from default)","advanced":true,"secret":true},{"name":"AZURE_INTEG_SP_TENANT_ID","description":"Service Principal tenant ID for `integration` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"AZURE_STAGING_ENABLED","variables":[{"name":"AZURE_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"AZURE_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AZURE_STAGING_SP_CLIENT_ID","description":"Service Principal client ID for `staging` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true},{"name":"AZURE_STAGING_SP_PASSWORD","description":"Service Principal password (client secret or certificate (File type)) for `staging` env - (only define if using Service Principal authentication with credentials and if different from default)","advanced":true,"secret":true},{"name":"AZURE_STAGING_SP_TENANT_ID","description":"Service Principal tenant ID for `staging` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"AZURE_PROD_ENABLED","variables":[{"name":"AZURE_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"AZURE_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AZURE_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"AZURE_PROD_SP_CLIENT_ID","description":"Service Principal client ID for `production` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true},{"name":"AZURE_PROD_SP_PASSWORD","description":"Service Principal password (client secret or certificate (File type)) for `production` env - (only define if using Service Principal authentication with credentials and if different from default)","advanced":true,"secret":true},{"name":"AZURE_PROD_SP_TENANT_ID","description":"Service Principal tenant ID for `production` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true}]}],"variants":[{"id":"oidc","name":"OpenID Connect","description":"Enables [federated authentication using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/)","template_path":"templates/gitlab-ci-azure-oidc.yml","variables":[{"name":"AZURE_OIDC_AUD","description":"The `aud` claim for the JWT","default":"api://AzureADTokenExchange"},{"name":"AZURE_OIDC_CLIENT_ID","description":"Default Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/)","advanced":true},{"name":"AZURE_OIDC_TENANT_ID","description":"Default Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/)","advanced":true},{"name":"AZURE_REVIEW_OIDC_CLIENT_ID","description":"Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/) on `review` env _(only define to override default)_","advanced":true},{"name":"AZURE_REVIEW_OIDC_TENANT_ID","description":"Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/) on `review` env _(only define to override default)_","advanced":true},{"name":"AZURE_INTEG_OIDC_CLIENT_ID","description":"Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/) on `integration` env _(only define to override default)_","advanced":true},{"name":"AZURE_INTEG_OIDC_TENANT_ID","description":"Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/) on `integration` env _(only define to override default)_","advanced":true},{"name":"AZURE_STAGING_OIDC_CLIENT_ID","description":"Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/) on `staging` env _(only define to override default)_","advanced":true},{"name":"AZURE_STAGING_OIDC_TENANT_ID","description":"Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/) on `staging` env _(only define to override default)_","advanced":true},{"name":"AZURE_PROD_OIDC_CLIENT_ID","description":"Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/) on `production` env _(only define to override default)_","advanced":true},{"name":"AZURE_PROD_OIDC_TENANT_ID","description":"Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/azure/) on `production` env _(only define to override default)_","advanced":true}]},{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-azure-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"2.2.3","tags":["2.2.3","2.2.2","2.2.1","2.2.0","2.2","2.1.0","2.1","2.0.2","2.0.1","2.0.0","2.0","2","1.0.0","1.0","1"],"name":"azure","path":"to-be-continuous/azure","web_url":"https://gitlab.com/to-be-continuous/azure","avatar":"https://gitlab.com/uploads/-/system/project/avatar/48544609/logo.png"}},{"name":"Bash","description":"Test and analyse your shell code","template_path":"templates/gitlab-ci-bash.yml","kind":"build","prefix":"bash","is_component":true,"features":[{"id":"shellcheck","name":"ShellCheck","description":"Analyse your shell scripts with [ShellCheck](https://github.com/koalaman/shellcheck)","disable_with":"BASH_SHELLCHECK_DISABLED","variables":[{"name":"BASH_SHELLCHECK_IMAGE","description":"The Docker image used to run [ShellCheck](https://github.com/koalaman/shellcheck)","default":"registry.hub.docker.com/koalaman/shellcheck-alpine:stable","advanced":true},{"name":"BASH_SHELLCHECK_FILES","description":"Shell file(s) or pattern(s) to analyse","default":"**/*.sh"},{"name":"BASH_SHELLCHECK_OPTS","description":"ShellCheck [options](https://github.com/koalaman/shellcheck/blob/master/shellcheck.1.md)"}]},{"id":"bats","name":"Bats","description":"Test your shell scripts with [Bats](https://bats-core.readthedocs.io/) (Bash Automated Testing System)","enable_with":"BASH_BATS_ENABLED","variables":[{"name":"BASH_BATS_IMAGE","description":"The Docker image used to run [Bats](https://hub.docker.com/r/bats/bats)","default":"registry.hub.docker.com/bats/bats:latest","advanced":true},{"name":"BASH_BATS_TESTS","description":"The path to a Bats test file, or the path to a directory containing Bats test files","default":"tests"},{"name":"BASH_BATS_OPTS","description":"Bats [options](https://bats-core.readthedocs.io/en/stable/usage.html)"},{"name":"BASH_BATS_LIBRARIES","description":"Coma separated list of Bats [libraries and add-ons](https://bats-core.readthedocs.io/en/stable/writing-tests.html#libraries-and-add-ons)\n\nFormatted as: `lib_name_1@archive_url_1 lib_name_2@archive_url_2 ...`\n\nExample: `bats-support@https://github.com/bats-core/bats-support/archive/v0.3.0.zip bats-assert@https://github.com/bats-core/bats-assert/archive/v2.0.0.zip`"}]}],"extension_id":null,"project":{"tag":"3.5.2","tags":["3.5.2","3.5.1","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.2","3.1.1","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.1.1","2.1.0","2.1","2.0.1","2.0.0","2","1.0.0"],"name":"bash","path":"to-be-continuous/bash","web_url":"https://gitlab.com/to-be-continuous/bash","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26449717/logo.png"}},{"name":"Bruno","description":"Test your APIs with [Bruno](https://www.usebruno.com/)","template_path":"templates/gitlab-ci-bruno.yml","kind":"acceptance","prefix":"bru","job_prefix":"bruno","is_component":true,"variables":[{"name":"BRU_IMAGE","description":"The Docker image used to run the [Bruno CLI](https://docs.usebruno.com/cli/overview.html)","default":"registry.hub.docker.com/library/node:lts-alpine"},{"name":"BRU_COLLECTIONS","description":"The matcher to select Bruno collection directory(ies) to run","default":"bruno"},{"name":"BRU_BASE_URL","description":"Explicit base url environment to test.\n\n_Auto-evaluated by default._","type":"url","advanced":true},{"name":"BRU_EXTRA_ARGS","description":"Bruno extra [run options](https://docs.usebruno.com/cli/overview.html#options)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Bruno tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"1.5.0","tags":["1.5.0","1.5","1.4.0","1.4","1.3.0","1.3","1.2.2","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.0","1.0","1"],"name":"bruno","path":"to-be-continuous/bruno","web_url":"https://gitlab.com/to-be-continuous/bruno","avatar":"https://gitlab.com/uploads/-/system/project/avatar/53021411/logo.png"}},{"name":"Cloud Foundry","description":"Deploy your application to a [Cloud Foundry](https://www.cloudfoundry.org/) platform","template_path":"templates/gitlab-ci-cf.yml","kind":"hosting","prefix":"cf","is_component":true,"variables":[{"name":"CF_CLI_IMAGE","description":"The Docker image used to run CF CLI commands - **set the version required by your Cloud Foundry server**","default":"registry.hub.docker.com/governmentpaas/cf-cli"},{"name":"CF_MANIFEST_BASENAME","description":"CF manifest file basename (without extension nor env suffix)","default":"manifest","advanced":true},{"name":"CF_URL","type":"url","description":"Global Cloud Foundry API url","mandatory":true},{"name":"CF_ORG","description":"Global Cloud Foundry organization for project","mandatory":true},{"name":"CF_DEFAULT_DOMAIN","description":"Global Cloud Foundry default CF domain _(only define if you want to use a different domain from CF default)_","advanced":true},{"name":"CF_DEFAULT_ROUTE_PATH","description":"Global Cloud Foundry default CF route path _(only define if you want to add a route path to your application route)_","advanced":true},{"name":"CF_DEFAULT_PUSH_ARGS","description":"Global additional arguments for cf push command _(only define if you want has a specific need not med by the template)_","advanced":true},{"name":"CF_USER","description":"Global Cloud Foundry username","secret":true,"mandatory":true},{"name":"CF_PASSWORD","description":"Global Cloud Foundry password","secret":true,"mandatory":true},{"name":"CF_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"CF_SCRIPTS_DIR","description":"Directory where Cloud Foundry scripts (manifest, hook scripts) are located","default":".","advanced":true},{"name":"CF_ROLLING_STRATEGY","description":"Use Cloud Foundry native zero-downtime deployment strategy instead of the historical blue-green method _(ignores $CF_XXX_ZERODOWNTIME)_","type":"boolean","default":"false","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","variables":[{"name":"CF_REVIEW_ORG","description":"Cloud Foundry organization for review env _(only define if different from global)_"},{"name":"CF_REVIEW_SPACE","description":"Cloud Foundry space for review env","mandatory":true},{"name":"CF_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"CF_REVIEW_HOST_NAME","description":"The review environment host name _(defaults to $CF_BASE_APP_NAME-$CI_ENVIRONMENT_SLUG)_","advanced":true},{"name":"CF_REVIEW_DOMAIN","description":"The review environment domain","advanced":true},{"name":"CF_REVIEW_ENVIRONMENT_SCHEME","description":"The review environment protocol scheme","default":"https","mandatory":true},{"name":"CF_REVIEW_ENVIRONMENT_DOMAIN","description":"The review environment domain (ex: `noprod-cloudfoundry.domain.com`).\n\nBy default review `environment.url` will be built as `${CF_REVIEW_ENVIRONMENT_SCHEME}://${$CI_PROJECT_NAME}-${CI_ENVIRONMENT_SLUG}.${CF_REVIEW_ENVIRONMENT_DOMAIN}/${CF_REVIEW_ROUTE_PATH}`","mandatory":true},{"name":"CF_REVIEW_ROUTE_PATH","description":"The review environment route path","advanced":true},{"name":"CF_REVIEW_PUSH_ARGS","description":"The review environment additional cf push arguments","advanced":true},{"name":"CF_REVIEW_DOMAIN_TMP","description":"The review environment domain for the temporary blue-green app","advanced":true},{"name":"CF_REVIEW_ZERODOWNTIME","type":"boolean","description":"Enables zero-downtime deployment on review env","advanced":true},{"name":"CF_REVIEW_URL","type":"url","description":"Cloud Foundry API url for review env (only define to override default)","advanced":true},{"name":"CF_REVIEW_USER","description":"Cloud Foundry API username for review env (only define to override default)","secret":true},{"name":"CF_REVIEW_PASSWORD","description":"Cloud Foundry API password for review env (only define to override default)","secret":true},{"name":"CLEANUP_ALL_REVIEW","description":"Enables a **manual** job to cleanup all review envs at once.\n\nYou may also use it to [schedule](https://docs.gitlab.com/ee/ci/pipelines/schedules.html) cloud resources cleanup. See documentation.","type":"enum","values":["","force","true"]},{"name":"CF_REVIEW_RETIRED_APP_SUFFIX","description":"If set, the app old version is not deleted/overriden but renamed with this suffix","advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"CF_INTEG_ORG","description":"Cloud Foundry organization for integration env _(only define if different from global)_"},{"name":"CF_INTEG_SPACE","description":"Cloud Foundry space for integration env","mandatory":true},{"name":"CF_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"CF_INTEG_HOST_NAME","description":"The integration environment host name _(defaults to $CF_BASE_APP_NAME-integration)_","advanced":true},{"name":"CF_INTEG_DOMAIN","description":"The integration environment domain","advanced":true},{"name":"CF_INTEG_ROUTE_PATH","description":"The integration environment route path","advanced":true},{"name":"CF_INTEG_PUSH_ARGS","description":"The integration environment additional cf push arguments","advanced":true},{"name":"CF_INTEG_DOMAIN_TMP","description":"The integration environment domain for the temporary blue-green app","advanced":true},{"name":"CF_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url including scheme (ex: `https://my-application-integration.noprod-cloudfoundry.domain.com`).\n\nDo not use variable inside variable definition as it will result in a two level cascade variable and gitlab does not allow that.","mandatory":true},{"name":"CF_INTEG_ZERODOWNTIME","type":"boolean","description":"Enables zero-downtime deployment on integration env","advanced":true},{"name":"CF_INTEG_URL","type":"url","description":"Cloud Foundry API url for integration env (only define to override default)","advanced":true},{"name":"CF_INTEG_USER","description":"Cloud Foundry API username for integration env (only define to override default)","secret":true},{"name":"CF_INTEG_PASSWORD","description":"Cloud Foundry API password for integration env (only define to override default)","secret":true},{"name":"CF_INTEG_RETIRED_APP_SUFFIX","description":"If set, the app old version is not deleted/overriden but renamed with this suffix","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"CF_STAGING_ORG","description":"Cloud Foundry organization for staging env _(only define if different from global)_"},{"name":"CF_STAGING_SPACE","description":"Cloud Foundry space for staging env","mandatory":true},{"name":"CF_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"CF_STAGING_HOST_NAME","description":"The staging environment host name _(defaults to $CF_BASE_APP_NAME-staging)_","advanced":true},{"name":"CF_STAGING_DOMAIN","description":"The staing environment domain","advanced":true},{"name":"CF_STAGING_ROUTE_PATH","description":"The staging environment route path","advanced":true},{"name":"CF_STAGING_PUSH_ARGS","description":"The staging environment additional cf push arguments","advanced":true},{"name":"CF_STAGING_DOMAIN_TMP","description":"The staging environment domain for the temporary blue-green app","advanced":true},{"name":"CF_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url including scheme (ex: `https://my-application-staging.noprod-cloudfoundry.domain.com`).\n\nDo not use variable inside variable definition as it will result in a two level cascade variable and gitlab does not allow that.","mandatory":true},{"name":"CF_STAGING_ZERODOWNTIME","type":"boolean","description":"Enables zero-downtime deployment on staging env","advanced":true},{"name":"CF_STAGING_URL","type":"url","description":"Cloud Foundry API url for staging env (only define to override default)","advanced":true},{"name":"CF_STAGING_USER","description":"Cloud Foundry API username for staging env (only define to override default)","secret":true},{"name":"CF_STAGING_PASSWORD","description":"Cloud Foundry API password for staging env (only define to override default)","secret":true},{"name":"CF_STAGING_RETIRED_APP_SUFFIX","description":"If set, the app old version is not deleted/overriden but renamed with this suffix","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"CF_PROD_ORG","description":"Cloud Foundry organization for production env _(only define if different from global)_"},{"name":"CF_PROD_SPACE","description":"Cloud Foundry space for production env","mandatory":true},{"name":"CF_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"CF_PROD_HOST_NAME","description":"The production environment host name _(defaults to $CF_BASE_APP_NAME)_","advanced":true},{"name":"CF_PROD_DOMAIN","description":"The production environment domain","advanced":true},{"name":"CF_PROD_ROUTE_PATH","description":"The production environment route path","advanced":true},{"name":"CF_PROD_PUSH_ARGS","description":"The production environment additional cf push arguments","advanced":true},{"name":"CF_PROD_DOMAIN_TMP","description":"The production environment domain for the temporary blue-green app","advanced":true},{"name":"CF_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url including scheme (ex: `https://my-application.cloudfoundry.domain.com`).\n\nDo not use variable inside variable definition as it will result in a two level cascade variable and gitlab does not allow that.","mandatory":true},{"name":"CF_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"CF_PROD_ZERODOWNTIME","type":"boolean","description":"Enables zero-downtime deployment on production env","default":"true","advanced":true},{"name":"CF_PROD_URL","type":"url","description":"Cloud Foundry API url for production env (only define to override default)","advanced":true},{"name":"CF_PROD_USER","description":"Cloud Foundry API username for production env (only define to override default)","secret":true},{"name":"CF_PROD_PASSWORD","description":"Cloud Foundry API password for production env (only define to override default)","secret":true},{"name":"CF_PROD_RETIRED_APP_SUFFIX","description":"If set, the app old version is not deleted/overriden but renamed with this suffix","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-cf-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"4.6.2","tags":["4.6.2","4.6.1","4.6.0","4.6","4.5.0","4.5","4.4.0","4.4","4.3.6","4.3.5","4.3.4","4.3.3","4.3.2","4.3.1","4.3.0","4.3","4.2.0","4.2","4.1.0","4.1","4.0.2","4.0.1","4.0.0","4.0","4","3.1.0","3.1","3.0.0","3.0","3","2.1.1","2.1.0","2.1","2.0.1","2.0.0","2.0","2","1.8.1","1.8.0","1.8","1.7.0","1.7","1.6.4","1.6.3","1.6.2","1.6.1","1.6.0","1.5.1","1.5.0","1.4.4","1.4.3","1.4.2","1.4.1","1.4.0","1.3.0","1.2.1","1.2.0","1.1.0","1.0.1","1.0.0","1"],"name":"cloud-foundry","path":"to-be-continuous/cloud-foundry","web_url":"https://gitlab.com/to-be-continuous/cloud-foundry","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26453989/cloud-foundry.png"}},{"name":"Cloud Native Buildpacks","description":"Transform your application source code into images that can run on any cloud with [Cloud Native Buildpacks](https://buildpacks.io/)","template_path":"templates/gitlab-ci-cnb.yml","kind":"package","prefix":"cnb","is_component":true,"variables":[{"name":"CNB_BUILDER_IMAGE","description":"The CNB builder image used to build your application image\n\n_depending on your needs, [choose the most appropriate one](https://paketo.io/docs/concepts/builders/#what-paketo-builders-are-available)_","default":"registry.hub.docker.com/paketobuildpacks/builder:base"},{"name":"CNB_APP_DIR","description":"Absolute root directory in final image","default":"/workspace","advanced":true},{"name":"CNB_SRC_APP_DIR","description":"Relative path to the application source code base directory in your repository","default":".","advanced":true},{"name":"CNB_PLATFORM_API","description":"The CNB [platform API version](https://github.com/buildpacks/spec/blob/main/platform.md#platform-api-version)","default":"0.9","advanced":true},{"name":"CNB_SNAPSHOT_IMAGE","description":"CNB snapshot image","default":"$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"},{"name":"CNB_RELEASE_IMAGE","description":"CNB release image","default":"$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"}],"features":[{"id":"trivy","name":"Trivy","description":"[Trivy](https://aquasecurity.github.io/trivy) vulnerability analysis","disable_with":"CNB_TRIVY_DISABLED","variables":[{"name":"CNB_TRIVY_IMAGE","description":"The docker image used to scan images with Trivy","default":"registry.hub.docker.com/aquasec/trivy:latest","advanced":true},{"name":"CNB_TRIVY_ARGS","description":"Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)","default":"--ignore-unfixed --vuln-type os --exit-on-eol 1","advanced":true}]},{"id":"publish","name":"Publish","description":"Promotes the snapshot image as the release image using [skopeo](https://github.com/containers/skopeo)","variables":[{"name":"CNB_SKOPEO_IMAGE","description":"The docker image used to publish docker image with Skopeo","default":"quay.io/skopeo/stable:latest"},{"name":"CNB_PUBLISH_ARGS","description":"Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)","advanced":true},{"name":"CNB_PROD_PUBLISH_STRATEGY","description":"Defines the publish to production strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"}]}],"extension_id":null,"project":{"tag":"3.0.0","tags":["3.0.0","3.0","3","2.4.2","2.4.1","2.4.0","2.4","2.3.0","2.3","2.2.1","2.2.0","2.2","2.1.2","2.1.1","2.1.0","2.1","2.0.0","2.0","2","1.0.3","1.0.2","1.0.1","1.0.0","1.0","1"],"name":"cnb","path":"to-be-continuous/cnb","web_url":"https://gitlab.com/to-be-continuous/cnb","avatar":"https://gitlab.com/uploads/-/system/project/avatar/38368181/logo.png"}},{"name":"Cypress","description":"Run your automated (web) tests with [Cypress](https://www.cypress.io/)","template_path":"templates/gitlab-ci-cypress.yml","kind":"acceptance","prefix":"cypress","is_component":true,"variables":[{"name":"CYPRESS_IMAGE","description":"The Docker image used to run Cypress (use [included images](https://github.com/cypress-io/cypress-docker-images/tree/master/included) only).","default":"registry.hub.docker.com/cypress/included:13.13.3"},{"name":"CYPRESS_PROJECT_DIR","description":"The Cypress project directory (containing `cypress.config.js` or `cypress.config.ts`)","default":"."},{"name":"CYPRESS_EXTRA_ARGS","description":"Cypress extra [run options](https://docs.cypress.io/guides/guides/command-line.html#cypress-run) (to select a different browser, configuration or spec files for e.g.)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Cypress tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.8.0","tags":["3.8.0","3.8","3.7.0","3.7","3.6.1","3.6.0","3.6","3.5.0","3.5","3.4.0","3.4","3.3.1","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.0"],"name":"cypress","path":"to-be-continuous/cypress","web_url":"https://gitlab.com/to-be-continuous/cypress","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454216/logo.png"}},{"name":"dbt","description":"Continuously integrate and deploy your data with [dbt](https://www.getdbt.com/)","template_path":"templates/gitlab-ci-dbt.yml","kind":"build","prefix":"dbt","is_component":true,"variables":[{"name":"DBT_IMAGE","description":"The Docker image used to run dbt","default":"ghcr.io/dbt-labs/dbt-core:latest"},{"name":"DBT_PROJECT_DIR","description":"The [dbt_project.yml](https://docs.getdbt.com/reference/dbt_project.yml) dir","default":"."},{"name":"DBT_PROFILES_DIR","description":"The dbt [profile](https://docs.getdbt.com/dbt-cli/configure-your-profile) location","default":"."},{"name":"DBT_ADAPTER","description":"The dbt [adapter](https://docs.getdbt.com/docs/available-adapters) to use ","mandatory":true},{"name":"DBT_TARGET","description":"The dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) to use "},{"name":"DBT_BUILD_ARGS","description":"Arguments used by [dbt cli](https://docs.getdbt.com/reference/global-configs#command-line-flags) ","advanced":true}],"features":[{"id":"dbt-sqlfluff-lint","name":"SQLFluff lint","description":"Lint SQL from dbt project","enable_with":"DBT_SQLFLUFF_ENABLED","variables":[{"name":"DBT_SQLFLUFF_LINT_ARGS","description":"Lint [options and arguments](https://docs.sqlfluff.com/en/stable/reference/cli.html#sqlfluff-lint)","advanced":true},{"name":"SQLFLUFF_WORKING_DIR","description":"Sqlfluff working directory, scope of configuration and sql files used","default":".","advanced":true}]},{"id":"dbt-deploy","name":"dbt deploy","description":"execute generated SQL from models on target","enable_with":"DBT_DEPLOY_ENABLED"},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","variables":[{"name":"DBT_REVIEW_TARGET","description":"dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) for `review` env","mandatory":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"DBT_INTEG_TARGET","description":" dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) for `integration` env","mandatory":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"DBT_STAGING_TARGET","description":"dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) for `staging` env","mandatory":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"DBT_PROD_TARGET","description":"dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) for `production` env ","mandatory":true},{"name":"DBT_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"}]}],"variants":[{"id":"pages","name":"GitLab Pages","description":"Adds a job to publish the generated site to GitLab pages","template_path":"templates/gitlab-ci-dbt-pages.yml"},{"id":"gcp-auth-provider","name":"Google Cloud","description":"Retrieves an [OAuth access token](https://developers.google.com/identity/protocols/oauth2) for [dbt BigQuery setup](https://docs.getdbt.com/reference/warehouse-setups/bigquery-setup)","template_path":"templates/gitlab-ci-dbt-gcp.yml","variables":[{"name":"TBC_GCP_PROVIDER_IMAGE","description":"The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest","advanced":true},{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `production` environment","advanced":true}]}],"extension_id":null,"project":{"tag":"4.1.0","tags":["4.1.0","4.1","4.0.0","4.0","4","3.3.0","3.3","3.2.3","3.2.2","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.1.1","2.1.0","2.1","2.0.0","2.0","2","1.3.0","1.3","1.2.0","1.2","1.1.1","1.1.0","1.1","1.0.1","1.0.0","1.0","1"],"name":"dbt","path":"to-be-continuous/dbt","web_url":"https://gitlab.com/to-be-continuous/dbt","avatar":"https://gitlab.com/uploads/-/system/project/avatar/37018181/logo.png"}},{"name":"DefectDojo","description":"Import security reports into [DefectDojo](https://www.defectdojo.org/)","template_path":"templates/gitlab-ci-defectdojo.yml","kind":"analyse","prefix":"defectdojo","is_component":true,"variables":[{"name":"DEFECTDOJO_BASE_IMAGE","description":"The Docker image used to run import","default":"registry.hub.docker.com/library/node:alpine3.11"},{"name":"DEFECTDOJO_SERVER_URL","description":"URL of DefectDojo server","mandatory":true},{"name":"DEFECTDOJO_API_KEY","description":"Your DefectDojo API v2 key - must be saved as a masked CI/CD variable","secret":true,"mandatory":true},{"name":"DEFECTDOJO_DIR","description":"DefectDojo working directory","default":".","advanced":true},{"name":"DEFECTDOJO_NOPROD_ENABLED","description":"Determines whether security reports produced in non-production branches are uploaded to DefectDojo","type":"boolean"},{"name":"DEFECTDOJO_TIMEZONE","description":"Time zone used for naming imports in DefectDojo","default":"Europe/Paris","advanced":true},{"name":"DEFECTDOJO_SMTP_SERVER","description":"name:port of SMTP server used for notifications - if this value is set, DefectDojo will send an e-mail notification in case of new vulnerabilities","advanced":true},{"name":"DEFECTDOJO_NOTIFICATION_SEVERITIES","description":"List of severities for which you want to be notified - DEFECTDOJO_SMTP_SERVER must be defined if you want to be notified","default":"Critical,High","advanced":true},{"name":"DEFECTDOJO_BANDIT_REPORTS","description":"path to Bandit JSON reports","default":"bandit*.json reports/py-bandit.bandit.json","advanced":true},{"name":"DEFECTDOJO_DC_REPORTS","description":"Path to Dependency Check reports","default":"dependency-check*.xml","advanced":true},{"name":"DEFECTDOJO_DC_GRADLE_REPORTS","description":"Path to Dependency Check reports from Gradle template","default":"dependency-check*.xml","advanced":true},{"name":"DEFECTDOJO_GITLEAKS_REPORTS","description":"Path to Gitleaks reports","default":"gitleaks/gitleaks-report.json reports/gitleaks.native.json","advanced":true},{"name":"DEFECTDOJO_HADOLINT_REPORTS","description":"Path to Hadolint reports","default":"hadolint-json-*.json reports/docker-hadolint-*.native.json","advanced":true},{"name":"DEFECTDOJO_MOBSF_REPORTS","description":"Path to MobSF reports","default":"mobsf*.json","advanced":true},{"name":"DEFECTDOJO_NODEJSSCAN_REPORTS","description":"Path to NodeJSScan reports","default":"nodejsscan-report-sarif.json","advanced":true},{"name":"DEFECTDOJO_NPMAUDIT_REPORTS","description":"Path to NPMAudit reports","default":"npm-audit*.json","advanced":true},{"name":"DEFECTDOJO_TESTSSL_REPORTS","description":"Path to TestSSL reports","default":"reports/testssl.native.csv","advanced":true},{"name":"DEFECTDOJO_TRIVY_REPORTS","description":"Path to Trivy reports","default":"trivy/*.json trivy-*.json reports/docker-trivy-*.native.json reports/py-trivy.trivy.json","advanced":true},{"name":"DEFECTDOJO_ZAP_REPORTS","description":"Path to Zap reports","default":"reports/zap.native.xml","advanced":true},{"name":"ZAP_TPL_PROJECT","description":"Path to Zap template","advanced":true},{"name":"DEFECTDOJO_SEMGREP_REPORTS","description":"Path to Semgrep reports","default":"reports/semgrep.native.json","advanced":true},{"name":"SEMGREP_TEMPLATE","description":"Path to Semgrep template","advanced":true},{"name":"DEFECTDOJO_SONARQUBE_SINCELEAKPERIOD","description":"Determines if delta analysis is activated for SonarQube export","type":"boolean","advanced":true},{"name":"DEFECTDOJO_SONARQUBE_NOSECURITYHOTSPOT","description":"Set this flag to true if SonarQube version does not support security hotspots (v < 7.3)","type":"boolean","default":"true","advanced":true},{"name":"DEFECTDOJO_SONARQUBE_ALLBUGS","description":"In SonarQube, determines if all bugs are exported (true) or only vulnerabilities (false)","type":"boolean","advanced":true}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-defectdojo-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"2.6.5","tags":["2.6.5","2.6.4","2.6.3","2.6.2","2.6.1","2.6.0","2.6","2.5.1","2.5.0","2.5","2.4.1","2.4.0","2.4","2.3.2","2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.1","2.1.0","2.1","2.0.7","2.0.6","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","2.0","2","1.2.0","1.2","1.1.1","1.1.0","1.1","1.0.4","1.0.3","1.0.2","1.0.1","1.0.0","1"],"name":"defectdojo","path":"to-be-continuous/defectdojo","web_url":"https://gitlab.com/to-be-continuous/defectdojo","avatar":"https://gitlab.com/uploads/-/system/project/avatar/31516889/logo.png"}},{"name":"Dependency Track","description":"Identify and reduce risk in your software supply chain with [Dependency Track](https://dependencytrack.org/)","template_path":"templates/gitlab-ci-dependency-track.yml","kind":"analyse","prefix":"deptrack","job_prefix":"dependency-track","is_component":true,"variables":[{"name":"DEPTRACK_SBOM_SCANNER_IMAGE","description":"The container image with [Dependency Track SBOM Scanner](https://gitlab.com/to-be-continuous/tools/dt-sbom-scanner) tool","default":"registry.gitlab.com/to-be-continuous/tools/dt-sbom-scanner:latest","advanced":true},{"name":"DEPTRACK_BASE_API_URL","description":"Dependency Track server base API url (includes `/api`)","mandatory":true,"type":"url"},{"name":"DEPTRACK_API_KEY","description":"Dependency Track API key","secret":true},{"name":"DEPTRACK_PROJECT_PATH","description":"Dependency Track target project path to publish SBOM files to","default":"$CI_PROJECT_NAMESPACE//$CI_PROJECT_PATH-{file_prefix}@$CI_COMMIT_REF_NAME"},{"name":"DEPTRACK_PATH_SEPARATOR","description":"Separator to use in project path","default":"//","advanced":true},{"name":"DEPTRACK_MERGE","description":"Merge all SBOM files into one","type":"boolean","default":"false"},{"name":"DEPTRACK_MERGE_OUTPUT","description":"Output merged SBOM file (only used with merge enabled) - _for debugging purpose_","advanced":true,"default":"reports/deptrack-merged.cyclonedx.json"},{"name":"DEPTRACK_PURL_MAX_LEN","description":"PURLs max length (`-1`: auto, `0`: no trim, `>0`: trim to size - default: `-1`)","type":"number","advanced":true,"default":"-1"},{"name":"DEPTRACK_SBOM_PATTERNS","description":"SBOM file patterns to publish (supports glob patterns)","default":"**/*.cyclonedx.json **/*.cyclonedx.xml","advanced":true},{"name":"DEPTRACK_SHOW_FINDINGS","description":"Wait for analysis and display found vulnerabilities in logs","type":"boolean","default":"false"},{"name":"DEPTRACK_RISK_SCORE_THRESHOLD","description":"Fail the job if risk score threshold is exceeded (`<0`: disabled - default: `-1`)","type":"number","default":"-1"}],"features":[{"id":"quality-gate","name":"Quality Gate","description":"Enable a job at acceptance stage which will block the pipeline when failing","enable_with":"DEPTRACK_QUALITY_GATE_ENABLED","variables":[{"name":"DEPTRACK_QUALITY_GATE_BASE_API_URL","description":"Override Dependency Track server base API url (includes `/api`) to use for acceptance stage","type":"url"},{"name":"DEPTRACK_QUALITY_GATE_API_KEY","description":"Override Dependency Track API key to use for acceptance stage","secret":true},{"name":"DEPTRACK_QUALITY_GATE_PROJECT_PATH","description":"Override Dependency Track target project path to publish SBOM files to during acceptance stage"},{"name":"DEPTRACK_QUALITY_GATE_MERGE","description":"Merge all SBOM files into one during acceptance stage","advanced":true},{"name":"DEPTRACK_QUALITY_GATE_SHOW_FINDINGS","description":"Wait for analysis and display found vulnerabilities in logs during acceptance stage","advanced":true},{"name":"DEPTRACK_QUALITY_GATE_RISK_SCORE_THRESHOLD","description":"Fail the acceptance job if risk score threshold is exceeded (`<0`: disabled - default: `-1`)","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-dependency-track-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"1.5.1","tags":["1.5.1","1.5.0","1.5","1.4.0","1.4","1.3.0","1.3","1.2.0","1.2","1.1.0","1.1","1.0.0","1.0","1"],"name":"dependency-track","path":"to-be-continuous/dependency-track","web_url":"https://gitlab.com/to-be-continuous/dependency-track","avatar":"https://gitlab.com/uploads/-/system/project/avatar/56360582/dependency-track.png"}},{"name":"Docker Compose","description":"Deploy your application with [Docker Compose](https://docs.docker.com/compose/)","template_path":"templates/gitlab-ci-docker-compose.yml","kind":"hosting","prefix":"dcmp","job_prefix":"compose","is_component":true,"variables":[{"name":"DCMP_IMAGE","description":"The Docker image used to run Docker Compose CLI commands - **set the version required by your Docker Compose cluster**","default":"registry.hub.docker.com/library/docker:latest"},{"name":"DCMP_CMD","description":"The docker compose or stack command (empty means _auto_)","values":["","docker compose","docker-compose","docker stack"],"advanced":true},{"name":"DCMP_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"DCMP_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.dcmp.acme.com`)_"},{"name":"DCMP_SCRIPTS_DIR","description":"Directory where Compose files, dotenv files and hook scripts are located","default":".","advanced":true},{"name":"DCMP_UP_OPTS","description":"[`compose up` options](https://docs.docker.com/reference/cli/docker/compose/up/#options) (only when using Docker Compose)","default":"--no-build --remove-orphans --wait --wait-timeout 180"},{"name":"DCMP_DOWN_OPTS","description":"[`compose down` options](https://docs.docker.com/reference/cli/docker/compose/down/#options) (only when using Docker Compose)","default":"--volumes --remove-orphans --rmi all"},{"name":"DCMP_STACK_DEPLOY_OPTS","description":"[`stack deploy` options](https://docs.docker.com/reference/cli/docker/stack/deploy/) (only when using Docker Stack)","default":"--prune"},{"name":"DCMP_SSH_PRIVATE_KEY","description":"Default SSH key to use when connecting to Docker hosts over SSH (can be overridden per env)","secret":true},{"name":"DCMP_SSH_KNOWN_HOSTS","description":"SSH `known_hosts` (file or text variable)"}],"features":[{"id":"config","name":"Compose Config","description":"Runs [`compose config`](https://docs.docker.com/reference/cli/docker/compose/config/) to detect errors in your Compose file(s)","disable_with":"DCMP_CONFIG_DISABLED","variables":[{"name":"DCMP_CONFIG_OPTS","description":"[`compose config` options](https://docs.docker.com/reference/cli/docker/compose/config/#options)","default":"--quiet","advanced":true},{"name":"DCMP_STACK_CONFIG_OPTS","description":"[`stack config` options](https://docs.docker.com/reference/cli/docker/stack/config/)","advanced":true},{"name":"DCMP_STACK_CONFIG_SILENT","description":"Silences standard output of `stack config` command","type":"boolean","default":"true","advanced":true}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","variables":[{"name":"DCMP_REVIEW_DOCKER_HOST","description":"Docker Host for `review` env (ex: `ssh://docker@docker-host-for-review:2375`)","mandatory":true},{"name":"DCMP_REVIEW_SSH_PRIVATE_KEY","description":"`review` env specific SSH key to use when connecting to Docker Host over SSH","secret":true},{"name":"DCMP_REVIEW_APP_NAME","description":"The application name for `review` env (only define to override default)","advanced":true},{"name":"DCMP_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"DCMP_REVIEW_ENVIRONMENT_URL","type":"url","description":"The `review` environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"DCMP_INTEG_DOCKER_HOST","description":"Docker Host for `integration` env (ex: `ssh://docker@docker-host-for-integ:2375`)","mandatory":true},{"name":"DCMP_INTEG_SSH_PRIVATE_KEY","description":"`integration` env specific SSH key to use when connecting to Docker Host over SSH","secret":true},{"name":"DCMP_INTEG_APP_NAME","description":"The application name for `integration` env (only define to override default)","advanced":true},{"name":"DCMP_INTEG_ENVIRONMENT_URL","type":"url","description":"The `integration` environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"DCMP_STAGING_DOCKER_HOST","description":"Docker Host for `staging` env (ex: `ssh://docker@docker-host-for-staging:2375`)","mandatory":true},{"name":"DCMP_STAGING_SSH_PRIVATE_KEY","description":"`staging` env specific SSH key to use when connecting to Docker Host over SSH","secret":true},{"name":"DCMP_STAGING_APP_NAME","description":"The application name for `staging` env (only define to override default)","advanced":true},{"name":"DCMP_STAGING_ENVIRONMENT_URL","type":"url","description":"The `staging` environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"DCMP_PROD_DOCKER_HOST","description":"Docker Host for `production` env (ex: `ssh://docker@docker-host-for-prod:2375`)","mandatory":true},{"name":"DCMP_PROD_SSH_PRIVATE_KEY","description":"`production` env specific SSH key to use when connecting to Docker Host over SSH","secret":true},{"name":"DCMP_PROD_APP_NAME","description":"The application name for `production` env (only define to override default)","advanced":true},{"name":"DCMP_PROD_ENVIRONMENT_URL","type":"url","description":"The `production` environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"DCMP_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to `production` strategy.","type":"enum","values":["manual","auto"],"default":"manual"}]}],"extension_id":null,"project":{"tag":"1.0.2","tags":["1.0.2","1.0.1","1.0.0","1.0","1"],"name":"docker-compose","path":"to-be-continuous/docker-compose","web_url":"https://gitlab.com/to-be-continuous/docker-compose","avatar":"https://gitlab.com/uploads/-/system/project/avatar/55380145/logo.png"}},{"name":"Docker","description":"Build, check and inspect your containers with [Docker](https://www.docker.com/)","template_path":"templates/gitlab-ci-docker.yml","kind":"package","prefix":"docker","is_component":true,"variables":[{"name":"DOCKER_BUILD_TOOL","type":"enum","values":["kaniko","buildah","dind"],"description":"The build tool to use for building container image","default":"kaniko"},{"name":"DOCKER_KANIKO_IMAGE","description":"The image used to run kaniko\n\n_for kaniko build only_","default":"gcr.io/kaniko-project/executor:debug"},{"name":"DOCKER_BUILDAH_IMAGE","description":"The image used to run buildah\n\n_for buildah build only_","default":"quay.io/buildah/stable:latest"},{"name":"DOCKER_IMAGE","description":"The image used to run the docker client\n\n_for Docker-in-Docker(dind) build only_","default":"registry.hub.docker.com/library/docker:latest"},{"name":"DOCKER_DIND_IMAGE","description":"The image used to run the Docker daemon\n\n_for Docker-in-Docker(dind) build only_","default":"registry.hub.docker.com/library/docker:dind"},{"name":"DOCKER_SKOPEO_IMAGE","description":"The image used to publish docker image with Skopeo","default":"quay.io/skopeo/stable:latest"},{"name":"DOCKER_FILE","description":"The path to your `Dockerfile`","default":"Dockerfile"},{"name":"DOCKER_CONTEXT_PATH","description":"The Docker [context path](https://docs.docker.com/engine/reference/commandline/build/#build-with-path) (working directory) - _only set if you want a context path different from the Dockerfile location_","advanced":true},{"name":"DOCKER_CONFIG_FILE","description":"Path to the [Docker configuration file](https://docs.docker.com/engine/reference/commandline/cli/#sample-configuration-file) (JSON)","default":".docker/config.json","advanced":true},{"name":"DOCKER_SNAPSHOT_IMAGE","description":"Docker snapshot image","default":"$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"},{"name":"DOCKER_RELEASE_IMAGE","description":"Docker release image","default":"$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"},{"name":"DOCKER_RELEASE_EXTRA_TAGS_PATTERN","description":"Defines the image tag pattern that `$DOCKER_RELEASE_IMAGE` should match to push extra tags (supports capturing groups)\n\nDefaults to [SemVer](https://semver.org/) pattern.","default":"^v?(?P<major>[0-9]+)\\.(?P<minor>[0-9]+)\\.(?P<patch>[0-9]+)(?P<suffix>(?P<prerelease>-[0-9A-Za-z-\\.]+)?(?P<build>\\+[0-9A-Za-z-\\.]+)?)$","advanced":true},{"name":"DOCKER_RELEASE_EXTRA_TAGS","description":"Defines extra tags to publish the _release_ image\n\nSupports capturing group references from `$DOCKER_RELEASE_EXTRA_TAGS_PATTERN` (ex: `latest \\g<major>.\\g<minor> \\g<major>`)","advanced":true},{"name":"DOCKER_BUILD_ARGS","description":"Additional docker/kaniko/buildah build arguments.\n\n_If values contain spaces, ensure any required quote are correctly escaped when needed (not supported for Kaniko)_"},{"name":"DOCKER_METADATA","description":"Additional metadata to set as labels.\n\nIf values contain spaces, ensure any required quote are correctly escaped when needed (not supported for Kaniko)_","default":"--label \"org.opencontainers.image.url=${CI_PROJECT_URL}\" --label \"org.opencontainers.image.source=${CI_PROJECT_URL}\" --label \"org.opencontainers.image.title=${CI_PROJECT_PATH}\" --label \"org.opencontainers.image.ref.name=${CI_COMMIT_REF_NAME}\" --label \"org.opencontainers.image.revision=${CI_COMMIT_SHA}\" --label \"org.opencontainers.image.created=${CI_JOB_STARTED_AT}\"","advanced":true},{"name":"DOCKER_PUBLISH_ARGS","description":"Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)"},{"name":"DOCKER_PROD_PUBLISH_STRATEGY","description":"Defines the publish to production strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"},{"name":"DOCKER_SEMREL_RELEASE_DISABLED","description":"Disable integration with the [semantic release template](https://gitlab.com/to-be-continuous/semantic-release/)","type":"boolean"},{"name":"DOCKER_REGISTRY_MIRROR","description":"URL of a Docker registry mirror to use instead of default `https://index.docker.io`\n\n_Used by `kaniko` and `dind` builds only_"},{"name":"CONTAINER_REGISTRIES_CONFIG_FILE","description":"The [registries.conf](https://www.redhat.com/sysadmin/manage-container-registries) configuration to be used\n\n_Used by the `buildah` build only_","advanced":true},{"name":"KANIKO_SNAPSHOT_IMAGE_CACHE","description":"Snapshot image repository that will be used to store cached layers (leave empty to use default: snapshot image repository + `/cache`)\n\n_Used by the `kaniko` build only_","advanced":true},{"name":"DOCKER_BUILD_CACHE_DISABLED","description":"Set to `true` to disable the build cache.","type":"boolean","advanced":true},{"name":"DOCKER_PUSH_ARGS","description":"Additional docker/buildah `push` arguments (executed right after `build`).\n\nEx: `--compression-format zstd --compression-level 20`","advanced":true}],"features":[{"id":"hadolint","name":"Hadolint","description":"This job performs a [Lint](https://github.com/hadolint/hadolint) on your `Dockerfile`.","disable_with":"DOCKER_HADOLINT_DISABLED","variables":[{"name":"DOCKER_HADOLINT_IMAGE","description":"The docker image to lint your Dockerfile with Hadolint","default":"registry.hub.docker.com/hadolint/hadolint:latest-alpine"},{"name":"DOCKER_HADOLINT_ARGS","description":"Additional `hadolint` arguments","advanced":true}]},{"id":"healthcheck","name":"Health Check","description":"[Health Check](https://docs.docker.com/engine/reference/builder/#healthcheck) image analysis","disable_with":"DOCKER_HEALTHCHECK_DISABLED","variables":[{"name":"DOCKER_HEALTHCHECK_TIMEOUT","type":"number","description":"When testing an image, how long (in seconds) wait for the HealthCheck status","default":"60","advanced":true},{"name":"DOCKER_HEALTHCHECK_OPTIONS","description":"Docker options for health check such as port mapping, environment...","advanced":true},{"name":"DOCKER_HEALTHCHECK_CONTAINER_ARGS","description":"Arguments sent to the running container for health check","advanced":true}]},{"id":"trivy","name":"Trivy","description":"[Trivy](https://aquasecurity.github.io/trivy) vulnerability analysis","disable_with":"DOCKER_TRIVY_DISABLED","variables":[{"name":"DOCKER_TRIVY_IMAGE","description":"The docker image used to scan images with Trivy","default":"registry.hub.docker.com/aquasec/trivy:latest","advanced":true},{"name":"DOCKER_TRIVY_ARGS","description":"Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)","default":"--ignore-unfixed --pkg-types os --exit-on-eol 1 --detection-priority comprehensive","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [syft](https://github.com/anchore/syft)","disable_with":"DOCKER_SBOM_DISABLED","variables":[{"name":"DOCKER_SBOM_IMAGE","default":"registry.hub.docker.com/anchore/syft:debug"},{"name":"DOCKER_SBOM_OPTS","description":"Options for syft used for SBOM analysis","default":"--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-docker-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp","name":"Google Cloud","description":"Retrieves a registry authentication for the Google Cloud's [Artifact Registry](https://cloud.google.com/artifact-registry)","template_path":"templates/gitlab-ci-docker-gcp.yml","variables":[{"name":"TBC_GCP_PROVIDER_IMAGE","description":"The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest","advanced":true},{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)"},{"name":"GCP_SNAPSHOT_OIDC_ACCOUNT","description":"Service Account to use to push the snapshot image _(only define to override default)_","advanced":true},{"name":"GCP_SNAPSHOT_OIDC_PROVIDER","description":"Workload Identity Provider to push the snapshot image _(only define to override default)_","advanced":true},{"name":"GCP_RELEASE_OIDC_ACCOUNT","description":"Service Account to use to push the release image _(only define to override default)_","advanced":true},{"name":"GCP_RELEASE_OIDC_PROVIDER","description":"Workload Identity Provider to push the release image _(only define to override default)_","advanced":true}]},{"id":"ecr","name":"Amazon ECR","description":"Retrieves a registry authentication for the Amazon's [Elastic Container Registry](https://docs.aws.amazon.com/ecr/)","template_path":"templates/gitlab-ci-docker-ecr.yml","variables":[{"name":"TBC_AWS_PROVIDER_IMAGE","description":"The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest","advanced":true},{"name":"AWS_REGION","description":"Default region (where the ECR registry is located)"},{"name":"AWS_SNAPSHOT_REGION","description":"Region of the ECR registry for the snapshot image _(only define to override default)_","advanced":true},{"name":"AWS_RELEASE_REGION","description":"Region of the ECR registry for the release image _(only define to override default)_","advanced":true},{"name":"AWS_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"AWS_OIDC_ROLE_ARN","description":"Default IAM Role ARN associated with GitLab _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_"},{"name":"AWS_SNAPSHOT_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab for the snapshot image _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/) and if different from default)_","advanced":true},{"name":"AWS_RELEASE_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab for the release image _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/) and if different from default)_","advanced":true},{"name":"AWS_ACCESS_KEY_ID","description":"Default access key ID (only required for basic authentication)","secret":true,"advanced":true},{"name":"AWS_SECRET_ACCESS_KEY","description":"Default secret access key (only required for basic authentication)","secret":true,"advanced":true},{"name":"AWS_SNAPSHOT_ACCESS_KEY_ID","description":"Access key ID for the snapshot image (only required for basic authentication and if different from default)","secret":true,"advanced":true},{"name":"AWS_SNAPSHOT_SECRET_ACCESS_KEY","description":"Secret access key for the snapshot image (only required for basic authentication and if different from default)","secret":true,"advanced":true},{"name":"AWS_RELEASE_ACCESS_KEY_ID","description":"Access key ID for the release image (only required for basic authentication and if different from default)","secret":true,"advanced":true},{"name":"AWS_RELEASE_SECRET_ACCESS_KEY","description":"Secret access key for the release image (only required for basic authentication and if different from default)","secret":true,"advanced":true}]}],"extension_id":null,"project":{"tag":"6.0.0","tags":["6.0.0","6.0","6","5.14.1","5.14.0","5.14","5.13.3","5.13.2","5.13.1","5.13.0","5.13","5.12.1","5.12.0","5.12","5.11.1","5.11.0","5.11","5.10.3","5.10.2","5.10.1","5.10.0","5.10","5.9.1","5.9.0","5.9","5.8.2","5.8.1","5.8.0","5.8","5.7.1","5.7.0","5.7","5.6.1","5.6.0","5.6","5.5.6","5.5.5","5.5.4","5.5.3","5.5.2","5.5.1","5.5.0","5.5","5.4.1","5.4.0","5.4","5.3.1","5.3.0","5.3","5.2.2","5.2.1","5.2.0","5.2","5.1.0","5.1","5.0.3","5.0.2","5.0.1","5.0.0","5.0","5","4.0.0","4.0","4","3.6.0","3.6","3.5.3","3.5.2","3.5.1","3.5.0","3.5","3.4.0","3.4","3.3.0","3.3","3.2.2","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.7.1","2.7.0","2.7","2.6.0","2.6","2.5.0","2.5","2.4.0","2.4","2.3.3","2.3.2","2.3.1","2.3.0","2.3","2"],"name":"docker","path":"to-be-continuous/docker","web_url":"https://gitlab.com/to-be-continuous/docker","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26450930/logo.png"}},{"name":"Google Cloud","description":"Deploy your application to the [Google Cloud](https://cloud.google.com/) platform","template_path":"templates/gitlab-ci-gcloud.yml","kind":"hosting","prefix":"gcp","is_component":true,"variables":[{"name":"GCP_CLI_IMAGE","description":"The Docker image used to run Google Cloud CLI commands","default":"gcr.io/google.com/cloudsdktool/cloud-sdk:latest"},{"name":"GCP_KEY_FILE","description":"Global Service Account key file","secret":true,"mandatory":true},{"name":"GCP_WORKLOAD_IDENTITY_PROVIDER","description":"Default [Workload Identity Provider](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) associated with GitLab to authenticate\n\n(has format `projects/PROJECT_NUMBER/locations/global/workloadIdentityPools/POOL_ID/providers/PROVIDER_ID`)","advanced":true},{"name":"GCP_SERVICE_ACCOUNT","description":"Default Service Account to which impersonate with WIF authentication","advanced":true},{"name":"GCP_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"GCP_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.gcloud.acme.com`)_"},{"name":"GCP_SCRIPTS_DIR","description":"Directory where Google Cloud scripts (deploy & cleanup) are located","default":".","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","variables":[{"name":"GCP_REVIEW_PROJECT","description":"Google Cloud project ID for review env","mandatory":true},{"name":"GCP_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"GCP_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"GCP_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"GCP_REVIEW_KEY_FILE","description":"Service Account key file to authenticate on review env (only define to override default)","secret":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"GCP_INTEG_PROJECT","description":"Google Cloud project ID for integration env","mandatory":true},{"name":"GCP_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"GCP_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"GCP_INTEG_KEY_FILE","description":"Service Account key file to authenticate on integration env (only define to override default)","secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"GCP_STAGING_PROJECT","description":"Google Cloud project ID for staging env","mandatory":true},{"name":"GCP_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"GCP_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"GCP_STAGING_KEY_FILE","description":"Service Account key file to authenticate on staging env (only define to override default)","secret":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"GCP_PROD_PROJECT","description":"Google Cloud project ID for production env","mandatory":true},{"name":"GCP_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"GCP_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"GCP_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"GCP_PROD_KEY_FILE","description":"Service Account key file to authenticate on production env (only define to override default)","secret":true}]}],"variants":[{"id":"oidc","name":"OpenID Connect","description":"Enables [federated authentication using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)","template_path":"templates/gitlab-ci-gcloud-oidc.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"GCP_OIDC_PROVIDER","description":"Global Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Global Service Account to which impersonate with OpenID Connect authentication","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `review` environment\n\n_(only define to override default)_","advanced":true},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `integration` environment\n\n_(only define to override default)_","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `staging` environment\n\n_(only define to override default)_","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `production` environment\n\n_(only define to override default)_","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true}]},{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-gcloud-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"5.2.3","tags":["5.2.3","5.2.2","5.2.1","5.2.0","5.2","5.1.0","5.1","5.0.2","5.0.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.3.2","2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.1","2.1.0","2.1","2.0.0","2.0","2","1.8.0","1.8","1.7.0","1.7","1.6.2","1.6.1","1.6.0","1.5.2","1.5.1","1.5.0","1.4.1","1.4.0","1.3.0","1.2.0","1.1.0","1.0.0","1"],"name":"gcloud","path":"to-be-continuous/gcloud","web_url":"https://gitlab.com/to-be-continuous/gcloud","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454217/logo.png"}},{"name":"GitLab Butler","description":"Automate cleaning your projects with [GitLab Butler](https://gitlab.com/to-be-continuous/tools/gitlab-butler)","template_path":"templates/gitlab-ci-butler.yml","kind":"misc","prefix":"butler","is_component":true,"variables":[{"name":"BUTLER_IMAGE","description":"The Docker image used to run GitLab Butler","default":"registry.gitlab.com/to-be-continuous/tools/gitlab-butler:latest","advanced":true},{"name":"BUTLER_TOKEN","description":"A GitLab access token to allow GitLab Butler crawl your projects","secret":true},{"name":"BUTLER_GROUP_PATH","description":"GitLab group to process","default":"$CI_PROJECT_NAMESPACE"},{"name":"BUTLER_PIPELINES_DELETE_OLDER_THAN","description":"The max age (in days) after which pipelines are deleted","default":"90"}],"extension_id":null,"project":{"tag":"1.1.0","tags":["1.1.0","1.1","1.0.0","1.0","1"],"name":"gitlab-butler","path":"to-be-continuous/gitlab-butler","web_url":"https://gitlab.com/to-be-continuous/gitlab-butler","avatar":"https://gitlab.com/uploads/-/system/project/avatar/61952173/logo.png"}},{"name":"GitLab Package","description":"Publish artifacts to GitLab's [Generic Package Registry](https://docs.gitlab.com/ee/user/packages/generic_packages/)","template_path":"templates/gitlab-ci-gitlab-package.yml","kind":"build","prefix":"glpkg","is_component":true,"variables":[{"name":"GLPKG_IMAGE","description":"The Docker image used to publish packages","default":"registry.hub.docker.com/curlimages/curl:latest","advanced":true},{"name":"GLPKG_FILES","description":"Glob patterns matching files to include in the GitLab package (:warning: does not support double star)","mandatory":true},{"name":"GLPKG_PACKAGE","description":"Name of the package to publish","default":"$CI_PROJECT_NAME"}],"extension_id":null,"project":{"tag":"1.2.2","tags":["1.2.2","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.0","1"],"name":"gitlab-package","path":"to-be-continuous/gitlab-package","web_url":"https://gitlab.com/to-be-continuous/gitlab-package","avatar":"https://gitlab.com/uploads/-/system/project/avatar/47461614/logo.png"}},{"name":"Gitleaks","description":"Detect and prevent hardcoded secrets in your Git repository with [Gitleaks](https://github.com/zricethezav/gitleaks/wiki)","template_path":"templates/gitlab-ci-gitleaks.yml","kind":"analyse","prefix":"gitleaks","is_component":true,"variables":[{"name":"GITLEAKS_IMAGE","description":"The Docker image used to run Gitleaks","default":"registry.hub.docker.com/zricethezav/gitleaks:latest"},{"name":"GITLEAKS_RULES","description":"Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks/wiki/Configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project).","advanced":true},{"name":"GITLEAKS_ARGS","description":"[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches)","default":"--verbose --redact","advanced":true}],"extension_id":null,"project":{"tag":"2.6.1","tags":["2.6.1","2.6.0","2.6","2.5.2","2.5.1","2.5.0","2.5","2.4.1","2.4.0","2.4","2.3.0","2.3","2.2.3","2.2.2","2.2.1","2.2.0","2.2","2.1.1","2.1.0","2.1","2.0.0","2.0","2","1.3.0","1.3","1.2.5","1.2.4","1.2.3","1.2.2","1.2.1","1.2.0","1.1.1","1.1.0","1.0.0","1"],"name":"gitleaks","path":"to-be-continuous/gitleaks","web_url":"https://gitlab.com/to-be-continuous/gitleaks","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454220/logo.png"}},{"name":"Go","description":"Build, test and analyse your [Go](https://golang.org/) projects","template_path":"templates/gitlab-ci-golang.yml","kind":"build","prefix":"go","is_component":true,"variables":[{"name":"GO_IMAGE","description":"The Docker image used to run Go (build+test or build only) - **set the version required by your project**","default":"registry.hub.docker.com/library/golang:bookworm"},{"name":"GO_PROJECT_DIR","description":"Go project root directory","default":".","advanced":true},{"name":"GOPROXY","description":"URL of Go module proxy (see [Go env](https://golang.org/cmd/go/#hdr-Environment_variables))","advanced":true},{"name":"GO_TEST_IMAGE","description":"Specific Docker image used to run Go tests (as a separate job)","advanced":true},{"name":"GO_BUILD_FLAGS","description":"Flags used by the [go build command](https://pkg.go.dev/cmd/go#hdr-Compile_packages_and_dependencies)","default":"-mod=readonly","advanced":true},{"name":"GO_BUILD_MODE","description":"The template build mode (accepted values are `application`, `modules` and `auto`)","type":"enum","values":["auto","application","modules"],"default":"auto","advanced":true},{"name":"GO_BUILD_LINKER_FLAGS","description":"Linker flags used by the [go build command](https://pkg.go.dev/cmd/go#hdr-Compile_packages_and_dependencies) `-ldflags`","default":"-s -w","advanced":true},{"name":"GO_BUILD_PACKAGES","description":"Packages to build with the [go build command](https://pkg.go.dev/cmd/go#hdr-Compile_packages_and_dependencies)","default":"./..."},{"name":"GO_TARGET_OS","description":"The `$GOOS` target [see available values](https://gist.github.com/asukakenji/f15ba7e588ac42795f421b48b8aede63)\n\nFallbacks to default `$GOOS` from the Go Docker image","advanced":true},{"name":"GO_TARGET_ARCH","description":"The `$GOARCH` target [see available values](https://gist.github.com/asukakenji/f15ba7e588ac42795f421b48b8aede63)\n\nFallbacks to default `$GOARCH` from the Go Docker image","advanced":true},{"name":"GO_TEST_FLAGS","description":"Flags used by the [go test command](https://pkg.go.dev/cmd/go#hdr-Test_packages)","default":"-mod=readonly -v -race","advanced":true},{"name":"GO_TEST_PACKAGES","description":"Packages to test with the [go test command](https://pkg.go.dev/cmd/go#hdr-Test_packages)","default":"./..."},{"name":"GO_LIST_ARGS","description":"Arguments used by the list command","default":"list -u -m -mod=readonly -json all","advanced":true},{"name":"GO_COBERTURA_FLAGS","description":"Build flags to add to use gocover-cobertura, leave blank if not needed","advanced":true}],"features":[{"id":"generate","name":"go generate","description":"generate code with [go generate](https://go.dev/blog/generate)","variables":[{"name":"GO_GENERATE_MODULES","description":"Space separated list of Go code generator modules (ex: `stringer mockery`)","mandatory":true}]},{"id":"golangci-lint","name":"GolangCI-Lint","description":"[GolangCI-Lint](https://github.com/golangci/golangci-lint) analysis","disable_with":"GO_CI_LINT_DISABLED","variables":[{"name":"GO_CI_LINT_IMAGE","description":"The Docker image used to run `golangci-lint`","default":"registry.hub.docker.com/golangci/golangci-lint:latest-alpine"},{"name":"GO_CI_LINT_ARGS","description":"`golangci-lint` [command line arguments](https://github.com/golangci/golangci-lint#command-line-options)","default":"-E gosec,goimports ./...","advanced":true}]},{"id":"go-mod-outdated","name":"Go-mod-outdated","description":"[Go-mod-outdated](https://github.com/psampaz/go-mod-outdated) analysis","variables":[{"name":"GO_MOD_OUTDATED_ARGS","description":"`god-mod-outdated` [command line arguments](https://github.com/psampaz/go-mod-outdated#usage","default":"-update -direct","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [cyclonedx-gomod](https://github.com/CycloneDX/cyclonedx-gomod)","disable_with":"GO_SBOM_DISABLED","variables":[{"name":"GO_SBOM_IMAGE","default":"registry.hub.docker.com/cyclonedx/cyclonedx-gomod:latest"},{"name":"GO_SBOM_OPTS","description":"[@cyclonedx/cyclonedx-gomod options](https://github.com/CycloneDX/cyclonedx-gomod#usage) used for SBOM analysis","default":"-main .","advanced":true}]},{"id":"go-semgrep","name":"Semgrep","description":"[Semgrep](https://semgrep.dev/docs/) analysis","disable_with":"GO_SEMGREP_DISABLED","variables":[{"name":"GO_SEMGREP_IMAGE","description":"The Docker image used to run [Semgrep](https://semgrep.dev/docs/)","default":"registry.hub.docker.com/semgrep/semgrep:latest"},{"name":"GO_SEMGREP_ARGS","description":"Semgrep [scan options](https://semgrep.dev/docs/cli-reference#semgrep-scan-command-options)","default":"--metrics off --disable-version-check"},{"name":"GO_SEMGREP_RULES","description":"Space-separated list of [Semgrep rules](https://semgrep.dev/docs/running-rules).\n\nCan be both local YAML files or remote rules from the [Semgrep Registry](https://semgrep.dev/explore) (denoted by the `p/` prefix)","default":"p/golang p/gosec"},{"name":"GO_SEMGREP_DOWNLOAD_RULES_ENABLED","description":"Download Semgrep remote rules","type":"boolean","default":"true"}]},{"id":"govulncheck","name":"Govulncheck","description":"Vulnerability Management with [Govulncheck](https://go.dev/blog/vuln)","disable_with":"GO_VULNCHECK_DISABLED","variables":[{"name":"GO_VULNCHECK_ARGS","description":"`govulncheck` [command line arguments](https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck#hdr-Flags)","default":"./...","advanced":true}]}],"extension_id":null,"project":{"tag":"4.11.1","tags":["4.11.1","4.11.0","4.11","4.10.0","4.10","4.9.2","4.9.1","4.9.0","4.9","4.8.3","4.8.2","4.8.1","4.8.0","4.8","4.7.0","4.7","4.6.1","4.6.0","4.6","4.5.1","4.5.0","4.5","4.4.0","4.4","4.3.0","4.3","4.2.0","4.2","4.1.2","4.1.1","4.1.0","4.1","4.0.2","4.0.1","4.0.0","4.0","4","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.3.0","2.3","2.2.0","2.2","2.1.3","2.1.2","2.1.1","2.1.0","2.0.3","2.0.2","2.0.1","2.0.0","2","1.3.0","1.2.2","1.2.1","1.2.0","1.1.0","1.0.0"],"name":"golang","path":"to-be-continuous/golang","web_url":"https://gitlab.com/to-be-continuous/golang","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454222/logo.png"}},{"name":"Gradle","description":"Build, test and analyse your [Gradle](https://gradle.org/)-based projects","template_path":"templates/gitlab-ci-gradle.yml","kind":"build","prefix":"gradle","is_component":true,"variables":[{"name":"GRADLE_IMAGE","description":"The Docker image used to run Gradle - **set the version required by your project**","default":"registry.hub.docker.com/library/gradle:latest"},{"name":"GRADLE_CLI_OPTS","description":"Additional Gradle options used on the command line","advanced":true},{"name":"GRADLE_CLI_BIN","description":"The location of the gradle binary. If you prefer using a [gradle wrapper](https://docs.gradle.org/current/userguide/gradle_wrapper.html) you should override this (for e.g. `gradlew`)","default":"gradle","advanced":true},{"name":"GRADLE_USER_HOME","description":"The gradle user home","default":"$CI_PROJECT_DIR/.gradle","advanced":true},{"name":"GRADLE_DAEMON","description":"Whether to use or not gradle daemon","default":"false","advanced":true},{"name":"GRADLE_BUILD_ARGS","description":"Gradle arguments for the build & test job","default":"build","advanced":true},{"name":"GRADLE_PROJECT_DIR","description":"Gradle project root directory","default":".","advanced":true},{"name":"JACOCO_CSV_REPORT","description":"Name of code coverage report","default":"jacocoTestReport.csv","advanced":true}],"features":[{"id":"sonar","name":"SONAR","description":"Code quality and security analysis with [SONARQube](https://www.sonarqube.org/)","variables":[{"name":"SONAR_HOST_URL","type":"url","description":"SonarQube server url","mandatory":true},{"name":"SONAR_TOKEN","description":"SonarQube authentication token (see https://docs.sonarsource.com/sonarqube-server/latest/user-guide/managing-tokens/)","secret":true},{"name":"SONAR_BASE_ARGS","description":"SonarQube [analysis arguments](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/analysis-parameters/)","default":"sonar -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues","advanced":true},{"name":"SONAR_QUALITY_GATE_ENABLED","description":"Enables SonarQube [Quality Gate](https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/quality-gates/) verification.\n\n_Uses `sonar.qualitygate.wait` parameter ([see doc](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/ci-integration/overview/#quality-gate-fails))._","type":"boolean"}]},{"id":"dependency-check","name":"Dependency Check","description":"Runs a Gradle dependency check","disable_with":"GRADLE_DEPENDENCY_CHECK_DISABLED","variables":[{"name":"GRADLE_DEPENDENCY_CHECK_TASK","description":"The dependency-check task that is invoked","default":"dependencyCheckAnalyze","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [cyclonedx-gradle-plugin](https://github.com/CycloneDX/cyclonedx-gradle-plugin)","disable_with":"GRADLE_SBOM_DISABLED","variables":[{"name":"GRADLE_SBOM_VERSION","description":"Version of the `cyclonedx-gradle-plugin` used for SBOM analysis.\n\n_When unset, the latest version will be used_"},{"name":"GRADLE_MAVEN_PLUGIN_URL","description":"Maven Repository that is used to download the `cyclonedx-gradle-plugin`. No trailing slash.","default":"https://plugins.gradle.org/m2"}]},{"id":"publish","name":"Publish (snapshot & release)","description":"Enable publishing to an artifacts repository","disable_with":"GRADLE_NO_PUBLISH","variables":[{"name":"GRADLE_PUBLISH_ARGS","description":"The publish task that is invoked","default":"publish","advanced":true},{"name":"GRADLE_PUBLISH_VERSION","description":"The value is propagated as gradle properties named `version`.\n\nIt should be used in your publish task","default":"${CI_COMMIT_REF_SLUG}-SNAPSHOT","advanced":true}]}],"extension_id":null,"project":{"tag":"2.8.0","tags":["2.8.0","2.8","2.7.2","2.7.1","2.7.0","2.7","2.6.3","2.6.2","2.6.1","2.6.0","2.6","2.5.0","2.5","2.4.2","2.4.1","2.4.0","2.4","2.3.0","2.3","2.2.2","2.2.1","2.2.0","2.2","2.1.0","2.1","2.0.0","2.0","2","1.4.0","1.4","1.3.1","1.3.0","1.2.1","1.2.0","1.1.0","1.0.0","1"],"name":"gradle","path":"to-be-continuous/gradle","web_url":"https://gitlab.com/to-be-continuous/gradle","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454226/logo.png"}},{"name":"Helm","description":"Build your Helm Charts and/or deploy your application to a Kubernetes platform using [Helm](https://helm.sh/)","template_path":"templates/gitlab-ci-helm.yml","kind":"hosting","prefix":"helm","is_component":true,"variables":[{"name":"HELM_CLI_IMAGE","description":"The Docker image used to run Helm - **set the version required by your Kubernetes server**","default":"registry.hub.docker.com/alpine/helm:latest"},{"name":"HELM_CHART_DIR","description":"The folder where the Helm chart is located","default":"."},{"name":"HELM_SCRIPTS_DIR","description":"The folder where hook scripts are located","default":"."},{"name":"HELM_COMMON_VALUES","description":"Common values file (used for all environments, overridden by specific per-env values files)"},{"name":"HELM_DEPLOY_CHART","description":"The Helm [chart](https://helm.sh/docs/topics/charts/) to deploy. _Only required if you want to deploy an **external** chart._"},{"name":"HELM_REPOS","description":"The Helm [chart repositories](https://helm.sh/docs/topics/chart_repository/) to use (formatted as `repo_name_1@repo_url_1 repo_name_2@repo_url_2 ...`)","default":"stable@https://charts.helm.sh/stable bitnami@https://charts.bitnami.com/bitnami"},{"name":"KUBE_NAMESPACE","description":"The default Kubernetes namespace to use. _Leave default if [GitLab Kubernetes integration](https://docs.gitlab.com/ee/user/project/clusters/index.html) is enabled._"},{"name":"HELM_DEFAULT_KUBE_CONFIG","description":"The default kubeconfig content to use. Automatically set if GitLab Kubernetes integration is enabled.","default":"$KUBECONFIG","secret":true},{"name":"HELM_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"HELM_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.helm.acme.com`)_"},{"name":"HELM_DEPLOY_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_upgrade/) to deploy the application (_without dynamic arguments such as release name and chart_)","default":"upgrade --install --atomic --timeout 120s","advanced":true},{"name":"HELM_DELETE_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_uninstall/) to cleanup the application (_without dynamic arguments such as release name_)","default":"uninstall","advanced":true},{"name":"HELM_DEPENDENCY_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_dependency_update/) to update on-disk the chart dependencies (_without dynamic arguments such as the chart path_)","default":"dependency update","advanced":true},{"name":"HELM_ENV_VALUE_NAME","description":"The name of the Helm [value](https://helm.sh/docs/chart_best_practices/values/) containing the _environment type_","default":"environmentType","advanced":true},{"name":"HELM_HOSTNAME_VALUE_NAME","description":"The name of the Helm [value](https://helm.sh/docs/chart_best_practices/values/) containing the _environment hostname_ (extracted from the environment URL)","default":"hostname","advanced":true}],"features":[{"id":"lint","name":"Helm Lint","description":"Static code analysis of your Helm chart with [Helm Lint](https://helm.sh/docs/helm/helm_lint/)","disable_with":"HELM_LINT_DISABLED","variables":[{"name":"HELM_LINT_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_lint/) to trigger the analysis (_without dynamic arguments such as the chart path_)","default":"lint --strict","advanced":true}]},{"id":"test","name":"Helm Test","description":"Acceptance test of your Helm chart with [Helm Test](https://helm.sh/docs/helm/helm_test/)","enable_with":"HELM_TEST_ENABLED","variables":[{"name":"HELM_TEST_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_test/) to perform acceptance test (_without dynamic arguments such as release name_)","default":"test","advanced":true}]},{"id":"yamllint","name":"Yaml Lint","description":"[Yaml Lint](https://github.com/adrienverge/yamllint) of your Helm [values file](https://helm.sh/docs/chart_template_guide/values_files/)","disable_with":"HELM_YAMLLINT_DISABLED","variables":[{"name":"HELM_YAMLLINT_IMAGE","description":"The Docker image used to run YamlLint test","default":"registry.hub.docker.com/cytopia/yamllint"},{"name":"HELM_YAMLLINT_CONFIG","description":"Config used with the yamllint tool","default":"{extends: relaxed, rules: {line-length: {max: 160}}}","advanced":true},{"name":"HELM_YAMLLINT_ARGS","description":"Arguments used by the lint job","default":"-f colored --strict","advanced":true}]},{"id":"kube-score","name":"Kube-Score","description":"Run [Kube-Score](https://kube-score.com/) on the resources to be created by Helm","disable_with":"HELM_KUBE_SCORE_DISABLED","variables":[{"name":"HELM_KUBE_SCORE_IMAGE","description":"The Docker image used to run [Kube-Score](https://kube-score.com/)","default":"registry.hub.docker.com/zegl/kube-score"},{"name":"HELM_KUBE_SCORE_ARGS","description":"Arguments used by the kube-score job","advanced":true},{"name":"HELM_K8S_VERSION","description":"Kubernetes version (_so that `.Capabilities.KubeVersion.Version` can be correctly interpreted_). \n\n Expected format: `vX.YY`","advanced":true}]},{"id":"package","name":"Package your chart","description":"[Package](https://helm.sh/docs/helm/helm_package/) your Helm chart","variables":[{"name":"HELM_PACKAGE_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_package/) to perform the packaging (_without dynamic arguments such as the chart path_)","default":"package --dependency-update","advanced":true},{"name":"HELM_PUBLISH_SNAPSHOT_ENABLED","description":"Set to `true` to enable publishing the snapshot (untested) chart during the packaging step","type":"boolean","advanced":true},{"name":"HELM_SEMREL_RELEASE_DISABLED","description":"Disable semantic-release integration","type":"boolean","advanced":true}]},{"id":"publish","name":"Publish your chart","description":"Publishes the chart to a [Helm repository](https://helm.sh/docs/topics/chart_repository/) or [OCI-based registry](https://helm.sh/docs/topics/registries/)","variables":[{"name":"HELM_PUBLISH_URL","description":"The URL of the Helm repository to publish your Helm package","default":"oci://$CI_REGISTRY/$CI_PROJECT_PATH/charts"},{"name":"HELM_PUBLISH_METHOD","description":"HTTP method to use to push the package","default":"auto","type":"enum","values":["auto","push","post","put","custom","disabled"],"advanced":true},{"name":"HELM_PUBLISH_USER","description":"Helm repository username","default":"$CI_REGISTRY_USER","secret":true},{"name":"HELM_PUBLISH_PASSWORD","description":"Helm repository password","default":"$CI_REGISTRY_PASSWORD","secret":true},{"name":"HELM_PUBLISH_ON","description":"Defines on which Git reference(s) the publish job shall be enabled\n\n`prod` to enable on production branch only, `protected` to enable on protected references, `all` to enable on all Git branches and `tag` on Git release tags (always auto, superseeds `HELM_PUBLISH_STRATEGY`)","default":"prod","type":"enum","values":["prod","protected","all","tag"]},{"name":"HELM_PUBLISH_STRATEGY","description":"Defines the publish strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"},{"name":"HELM_CM_PUSH_PLUGIN_VERSION","description":"cm-push plugin version to install (only when using `push` method with a regular chart [repository](https://helm.sh/docs/topics/chart_repository/)","advanced":true}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","enable_with":"HELM_REVIEW_ENABLED","variables":[{"name":"HELM_REVIEW_APP_NAME","description":"The application name for `review` env _(only define to override default)_","advanced":true},{"name":"HELM_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"HELM_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELM_REVIEW_VALUES","description":"The Values file to use with `review` environment"},{"name":"HELM_REVIEW_NAMESPACE","description":"The Kubernetes namespace to use for `review` env _(only define to override default)_","advanced":true},{"name":"HELM_REVIEW_KUBE_CONFIG","description":"Specific kubeconfig for review env (only define to override default)","advanced":true,"secret":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"HELM_INTEG_ENABLED","variables":[{"name":"HELM_INTEG_APP_NAME","description":"The application name for `integration` env _(only define to override default)_","advanced":true},{"name":"HELM_INTEG_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `integration` env","default":"never"},{"name":"HELM_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELM_INTEG_VALUES","description":"The Values file to use with `integration` environment"},{"name":"HELM_INTEG_NAMESPACE","description":"The Kubernetes namespace to use for `integration` env _(only define to override default)_","advanced":true},{"name":"HELM_INTEG_KUBE_CONFIG","description":"Specific kubeconfig for integration env (only define to override default)","advanced":true,"secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"HELM_STAGING_ENABLED","variables":[{"name":"HELM_STAGING_APP_NAME","description":"The application name for `staging` env _(only define to override default)_","default":"${HELM_BASE_APP_NAME}-staging","advanced":true},{"name":"HELM_STAGING_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `staging` env","default":"never"},{"name":"HELM_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELM_STAGING_VALUES","description":"The Values file to use with `staging` environment"},{"name":"HELM_STAGING_NAMESPACE","description":"The Kubernetes namespace to use for `staging` env _(only define to override default)_","advanced":true},{"name":"HELM_STAGING_KUBE_CONFIG","description":"Specific kubeconfig for staging env (only define to override default)","advanced":true,"secret":true}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"HELM_PROD_ENABLED","variables":[{"name":"HELM_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"HELM_PROD_APP_NAME","description":"The application name for `production` env _(only define to override default)_","advanced":true},{"name":"HELM_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELM_PROD_VALUES","description":"The Values file to use with `production` environment"},{"name":"HELM_PROD_NAMESPACE","description":"The Kubernetes namespace to use for `production` env _(only define to override default)_","advanced":true},{"name":"HELM_PROD_KUBE_CONFIG","description":"Specific kubeconfig for production env (only define to override default)","advanced":true,"secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-helm-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp","name":"Google Cloud","description":"Retrieve credentials for Google Cloud","template_path":"templates/gitlab-ci-helm-gcp.yml","variables":[{"name":"TBC_GCP_PROVIDER_IMAGE","description":"The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest","advanced":true},{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `production` environment","advanced":true}]}],"extension_id":null,"project":{"tag":"7.4.1","tags":["7.4.1","7.4.0","7.4","7.3.1","7.3.0","7.3","7.2.6","7.2.5","7.2.4","7.2.3","7.2.2","7.2.1","7.2.0","7.2","7.1.0","7.1","7.0.2","7.0.1","7.0.0","7.0","7","6.1.1","6.1.0","6.1","6.0.0","6.0","6","5.3.1","5.3.0","5.3","5.2.0","5.2","5.1.0","5.1","5.0.0","5.0","5","4.1.7","4.1.6","4.1.5","4.1.4","4.1.3","4.1.2","4.1.1","4.1.0","4.1","4.0.1","4.0.0","4.0","4","3.3.2","3.3.1","3.3.0","3.3","3.2.0","3.2","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.4.1","2.4.0","2.4","2.3.0","2.3","2.2.0","2.1.0","2.0.6","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","2","1.4.2","1.4.1","1.4.0","1.3.0","1.2.1","1.2.0","1.1.1","1.1.0","1.0.0"],"name":"helm","path":"to-be-continuous/helm","web_url":"https://gitlab.com/to-be-continuous/helm","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454230/logo.png"}},{"name":"Helmfile","description":"Deploy your application to a [Kubernetes](https://kubernetes.io/) platform using [helmfile](https://github.com/helmfile/helmfile)","template_path":"templates/gitlab-ci-helmfile.yml","kind":"hosting","prefix":"helmfile","is_component":true,"variables":[{"name":"HELMFILE_CLI_IMAGE","description":"The Docker image used to run helmfile - **set the version required by your Kubernetes server**","default":"ghcr.io/helmfile/helmfile:latest"},{"name":"HELMFILE_SCRIPTS_DIR","description":"The folder where hook scripts are located","default":"."},{"name":"HELMFILE_PATH","description":"Path to the `helmfile.yaml` to deploy","default":"./helmfile.yaml"},{"name":"KUBE_NAMESPACE","description":"The default Kubernetes namespace to use. _Leave default if [GitLab Kubernetes integration](https://docs.gitlab.com/ee/user/project/clusters/index.html) is enabled._"},{"name":"HELMFILE_DEFAULT_KUBE_CONFIG","description":"The default kubeconfig content to use. Automatically set if GitLab Kubernetes integration is enabled.","default":"$KUBECONFIG","secret":true},{"name":"HELMFILE_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"HELMFILE_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.helm.acme.com`)_"},{"name":"HELMFILE_DEPLOY_ARGS","description":"The helmfile [command with options](https://helmfile.readthedocs.io/en/latest/#apply) to deploy the application (_without dynamic global parameters such as helmfile path, namespace and environment name)","default":"apply --suppress-secrets --wait","advanced":true},{"name":"HELMFILE_DELETE_ARGS","description":"The helmfile [command with options](https://helmfile.readthedocs.io/en/latest/#destroy) to cleanup the application (_without dynamic global parameters such as helmfile path, namespace and environment name)","default":"destroy","advanced":true},{"name":"HELMFILE_PGP_PRIVATE_KEY_FILE","description":"PGP Private key for decrypting helmfile secrets with SOPS (optional). Should be set as a File type variable.","secret":true},{"name":"HELMFILE_PGP_PASSPHRASE","description":"Passphrase for PGP private key (optional)","secret":true},{"name":"HELMFILE_IMAGE_PULL_SECRET_NAME","description":"Name of the `docker-registry` k8s secret that will be created if the special [GitLab deploy token](https://docs.gitlab.com/ee/user/project/deploy_tokens/#gitlab-deploy-token) is available.","default":"gitlab-registry","advanced":true}],"features":[{"id":"lint","name":"Helmfile Lint","description":"Runs a [helm lint](https://helm.sh/docs/helm/helm_lint/) across all of the charts/releases in the helmfile manifest.","enable_with":"HELMFILE_LINT_ENABLED","variables":[{"name":"HELMFILE_LINT_ARGS","description":"The helmfile [command with options](https://helmfile.readthedocs.io/en/latest/#lint) to trigger the analysis (_without dynamic arguments such as the helmfile path)","default":"lint","advanced":true}]},{"id":"test","name":"Helmfile Test","description":"Runs acceptance [Helm tests](https://helm.sh/docs/topics/chart_tests/) against the specified releases in the helmfile manifest","enable_with":"HELMFILE_TEST_ENABLED","variables":[{"name":"HELMFILE_TEST_ARGS","description":"The helmfile [command with options](https://helmfile.readthedocs.io/en/latest/#test) to perform acceptance test (_without dynamic global arguments such as the helmfile.yaml path, namespace and environment name_)","default":"test --logs --cleanup","advanced":true}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","enable_with":"HELMFILE_REVIEW_ENABLED","variables":[{"name":"HELMFILE_REVIEW_APP_NAME","description":"The application name for `review` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"HELMFILE_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELMFILE_REVIEW_NAMESPACE","description":"The Kubernetes namespace to use for `review` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_REVIEW_KUBE_CONFIG","description":"Specific kubeconfig for review env (only define to override default)","advanced":true,"secret":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"HELMFILE_INTEG_ENABLED","variables":[{"name":"HELMFILE_INTEG_APP_NAME","description":"The application name for `integration` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_INTEG_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `integration` env","default":"never"},{"name":"HELMFILE_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELMFILE_INTEG_NAMESPACE","description":"The Kubernetes namespace to use for `integration` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_INTEG_KUBE_CONFIG","description":"Specific kubeconfig for integration env (only define to override default)","advanced":true,"secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"HELMFILE_STAGING_ENABLED","variables":[{"name":"HELMFILE_STAGING_APP_NAME","description":"The application name for `staging` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_STAGING_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `staging` env","default":"never"},{"name":"HELMFILE_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELMFILE_STAGING_NAMESPACE","description":"The Kubernetes namespace to use for `staging` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_STAGING_KUBE_CONFIG","description":"Specific kubeconfig for staging env (only define to override default)","advanced":true,"secret":true}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"HELMFILE_PROD_ENABLED","variables":[{"name":"HELMFILE_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"HELMFILE_PROD_APP_NAME","description":"The application name for `production` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELMFILE_PROD_NAMESPACE","description":"The Kubernetes namespace to use for `production` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_PROD_KUBE_CONFIG","description":"Specific kubeconfig for production env (only define to override default)","advanced":true,"secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-helmfile-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"3.2.4","tags":["3.2.4","3.2.3","3.2.2","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.3","3.0.2","3.0.1","3.0.0","3.0","3","2.1.0","2.1","2.0.0","2.0","2","1.1.0","1.1","1.0.0","1.0","1"],"name":"helmfile","path":"to-be-continuous/helmfile","web_url":"https://gitlab.com/to-be-continuous/helmfile","avatar":"https://gitlab.com/uploads/-/system/project/avatar/44473697/logo.png"}},{"name":"Hurl","description":"Run your automated tests with [Hurl](https://hurl.dev/)","template_path":"templates/gitlab-ci-hurl.yml","kind":"acceptance","prefix":"hurl","is_component":true,"variables":[{"name":"HURL_IMAGE","description":"The Docker image used to run Hurl","default":"ghcr.io/orange-opensource/hurl:latest"},{"name":"HURL_TEST_FILES","description":"The Hurl test files to run","default":"--glob **/*.hurl"},{"name":"HURL_EXTRA_ARGS","description":"Hurl extra [run options](https://hurl.dev/docs/manual.html#options)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Hurl tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"1.4.0","tags":["1.4.0","1.4","1.3.0","1.3","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.1","1.0.0","1.0","1"],"name":"hurl","path":"to-be-continuous/hurl","web_url":"https://gitlab.com/to-be-continuous/hurl","avatar":"https://gitlab.com/uploads/-/system/project/avatar/50266464/logo.png"}},{"name":"k6","description":"Run your automated load-testing with [k6](https://k6.io/)","template_path":"templates/gitlab-ci-k6.yml","kind":"acceptance","prefix":"k6","is_component":true,"variables":[{"name":"K6_IMAGE","description":"The Docker image used to run k6 CLI.","default":"registry.hub.docker.com/grafana/k6:latest"},{"name":"K6_TESTS_DIR","description":"The k6 tests directory","default":"k6"},{"name":"K6_EXTRA_ARGS","description":"k6 extra [command-line](https://k6.io/docs/getting-started/running-k6)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable k6 tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.4.3","tags":["3.4.3","3.4.2","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.0.0"],"name":"k6","path":"to-be-continuous/k6","web_url":"https://gitlab.com/to-be-continuous/k6","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26797499/logo.png"}},{"name":"Kubernetes","description":"Deploy your application to a [Kubernetes](https://kubernetes.io/) platform using [declarative configuration](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/declarative-config/) or [Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/)","template_path":"templates/gitlab-ci-k8s.yml","kind":"hosting","prefix":"k8s","is_component":true,"variables":[{"name":"K8S_KUBECTL_IMAGE","description":"The Docker image used to run Kubernetes `kubectl` commands - **set the version required by your Kubernetes server**","default":"registry.hub.docker.com/bitnami/kubectl:latest"},{"name":"K8S_DEFAULT_KUBE_CONFIG","description":"The default kubeconfig to use (either content or file variable) (only define if not using exploded kubeconfig parameters)","secret":true},{"name":"K8S_URL","type":"url","description":"Global Kubernetes API url (only define if using exploded kubeconfig parameters)"},{"name":"K8S_TOKEN","description":"Global Kubernetes API token (only define if using exploded kubeconfig parameters)","secret":true},{"name":"K8S_CA_CERT","description":"Global Kubernetes cluster server certificate authority (only define if using exploded kubeconfig parameters)","secret":true},{"name":"K8S_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"K8S_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.k8s.acme.com`)_"},{"name":"K8S_SCRIPTS_DIR","description":"directory where Kubernetes scripts (templates, hook scripts) are located","default":".","advanced":true},{"name":"K8S_KUSTOMIZE_ENABLED","description":"Set to `true` to enable [Kustomize](https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/)","type":"boolean","advanced":true},{"name":"K8S_KUSTOMIZE_ARGS","description":"Additional [`kubectl kustomize` options](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#kustomize)\n\n_For example: `--enable-helm`_","advanced":true}],"features":[{"id":"kube-score","name":"kube-score","description":"Static code analysis of your Kubernetes templates with [kube-score](https://github.com/zegl/kube-score)","disable_with":"K8S_SCORE_DISABLED","variables":[{"name":"K8S_KUBE_SCORE_IMAGE","description":"Docker image to run [kube-score](https://github.com/zegl/kube-score)","default":"registry.hub.docker.com/zegl/kube-score:latest"},{"name":"K8S_SCORE_EXTRA_OPTS","description":"Additional [kube-score options](https://github.com/zegl/kube-score#configuration)","advanced":true}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","variables":[{"name":"K8S_REVIEW_SPACE","description":"Kubernetes namespace for review env","mandatory":true},{"name":"K8S_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"K8S_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"K8S_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"K8S_REVIEW_KUBE_CONFIG","description":"Specific kubeconfig for review env (only define if not using exploded parameters and if different from global)","secret":true},{"name":"K8S_REVIEW_URL","type":"url","description":"Kubernetes API url for review env (only define if using exploded kubeconfig parameters and if different from global)","advanced":true},{"name":"K8S_REVIEW_TOKEN","description":"Kubernetes API token for review env (only define if using exploded kubeconfig parameters and if different from global)","secret":true},{"name":"K8S_REVIEW_CA_CERT","description":"Kubernetes cluster server certificate authority for review env (only define if using exploded kubeconfig parameters and if different from global)","secret":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"K8S_INTEG_SPACE","description":"Kubernetes namespace for integration env","mandatory":true},{"name":"K8S_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"K8S_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"K8S_INTEG_KUBE_CONFIG","description":"Specific kubeconfig for integration env (only define if not using exploded parameters and if different from global)","secret":true},{"name":"K8S_INTEG_URL","type":"url","description":"Kubernetes API url for integration env (only define if using exploded kubeconfig parameters and if different from global)","advanced":true},{"name":"K8S_INTEG_TOKEN","description":"Kubernetes API token for integration env (only define if using exploded kubeconfig parameters and if different from global)","secret":true},{"name":"K8S_INTEG_CA_CERT","description":"Kubernetes cluster server certificate authority for integration env (only define if using exploded kubeconfig parameters and if different from global)","secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"K8S_STAGING_SPACE","description":"Kubernetes namespace for staging env","mandatory":true},{"name":"K8S_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"K8S_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"K8S_STAGING_KUBE_CONFIG","description":"Specific kubeconfig for staging env (only define if not using exploded parameters and if different from global)","secret":true},{"name":"K8S_STAGING_URL","type":"url","description":"Kubernetes API url for staging env (only define if using exploded kubeconfig parameters and if different from global)","advanced":true},{"name":"K8S_STAGING_TOKEN","description":"Kubernetes API token for staging env (only define if using exploded kubeconfig parameters and if different from global)","secret":true},{"name":"K8S_STAGING_CA_CERT","description":"Kubernetes cluster server certificate authority for staging env (only define if using exploded kubeconfig parameters and if different from global)","secret":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"K8S_PROD_SPACE","description":"Kubernetes namespace for production env","mandatory":true},{"name":"K8S_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"K8S_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"K8S_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"K8S_PROD_KUBE_CONFIG","description":"Specific kubeconfig for production env (only define if not using exploded parameters and if different from global)","secret":true},{"name":"K8S_PROD_URL","type":"url","description":"Kubernetes API url for production env (only define if using exploded kubeconfig parameters and if different from global)","advanced":true},{"name":"K8S_PROD_TOKEN","description":"Kubernetes API token for production env (only define if using exploded kubeconfig parameters and if different from global)","secret":true},{"name":"K8S_PROD_CA_CERT","description":"Kubernetes cluster server certificate authority for production env (only define if using exploded kubeconfig parameters and if different from global)","secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-k8s-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp-auth-provider","name":"Google Cloud","description":"This variant uses [Application Default Credentials][gcp-adc] through the `GOOGLE_APPLICATION_CREDENTIALS` variable using Workload Identity federation.","template_path":"templates/gitlab-ci-k8s-gcp.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `production` environment","advanced":true},{"name":"K8S_KUBECTL_IMAGE","description":"The Docker image used to run Kubernetes `kubectl` commands on [GKE](https://cloud.google.com/kubernetes-engine/docs)","default":"gcr.io/google.com/cloudsdktool/cloud-sdk:latest"}]}],"extension_id":null,"project":{"tag":"6.3.0","tags":["6.3.0","6.3","6.2.0","6.2","6.1.4","6.1.3","6.1.2","6.1.1","6.1.0","6.1","6.0.2","6.0.1","6.0.0","6.0","6","5.2.0","5.2","5.1.0","5.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.5.0","3.5","3.4.3","3.4.2","3.4.1","3.4.0","3.4","3.3.3","3.3.2","3.3.1","3.3.0","3.3","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.3.2","2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.0","2.0.7","2.0.6","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","2","1.3.1","1.3.0","1.2.0","1.1.0","1.0.0"],"name":"kubernetes","path":"to-be-continuous/kubernetes","web_url":"https://gitlab.com/to-be-continuous/kubernetes","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454231/logo.png"}},{"name":"Lighthouse","description":"Continuously analyse your web apps and web pages performances and developer best practices with [Lighthouse CI](https://github.com/GoogleChrome/lighthouse-ci)","template_path":"templates/gitlab-ci-lighthouse.yml","kind":"acceptance","prefix":"lhci","job_prefix":"lighthouse","is_component":true,"variables":[{"name":"LHCI_IMAGE","description":"The Docker image used to run Lighthouse CI (use [browser images](https://github.com/cypress-io/cypress-docker-images/tree/master/browsers) only).","default":"registry.hub.docker.com/cypress/browsers:latest"},{"name":"LHCI_VERSION","description":"Lighthouse CI version to run","default":"latest","advanced":true},{"name":"LHCI_RUN_OPTS","description":"Lighthouse CI [autorun options](https://github.com/GoogleChrome/lighthouse-ci/blob/main/docs/configuration.md#autorun)","default":"--upload.target=filesystem --collect.settings.chromeFlags=\"--no-sandbox\" --collect.url=\"%{environment_url}\"","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Cypress tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"1.4.0","tags":["1.4.0","1.4","1.3.0","1.3","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.2","1.0.1","1.0.0","1.0","1"],"name":"lighthouse","path":"to-be-continuous/lighthouse","web_url":"https://gitlab.com/to-be-continuous/lighthouse","avatar":"https://gitlab.com/uploads/-/system/project/avatar/47102540/logo.png"}},{"name":"GNU Make","description":"GitLab CI template for [GNU Make](https://www.gnu.org/software/make/)","template_path":"templates/gitlab-ci-make.yml","kind":"build","prefix":"make","is_component":true,"variables":[{"name":"MAKE_IMAGE","description":"The Docker image used to run GNU Make - **set the image required by your project** (see doc)","default":"registry.hub.docker.com/alpinelinux/build-base"},{"name":"MAKE_BUILD_ARGS","description":"Make [options](https://www.gnu.org/software/make/manual/html_node/Options-Summary.html) and [goals](https://www.gnu.org/software/make/manual/html_node/Goals.html) for the build & test job","default":"all test"},{"name":"MAKE_PROJECT_DIR","description":"Makefile root directory","default":".","advanced":true}],"extension_id":null,"project":{"tag":"1.4.1","tags":["1.4.1","1.4.0","1.4","1.3.0","1.3","1.2.0","1.2","1.1.3","1.1.2","1.1.1","1.1.0","1.1","1.0.0","1.0","1"],"name":"make","path":"to-be-continuous/make","web_url":"https://gitlab.com/to-be-continuous/make","avatar":"https://gitlab.com/uploads/-/system/project/avatar/42537057/logo.png"}},{"name":"Maven","description":"Build, test and analyse your [Maven](https://maven.apache.org/)-based projects","template_path":"templates/gitlab-ci-maven.yml","kind":"build","prefix":"maven","job_prefix":"mvn","is_component":true,"variables":[{"name":"MAVEN_IMAGE","description":"The Docker image used to run Maven - **set the version required by your project**","default":"registry.hub.docker.com/library/maven:latest"},{"name":"MAVEN_PROJECT_DIR","description":"Maven project root directory","default":".","advanced":true},{"name":"MAVEN_CFG_DIR","description":"The Maven configuration directory","default":".m2","advanced":true},{"name":"MAVEN_SETTINGS_FILE","description":"The Maven `settings.xml` file path","default":"$MAVEN_CFG_DIR/settings.xml","advanced":true},{"name":"MAVEN_OPTS","description":"[Global Maven options](http://maven.apache.org/configure.html#maven_opts-environment-variable)","default":"-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=${MAVEN_CFG_DIR}/repository -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true","advanced":true},{"name":"MAVEN_CLI_OPTS","description":"Additional [Maven options](https://maven.apache.org/ref/3-LATEST/maven-embedder/cli.html) used on the command line","default":"--no-transfer-progress --batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true","advanced":true},{"name":"MAVEN_BUILD_ARGS","description":"Maven arguments for the build & test job","default":"org.jacoco:jacoco-maven-plugin:prepare-agent verify org.jacoco:jacoco-maven-plugin:report","advanced":true}],"features":[{"id":"sonar","name":"SONAR","description":"Code quality and security analysis with [SONARQube](https://www.sonarqube.org/)","variables":[{"name":"SONAR_HOST_URL","type":"url","description":"SonarQube server url","mandatory":true},{"name":"SONAR_TOKEN","description":"SonarQube authentication token (see https://docs.sonarsource.com/sonarqube-server/latest/user-guide/managing-tokens/) - depends on your authentication method","secret":true},{"name":"SONAR_LOGIN","description":"SonarQube login (depends on your authentication method)","secret":true},{"name":"SONAR_PASSWORD","description":"SonarQube password (depends on your authentication method)","secret":true},{"name":"SONAR_BASE_ARGS","description":"SonarQube [analysis arguments](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/analysis-parameters/)","default":"sonar:sonar -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues","advanced":true},{"name":"SONAR_QUALITY_GATE_ENABLED","description":"Enables SonarQube [Quality Gate](https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/quality-gates/) verification.\n\n_Uses `sonar.qualitygate.wait` parameter ([see doc](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/ci-integration/overview/#quality-gate-fails))._","type":"boolean"}]},{"id":"dependency-check","name":"Dependency-Check","description":"[Dependency-Check](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html) analysis","disable_with":"MAVEN_DEPENDENCY_CHECK_DISABLED","variables":[{"name":"MAVEN_DEPENDENCY_CHECK_ARGS","description":"Maven arguments for Dependency Check job","default":"org.owasp:dependency-check-maven:aggregate -DretireJsAnalyzerEnabled=false -DassemblyAnalyzerEnabled=false -Dformats=HTML,JSON,XML","advanced":true}]},{"id":"forbid-snapshot-dependencies","name":"Snapshot dependencies verification","description":"This job verifies your project has no _snapshot_ dependencies. Failure is allowed in feature branches.","disable_with":"MVN_FORBID_SNAPSHOT_DEPENDENCIES_DISABLED"},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [cyclonedx-maven-plugin](https://github.com/CycloneDX/cyclonedx-maven-plugin)","disable_with":"MAVEN_SBOM_DISABLED","variables":[{"name":"MAVEN_SBOM_GEN_ARGS","description":"Maven command used for SBOM analysis","default":"org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom","advanced":true}]},{"id":"publish","name":"Publish","description":"Publish [Snapshot](https://maven.apache.org/plugins/maven-deploy-plugin/) & [Releases](http://maven.apache.org/maven-release/maven-release-plugin) to a Maven-compliant repository","enable_with":"MAVEN_DEPLOY_ENABLED","variables":[{"name":"MAVEN_DEPLOY_ARGS","description":"Maven arguments for the deploy job","default":"deploy -Dmaven.test.skip=true","advanced":true},{"name":"MAVEN_DEPLOY_FROM_UNPROTECTED_DISABLED","description":"Set to limit snapshot publication to protected branches","type":"boolean","advanced":true},{"name":"MAVEN_DEPLOY_SNAPSHOT_WITH_SLUG_ENABLED","description":"Enable to inject the Git branch slug in SNAPSHOT versions","type":"boolean","advanced":true},{"name":"MAVEN_RELEASE_ARGS","description":"Maven arguments for the release job","default":"release:prepare -DtagNameFormat=@{project.version} -Darguments=-Dmaven.test.skip=true","advanced":true},{"name":"MAVEN_RELEASE_VERSION","description":"Explicit version to use when triggering a release\n\n_Otherwise uses the current snapshot version from `pom.xml`)_","advanced":true},{"name":"MAVEN_RELEASE_SCM_COMMENT_PREFIX","description":"Maven release plugin [scmCommentPrefix](https://maven.apache.org/maven-release/maven-release-plugin/prepare-mojo.html#scmCommentPrefix) parameter","default":"chore(maven-release): ","advanced":true},{"name":"MAVEN_RELEASE_SCM_RELEASE_COMMENT","description":"Maven release plugin [scmReleaseCommitComment](https://maven.apache.org/maven-release/maven-release-plugin/prepare-mojo.html#scmReleaseCommitComment) parameter\n\n(since Maven `3.0.0-M1`)","advanced":true},{"name":"MAVEN_RELEASE_SCM_DEV_COMMENT","description":"Maven release plugin [scmDevelopmentCommitComment](https://maven.apache.org/maven-release/maven-release-plugin/prepare-mojo.html#scmDevelopmentCommitComment) parameter\n\n(since Maven `3.0.0-M1`)","advanced":true},{"name":"MVN_SEMREL_RELEASE_DISABLED","description":"Disable semantic-release integration","advanced":true},{"name":"GIT_USERNAME","description":"Git username (if you wish to release using Git credentials)","secret":true},{"name":"GIT_PASSWORD","description":"Git password (if you wish to release using Git credentials)","secret":true},{"name":"GIT_PRIVATE_KEY","description":"Git private SSH key (if you wish to release using SSH key or GitLab Deploy Key)","secret":true},{"name":"MAVEN_REPOSITORY_USERNAME","description":"Maven repository username (inject in your settings.xml as ${env.MAVEN_REPOSITORY_USERNAME})","secret":true},{"name":"MAVEN_REPOSITORY_PASSWORD","description":"Maven repository password (inject in your settings.xml as ${env.MAVEN_REPOSITORY_PASSWORD})","secret":true}]}],"variants":[{"id":"jib","name":"Jib","description":"Build Docker and OCI images for your Java applications with [Jib](https://github.com/GoogleContainerTools/jib)","template_path":"templates/gitlab-ci-maven-jib.yml","features":[{"id":"mvn-trivy","name":"Maven Trivy","description":"[Trivy](https://aquasecurity.github.io/trivy) vulnerability analysis","disable_with":"MAVEN_TRIVY_DISABLED","variables":[{"name":"MAVEN_TRIVY_IMAGE","description":"The docker image used to scan images with Trivy","default":"registry.hub.docker.com/aquasec/trivy:latest","advanced":true},{"name":"MAVEN_TRIVY_ARGS","description":"Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)","default":"--ignore-unfixed --vuln-type os","advanced":true}]},{"id":"mvn-sbom","name":"Maven Software Bill of Materials","description":"This job generates a file listing all dependencies using [syft](https://github.com/anchore/syft)","disable_with":"MAVEN_SBOM_DISABLED","variables":[{"name":"MAVEN_SBOM_IMAGE","default":"registry.hub.docker.com/anchore/syft:debug","advanced":true},{"name":"MAVEN_SBOM_OPTS","description":"Options for syft used for SBOM analysis","default":"--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,nix-store-cataloger,java","advanced":true}]}],"variables":[{"name":"MAVEN_JIB_SNAPSHOT_IMAGE","description":"Maven Jib Snapshot image","default":"$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"},{"name":"MAVEN_JIB_RELEASE_IMAGE","description":"Maven Jib Release image","default":"$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"},{"name":"MAVEN_SKOPEO_IMAGE","description":"The image used to publish images with Skopeo","default":"quay.io/skopeo/stable:latest","advanced":true},{"name":"MAVEN_JIB_BUILD_ARGS","description":"[Jib Maven Plugin arguments](https://github.com/GoogleContainerTools/jib/tree/master/jib-maven-plugin#extended-usage)","default":"-Djib.to.image=$MAVEN_JIB_SNAPSHOT_IMAGE"},{"name":"MAVEN_JIB_PROD_PUBLISH_STRATEGY","description":"Defines the publish to production strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"},{"name":"MAVEN_JIB_PUBLISH_ARGS","description":"Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)"}]}],"extension_id":null,"project":{"tag":"4.0.1","tags":["4.0.1","4.0.0","4.0","4","3.11.4","3.11.3","3.11.2","3.11.1","3.11.0","3.11","3.10.2","3.10.1","3.10.0","3.10","3.9.2","3.9.1","3.9.0","3.9","3.8.0","3.8","3.7.1","3.7.0","3.7","3.6.2","3.6.1","3.6.0","3.6","3.5.0","3.5","3.4.0","3.4","3.3.1","3.3.0","3.3","3.2.3","3.2.2","3.2.1","3.2.0","3.2","3.1.4","3.1.3","3.1.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.3.0","2.3","2.2.0","2.1.6","2.1.5","2.1.4","2.1.3","2.1.2","2.1.1","2.1.0","2.0.1","2.0.0","2","1.4.2","1.4.1","1.4.0","1.3.0","1.2.0","1.1.2","1.1.1","1.1.0","1.0.0"],"name":"maven","path":"to-be-continuous/maven","web_url":"https://gitlab.com/to-be-continuous/maven","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454233/logo.png"}},{"name":"MkDocs","description":"Build your static website with [MkDocs](https://www.mkdocs.org/)","template_path":"templates/gitlab-ci-mkdocs.yml","kind":"build","prefix":"mkd","job_prefix":"mkdocs","is_component":true,"variables":[{"name":"MKD_IMAGE","description":"The Docker image used to run MkDocs","default":"docker.io/squidfunk/mkdocs-material:latest"},{"name":"MKD_BUILD_ARGS","description":"Arguments used by the build job","advanced":true},{"name":"MKD_WORKSPACE_DIR","description":"MkDocs sources directory","default":".","advanced":true},{"name":"MKD_SITE_DIR","description":"MkDocs generated site directory (relative to `$MKD_WORKSPACE_DIR`)","default":"site","advanced":true},{"name":"MKD_REQUIREMENTS_FILE","description":"Requirements file. If the file is not found in the repository, requirements are read from the `MKD_REQUIREMENTS` variable","default":"requirements.txt","advanced":true},{"name":"MKD_REQUIREMENTS","description":"Space separated requirements (ignored if a requirement file is found)","default":"mkdocs","advanced":true},{"name":"MKD_PREBUILD_SCRIPT","description":"Pre-build hook script","default":"mkdocs-pre-build.sh","advanced":true},{"name":"PIP_OPTS","description":"pip extra [options](https://pip.pypa.io/en/stable/cli/pip/#general-options)","advanced":true}],"features":[{"id":"lychee","name":"lychee","description":"Checks broken links and emails with [lychee](https://github.com/lycheeverse/lychee)","enable_with":"MKD_LYCHEE_ENABLED","variables":[{"name":"MKD_LYCHEE_IMAGE","description":"The Docker image used to run [lychee](https://github.com/lycheeverse/lychee)","default":"docker.io/lycheeverse/lychee:latest","advanced":true},{"name":"MKD_LYCHEE_ARGS","description":"[lychee arguments](https://github.com/lycheeverse/lychee#commandline-parameters) to execute","default":"docs/"}]}],"variants":[{"id":"pages","name":"GitLab Pages","description":"Adds a job to publish the generated site to GitLab pages","template_path":"templates/gitlab-ci-mkdocs-pages.yml"}],"extension_id":null,"project":{"tag":"2.7.0","tags":["2.7.0","2.7","2.6.1","2.6.0","2.6","2.5.1","2.5.0","2.5","2.4.0","2.4","2.3.1","2.3.0","2.3","2.2.1","2.2.0","2.2","2.1.0","2.1","2.0.1","2.0.0","2.0","2","1.5.0","1.5","1.4.3","1.4.2","1.4.1","1.4.0","1.3.0","1.2.0","1.1.1","1.1.0","1.0.0","1"],"name":"mkdocs","path":"to-be-continuous/mkdocs","web_url":"https://gitlab.com/to-be-continuous/mkdocs","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26450936/logo.png"}},{"name":"MobSF","description":"Perform pen-testing, malware analysis and security assessment for mobile applications with [Mobile Security Framework](https://github.com/MobSF/Mobile-Security-Framework-MobSF) (MobSF)","template_path":"templates/gitlab-ci-mobsf.yml","kind":"analyse","prefix":"mobsf","is_component":true,"variables":[{"name":"MOBSF_CLIENT_IMAGE","description":"The Docker image used to send requests to the MobSF server","default":"registry.hub.docker.com/badouralix/curl-jq"},{"name":"MOBSF_SERVER_URL","description":"URL of MobSF server","mandatory":false},{"name":"MOBSF_API_KEY","description":"API key of the MobSF server","secret":true},{"name":"MOBSF_APP_FILE","description":"Application package file (APK or IPA)","mandatory":true}],"extension_id":null,"project":{"tag":"2.3.1","tags":["2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.3","2.1.2","2.1.1","2.1.0","2.1","2.0.2","2.0.1","2.0.0","2.0","2","1.2.0","1.2","1.1.0","1.0.1","1.0.0","1"],"name":"mobsf","path":"to-be-continuous/mobsf","web_url":"https://gitlab.com/to-be-continuous/mobsf","avatar":"https://gitlab.com/uploads/-/system/project/avatar/29247375/logo.png"}},{"name":"Node.js","description":"Build, test and analyse your JavaScript/TypeScript/[Node.js](https://nodejs.org/) projects","template_path":"templates/gitlab-ci-node.yml","kind":"build","prefix":"node","is_component":true,"variables":[{"name":"NODE_CONFIG_REGISTRY","description":"npm [registry](https://docs.npmjs.com/cli/v8/using-npm/registry) ","type":"url","advanced":true},{"name":"NODE_IMAGE","description":"The Docker image used to run Node.js - **set the version required by your project**","default":"registry.hub.docker.com/library/node:lts-alpine"},{"name":"NODE_MANAGER","description":"The package manager used by your project (npm, yarn or pnpm) - **if undefined, automatic detection**","default":"auto","type":"enum","values":["auto","npm","yarn","pnpm"],"advanced":true},{"name":"NODE_PROJECT_DIR","description":"Node project root directory","default":".","advanced":true},{"name":"NODE_SOURCE_DIR","description":"Sources directory","default":"src","advanced":true},{"name":"NODE_CONFIG_SCOPED_REGISTRIES","description":"Space separated list of NPM [scoped registries](https://docs.npmjs.com/cli/v8/using-npm/scope#associating-a-scope-with-a-registry) (formatted as `@somescope:https://some.npm.registry/some/repo @anotherscope:https://another.npm.registry/another/repo`)","advanced":true},{"name":"NODE_BUILD_DISABLED","description":"Set to true to disable build","default":"false","type":"boolean","advanced":true},{"name":"NODE_BUILD_ARGS","description":"npm [run script](https://docs.npmjs.com/cli/v8/commands/npm-run-script) arguments - yarn [run script](https://classic.yarnpkg.com/en/docs/cli/run) arguments - pnpm [run script](https://pnpm.io/cli/run) arguments\n\n⚠ default value should be overridden for `pnpm` as `--prod` is not a valid option","default":"run build --prod","advanced":true},{"name":"NODE_BUILD_DIR","description":"Variable to define build directory","default":"dist","advanced":true},{"name":"NODE_TEST_ARGS","description":"npm [test](https://docs.npmjs.com/cli/v8/commands/npm-test) arguments - yarn [test](https://classic.yarnpkg.com/en/docs/cli/test) arguments - pnpm [test](https://pnpm.io/cli/test) arguments","default":"test -- --coverage","advanced":true},{"name":"NODE_INSTALL_EXTRA_OPTS","description":"Extra options to install project dependencies (either [`npm ci`](https://docs.npmjs.com/cli/ci.html/), [`yarn install`](https://yarnpkg.com/cli/install) or [`pnpm install`](https://pnpm.io/cli/install))","advanced":true}],"features":[{"id":"node-lint","name":"node lint","description":"code analysis with [ESLint](https://eslint.org/)","enable_with":"NODE_LINT_ENABLED","variables":[{"name":"NODE_LINT_ARGS","description":"npm [run script](https://docs.npmjs.com/cli/v8/commands/npm-run-script) arguments to execute the lint analysis - yarn [run script](https://classic.yarnpkg.com/en/docs/cli/run) arguments to execute the lint analysis - pnpm [run script](https://pnpm.io/cli/run) arguments to execute the lint analysis","default":"run lint","advanced":true}]},{"id":"node-audit","name":"node audit","description":"node audit analysis","disable_with":"NODE_AUDIT_DISABLED","variables":[{"name":"NODE_AUDIT_ARGS","description":"npm [audit](https://docs.npmjs.com/cli/v8/commands/npm-audit) arguments - yarn [audit](https://classic.yarnpkg.com/en/docs/cli/audit) arguments - [pnpm audit](https://pnpm.io/cli/audit) arguments","default":"--audit-level=low"}]},{"id":"node-outdated","name":"node outdated","description":"node outdated analysis","disable_with":"NODE_OUTDATED_DISABLED","variables":[{"name":"NODE_OUTDATED_ARGS","description":"npm [outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated) arguments - yarn [outdated](https://classic.yarnpkg.com/lang/en/docs/cli/outdated/) arguments - pnpm [outdated](https://pnpm.io/cli/outdated) arguments","default":"--long"}]},{"id":"node-semgrep","name":"Semgrep","description":"[Semgrep](https://semgrep.dev/docs/) analysis","disable_with":"NODE_SEMGREP_DISABLED","variables":[{"name":"NODE_SEMGREP_IMAGE","description":"The Docker image used to run [Semgrep](https://semgrep.dev/docs/)","default":"registry.hub.docker.com/semgrep/semgrep:latest"},{"name":"NODE_SEMGREP_ARGS","description":"Semgrep [scan options](https://semgrep.dev/docs/cli-reference#semgrep-scan-command-options)","default":"--metrics off --disable-version-check --no-suppress-errors"},{"name":"NODE_SEMGREP_RULES","description":"Space-separated list of [Semgrep rules](https://semgrep.dev/docs/running-rules).\n\nCan be both local YAML files or remote rules from the [Semgrep Registry](https://semgrep.dev/explore) (denoted by the `p/` prefix).","default":"p/javascript p/eslint p/gitlab-eslint"},{"name":"NODE_SEMGREP_REGISTRY_BASE_URL","description":"The Semgrep Registry base URL that is used to download the rules. No trailing slash.","default":"https://semgrep.dev/c"},{"name":"NODE_SEMGREP_DOWNLOAD_RULES_ENABLED","description":"Download Semgrep remote rules","type":"boolean","default":"true"}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [@cyclonedx/cyclonedx-npm](https://www.npmjs.com/package/@cyclonedx/cyclonedx-npm)","disable_with":"NODE_SBOM_DISABLED","variables":[{"name":"NODE_SBOM_VERSION","description":"Version of the @cyclonedx/cyclonedx-npm used for SBOM analysis","advanced":true},{"name":"NODE_SBOM_OPTS","description":"Options for @cyclonedx/cyclonedx-npm used for SBOM analysis","default":"--omit dev","advanced":true}]},{"id":"publish","name":"Publish","description":"[publishes](https://docs.npmjs.com/cli/v8/commands/npm-publish) the project package to a npm registry","enable_with":"NODE_PUBLISH_ENABLED","variables":[{"name":"NODE_PUBLISH_ARGS","description":"npm [publish](https://docs.npmjs.com/cli/v8/commands/npm-publish) extra arguments - yarn [publish](https://classic.yarnpkg.com/lang/en/docs/cli/publish/) extra arguments - pnpm [publish](https://pnpm.io/cli/publish) extra arguments","advanced":true},{"name":"NODE_PUBLISH_TOKEN","description":"npm publication registry authentication token","secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-node-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"4.1.1","tags":["4.1.1","4.1.0","4.1","4.0.3","4.0.2","4.0.1","4.0.0","4.0","4","3.15.2","3.15.1","3.15.0","3.15","3.14.0","3.14","3.13.0","3.13","3.12.3","3.12.2","3.12.1","3.12.0","3.12","3.11.1","3.11.0","3.11","3.10.1","3.10.0","3.10","3.9.0","3.9","3.8.0","3.8","3.7.1","3.7.0","3.7","3.6.0","3.6","3.5.3","3.5.2","3.5.1","3.5.0","3.5","3.4.2","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.4.0","2.4","2.3.0","2.3","2.2.0","2.1.0","2.0.2","2.0.1","2.0.0","2","1.2.0","1.1.1","1.1.0","1.0.0"],"name":"node","path":"to-be-continuous/node","web_url":"https://gitlab.com/to-be-continuous/node","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454237/logo.png"}},{"name":"OpenShift","description":"Deploy your application to an [OpenShift](https://www.openshift.com/) platform","template_path":"templates/gitlab-ci-openshift.yml","kind":"hosting","prefix":"os","is_component":true,"variables":[{"name":"OS_CLI_IMAGE","description":"the Docker image used to run OpenShift Client (OC) CLI commands - **set the version required by your OpenShift server**","default":"quay.io/openshift/origin-cli:latest"},{"name":"OS_URL","type":"url","description":"Global OpenShift API url","mandatory":true},{"name":"OS_TOKEN","description":"Global OpenShift API token","secret":true,"mandatory":true},{"name":"OS_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"OS_BASE_TEMPLATE_NAME","description":"Base OpenShift template name","default":"openshift","advanced":true},{"name":"OS_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.openshift.acme.com`)_"},{"name":"OS_SCRIPTS_DIR","description":"directory where OpenShift scripts (templates, hook scripts) are located","default":".","advanced":true},{"name":"OS_APP_LABEL","description":"The OpenShift [label](https://docs.openshift.com/container-platform/3.11/dev_guide/templates.html#writing-labels) set with the `$environment_name` dynamic variable.","default":"app","advanced":true},{"name":"OS_ENV_LABEL","description":"The OpenShift [label](https://docs.openshift.com/container-platform/3.11/dev_guide/templates.html#writing-labels) set with the `$environment_type` dynamic variable.","default":"env","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","variables":[{"name":"OS_REVIEW_PROJECT","description":"OpenShift project for review env","mandatory":true},{"name":"OS_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"OS_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"OS_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"OS_REVIEW_URL","type":"url","description":"OpenShift API url for review env (only define to override default)","advanced":true},{"name":"OS_REVIEW_TOKEN","description":"OpenShift API token for review env (only define to override default)","secret":true},{"name":"CLEANUP_ALL_REVIEW","description":"Enables a **manual** job to cleanup all review envs at once.\n\nYou may also use it to [schedule](https://docs.gitlab.com/ee/ci/pipelines/schedules.html) cloud resources cleanup. See documentation.","type":"boolean"}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"OS_INTEG_PROJECT","description":"OpenShift project for integration env","mandatory":true},{"name":"OS_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"OS_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"OS_INTEG_URL","type":"url","description":"OpenShift API url for integration env (only define to override default)","advanced":true},{"name":"OS_INTEG_TOKEN","description":"OpenShift API token for integration env (only define to override default)","secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"OS_STAGING_PROJECT","description":"OpenShift project for staging env","mandatory":true},{"name":"OS_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"OS_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"OS_STAGING_URL","type":"url","description":"OpenShift API url for staging env (only define to override default)","advanced":true},{"name":"OS_STAGING_TOKEN","description":"OpenShift API token for staging env (only define to override default)","secret":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"OS_PROD_PROJECT","description":"OpenShift project for production env","mandatory":true},{"name":"OS_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"OS_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"OS_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"OS_PROD_URL","type":"url","description":"OpenShift API url for production env (only define to override default)","advanced":true},{"name":"OS_PROD_TOKEN","description":"OpenShift API token for production env (only define to override default)","secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-openshift-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"5.2.3","tags":["5.2.3","5.2.2","5.2.1","5.2.0","5.2","5.1.0","5.1","5.0.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.1.0","3.1","3.0.0","3.0","3","2.2.5","2.2.4","2.2.3","2.2.2","2.2.1","2.2.0","2.2","2.1.0","2.1","2.0.0","2.0","2","1.4.0","1.4","1.3.0","1.3","1.2.7","1.2.6","1.2.5","1.2.4","1.2.3","1.2.2","1.2.1","1.2.0","1.1.0","1.0.0","1"],"name":"openshift","path":"to-be-continuous/openshift","web_url":"https://gitlab.com/to-be-continuous/openshift","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454239/logo.png"}},{"name":"PHP","description":"Build, test and analyse your [PHP](https://www.php.net/) projects","template_path":"templates/gitlab-ci-php.yml","kind":"build","prefix":"php","is_component":true,"variables":[{"name":"PHP_IMAGE","description":"The Docker image used to run PHP - **set the version required by your project**","default":"registry.hub.docker.com/library/php:latest"},{"name":"PHP_PROJECT_DIR","description":"The PHP project root directory","default":".","advanced":true}],"features":[{"id":"phpunit","name":"PHPUnit","description":"[PHPUnit](https://docs.phpunit.de/) tests\n\nAutomatically enabled if a PHPUnit [XML configuration file](https://docs.phpunit.de/en/11.5/configuration.html#appendixes-configuration) is found in the project (`phpunit.xml`)","disable_with":"PHP_UNIT_DISABLED","variables":[{"name":"PHP_UNIT_ARGS","description":"Additional PHPUnit [options](https://docs.phpunit.de/en/11.5/textui.html#command-line-options)","advanced":true}]},{"id":"codesniffer","name":"PHP_CodeSniffer","description":"[PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) analysis","disable_with":"PHP_CODESNIFFER_DISABLED","variables":[{"name":"PHP_CODESNIFFER_ARGS","description":"PHP_CodeSniffer [options](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Configuration-Options)\n\nEither use this variable or use an [XML configuration file](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Advanced-Usage#using-a-default-configuration-file) in your project.","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [@cyclonedx/cyclonedx-php](https://github.com/CycloneDX/cyclonedx-php-composer)","disable_with":"PHP_SBOM_DISABLED","variables":[{"name":"PHP_SBOM_VERSION","description":"Version of the cyclonedx-php-composer used for SBOM analysis","advanced":true},{"name":"PHP_SBOM_OPTS","description":"[`cyclonedx/cyclonedx-php` options](https://github.com/CycloneDX/cyclonedx-php-composer#usage) used for SBOM analysis","advanced":true}]},{"id":"outdated","name":"composer outdated","description":"Shows the list of installed packages that have updates available (uses [`composer outdated`](https://getcomposer.org/doc/03-cli.md#outdated))","variables":[{"name":"PHP_OUTDATED_OPTS","description":"[`composer outdated` options](https://getcomposer.org/doc/03-cli.md#outdated)","default":"--direct","advanced":true}]},{"id":"audit","name":"composer audit","description":" Scan your dependencies for vulnerabilities with [`composer audit`](https://getcomposer.org/doc/03-cli.md#audit)","disable_with":"PHP_COMPOSER_AUDIT_DISABLED","variables":[{"name":"PHP_COMPOSER_AUDIT_OPTS","description":"[`composer audit` options](https://getcomposer.org/doc/03-cli.md#audit)","default":"--locked","advanced":true}]}],"extension_id":null,"project":{"tag":"4.8.0","tags":["4.8.0","4.8","4.7.1","4.7.0","4.7","4.6.0","4.6","4.5.0","4.5","4.4.2","4.4.1","4.4.0","4.4","4.3.0","4.3","4.2.2","4.2.1","4.2.0","4.2","4.1.0","4.1","4.0.0","4.0","4","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.2.1","1.2.0","1.1.1","1.1.0","1.0.0"],"name":"php","path":"to-be-continuous/php","web_url":"https://gitlab.com/to-be-continuous/php","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454241/logo.png"}},{"name":"Playwright","description":"Run your automated tests with [Playwright](https://playwright.dev/docs/intro)","template_path":"templates/gitlab-ci-playwright.yml","kind":"acceptance","prefix":"playwright","is_component":true,"variables":[{"name":"PLAYWRIGHT_IMAGE","description":"The Docker image used to run Playwright","default":"mcr.microsoft.com/playwright:latest"},{"name":"PLAYWRIGHT_PROJECT_DIR","description":"The Playwright root project directory (contains the `playwright.config.ts` file)","default":"."},{"name":"PLAYWRIGHT_EXTRA_ARGS","description":"Playwright extra [run options](https://playwright.dev/docs/test-cli)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Playwright tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"},{"name":"NODE_INSTALL_EXTRA_OPTS","description":"Extra [`npm ci`](https://docs.npmjs.com/cli/ci.html/) options to install project dependencies","type":"text"}],"extension_id":null,"project":{"tag":"1.4.0","tags":["1.4.0","1.4","1.3.1","1.3.0","1.3","1.2.0","1.2","1.1.0","1.1","1.0.0","1.0","1"],"name":"playwright","path":"to-be-continuous/playwright","web_url":"https://gitlab.com/to-be-continuous/playwright","avatar":"https://gitlab.com/uploads/-/system/project/avatar/51928175/logo.png"}},{"name":"Postman","description":"Run your automated (API) tests with [Postman](https://www.postman.com/automated-testing)","template_path":"templates/gitlab-ci-postman.yml","kind":"acceptance","prefix":"postman","is_component":true,"variables":[{"name":"POSTMAN_IMAGE","description":"The Docker image used to run Postman CLI.","default":"registry.hub.docker.com/postman/newman:latest"},{"name":"POSTMAN_COLLECTIONS","description":"The matcher to select Postman collection file(s) to run.","default":"postman/*collection.json"},{"name":"POSTMAN_EXTRA_ARGS","description":"Newman extra [run options](https://github.com/postmanlabs/newman#command-line-options) (to use global variables, an environment or a data source for e.g.)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Postman tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.6.0","tags":["3.6.0","3.6","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.2","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.0"],"name":"postman","path":"to-be-continuous/postman","web_url":"https://gitlab.com/to-be-continuous/postman","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454247/logo.png"}},{"name":"pre-commit","description":"Test your [pre-commit](https://pre-commit.com/) hooks in CI","template_path":"templates/gitlab-ci-pre-commit.yml","kind":"build","prefix":"pre-commit","is_component":true,"variables":[{"name":"PRE_COMMIT_IMAGE","description":"The Docker image used to run `pre-commit`\n\n:information_source: You may build your own pre-configured image to speed-up things and prevent the tool and plugins from being pip-installed (see documentation).","default":"registry.hub.docker.com/library/python:3-alpine"}],"features":[{"id":"pre-commit-run","name":"pre-commit run","description":"[pre-commit](https://pre-commit.com/) analysis","disable_with":"PRE_COMMIT_DISABLED","variables":[{"name":"PRE_COMMIT_ARGS","description":"Additionnal arguments for the `pre-commit run` command","advanced":true},{"name":"PRE_COMMIT_SKIP","description":"pre-commit `SKIP` environment variable that allows to disable some hooks (see https://pre-commit.com/#temporarily-disabling-hooks)","default":"no-commit-to-branch","advanced":true},{"name":"PRE_COMMIT_FILE","description":"pre-commit config file to use for the `pre-commit run` command","default":".pre-commit-ci.yaml","advanced":true}]}],"extension_id":null,"project":{"tag":"1.1.1","tags":["1.1.1","1.1.0","1.1","1.0.2","1.0.1","1.0.0","1.0","1"],"name":"pre-commit","path":"to-be-continuous/pre-commit","web_url":"https://gitlab.com/to-be-continuous/pre-commit","avatar":"https://gitlab.com/uploads/-/system/project/avatar/56753211/logo.png"}},{"name":"Puppeteer","description":"Run your automated (web) tests with [Puppeteer](https://pptr.dev/)","template_path":"templates/gitlab-ci-puppeteer.yml","kind":"acceptance","prefix":"puppeteer","is_component":true,"variables":[{"name":"PUPPETEER_IMAGE","description":"The Docker image used to run [Puppeteer](https://hub.docker.com/r/ghcr.io/puppeteer/puppeteer)","default":"ghcr.io/puppeteer/puppeteer:latest"},{"name":"PUPPETEER_PROJECT_DIR","description":"The Puppeteer project directory (containing `package.json`)","default":"."},{"name":"PUPPETEER_TEST_EXTRA_ARGS","description":"Testing framework extra options based on [Jest](https://jestjs.io/docs/en/cli)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Puppeteer tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.6.0","tags":["3.6.0","3.6","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.0"],"name":"puppeteer","path":"to-be-continuous/puppeteer","web_url":"https://gitlab.com/to-be-continuous/puppeteer","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454250/logo.png"}},{"name":"Python","description":"Build, test and analyse your [Python](https://www.python.org/) projects","template_path":"templates/gitlab-ci-python.yml","kind":"build","prefix":"python","job_prefix":"py","is_component":true,"variables":[{"name":"PYTHON_IMAGE","description":"The Docker image used to run Python - **set the version required by your project**","default":"registry.hub.docker.com/library/python:3-slim"},{"name":"PYTHON_PROJECT_DIR","description":"Python project root directory","default":"."},{"name":"PYTHON_BUILD_SYSTEM","description":"Python build-system to use to install dependencies, build and package the project","type":"enum","values":["auto","setuptools","poetry","pipenv","reqfile","uv"],"default":"auto","advanced":true},{"name":"PYTHON_REQS_FILE","description":"Main requirements file _(relative to `$PYTHON_PROJECT_DIR`)_\n\nFor [Requirements Files](https://pip.pypa.io/en/stable/user_guide/#requirements-files) build-system only","default":"requirements.txt","advanced":true},{"name":"PYTHON_EXTRA_REQS_FILES","description":"Extra dev requirements file(s) to install _(relative to `$PYTHON_PROJECT_DIR`)_\n\nFor [Requirements Files](https://pip.pypa.io/en/stable/user_guide/#requirements-files) build-system only","default":"requirements-dev.txt","advanced":true},{"name":"PYTHON_COMPILE_ARGS","description":"[`compileall` CLI options](https://docs.python.org/3/library/compileall.html)","default":"*","advanced":true},{"name":"PIP_OPTS","description":"pip extra [options](https://pip.pypa.io/en/stable/cli/pip/#general-options)","advanced":true},{"name":"PYTHON_EXTRA_DEPS","description":"Extra sets of dependencies to install\n\nFor [Setuptools](https://setuptools.pypa.io/en/latest/userguide/dependency_management.html?highlight=extras#optional-dependencies) or [Poetry](https://python-poetry.org/docs/pyproject/#extras) only"}],"features":[{"id":"package","name":"package","description":"This job allows building your Python project [distribution packages](https://packaging.python.org/en/latest/glossary/#term-Distribution-Package).","enable_with":"PYTHON_PACKAGE_ENABLED"},{"id":"pylint","name":"pylint","description":"Code analysis based on [pylint](http://pylint.pycqa.org/en/latest/) Python lib.","enable_with":"PYLINT_ENABLED","variables":[{"name":"PYLINT_ARGS","description":"Additional [pylint CLI options](http://pylint.pycqa.org/en/latest/user_guide/run.html#command-line-options)","advanced":true},{"name":"PYLINT_FILES","description":"Files or directories to analyse","advanced":true}]},{"id":"unittest","name":"unittest","description":"Unit tests based on [unittest](https://docs.python.org/3/library/unittest.html) framework","enable_with":"UNITTEST_ENABLED","variables":[{"name":"UNITTEST_ARGS","description":"Additional xmlrunner/unittest CLI options","advanced":true}]},{"id":"pytest","name":"pytest","description":"Unit tests based on [pytest](https://docs.pytest.org/) framework","enable_with":"PYTEST_ENABLED","variables":[{"name":"PYTEST_ARGS","description":"Additional [pytest](https://docs.pytest.org/en/stable/usage.html) or [pytest-cov](https://github.com/pytest-dev/pytest-cov#usage) CLI options","advanced":true}]},{"id":"nose","name":"nose","description":"Unit tests based on [nose](https://nose.readthedocs.io/) framework","enable_with":"NOSETESTS_ENABLED","variables":[{"name":"NOSETESTS_ARGS","description":"Additional [nose CLI options](https://nose.readthedocs.io/en/latest/usage.html#options)","advanced":true}]},{"id":"bandit","name":"Bandit","description":"[Bandit](https://pypi.org/project/bandit/) analysis (SAST)","enable_with":"BANDIT_ENABLED","variables":[{"name":"BANDIT_ARGS","description":"Additional [Bandit CLI options](https://github.com/PyCQA/bandit#usage)","default":"--recursive .","advanced":true}]},{"id":"trivy","name":"Trivy","description":"Detect security vulnerabilities with [Trivy](https://aquasecurity.github.io/trivy) (dependencies analysis)","disable_with":"PYTHON_TRIVY_DISABLED","variables":[{"name":"PYTHON_TRIVY_DIST_URL","description":"Url to the `tar.gz` package for `linux_amd64` of Trivy to use\n\n_When unset, the latest version will be used_","advanced":true},{"name":"PYTHON_TRIVY_ARGS","description":"Additional [Trivy CLI options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_filesystem/)","default":"--ignore-unfixed --pkg-types library --detection-priority comprehensive","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [syft](https://github.com/anchore/syft)","disable_with":"PYTHON_SBOM_DISABLED","variables":[{"name":"PYTHON_SBOM_SYFT_URL","description":"Url to the `tar.gz` package for `linux_amd64` of Syft to use\n\n_When unset, the latest version will be used_","advanced":true},{"name":"PYTHON_SBOM_NAME","description":"Component name of the emitted SBOM","default":"$CI_PROJECT_PATH/$PYTHON_PROJECT_DIR","advanced":true},{"name":"PYTHON_SBOM_OPTS","description":"Options for syft used for SBOM analysis","default":"--override-default-catalogers python-package-cataloger","advanced":true}]},{"id":"release","name":"Release","description":"Manually trigger a release of your code (uses [bumpversion](https://pypi.org/project/bumpversion/))","enable_with":"PYTHON_RELEASE_ENABLED","variables":[{"name":"PYTHON_RELEASE_NEXT","type":"enum","values":["","major","minor","patch"],"description":"The part of the version to increase (one of: `major`, `minor`, `patch`)","default":"minor","advanced":true},{"name":"PYTHON_SEMREL_RELEASE_DISABLED","description":"Disable semantic-release integration","type":"boolean","advanced":true},{"name":"PYTHON_RELEASE_COMMIT_MESSAGE","description":"The Git commit message to use on the release commit. This is templated using the [Python Format String Syntax](http://docs.python.org/2/library/string.html#format-string-syntax). Available in the template context are current_version and new_version.","default":"chore(python-release): {current_version} → {new_version}","advanced":true},{"name":"GIT_USERNAME","description":"Git username for Git push operations","secret":true},{"name":"GIT_PASSWORD","description":"Git password for Git push operations","secret":true},{"name":"GIT_PRIVATE_KEY","description":"SSH key for Git push operations","secret":true},{"name":"PYTHON_REPOSITORY_URL","type":"url","description":"Target PyPI repository to publish packages.\n\n_defaults to [GitLab project's packages repository](https://docs.gitlab.com/ee/user/packages/pypi_repository/)_","default":"${CI_SERVER_URL}/api/v4/projects/${CI_PROJECT_ID}/packages/pypi"},{"name":"PYTHON_REPOSITORY_USERNAME","description":"Target PyPI repository username credential","secret":true,"default":"gitlab-ci-token"},{"name":"PYTHON_REPOSITORY_PASSWORD","description":"Target PyPI repository password credential","secret":true,"default":"$CI_JOB_TOKEN"}]},{"id":"black","name":"black","description":"Code formatting based on [black](https://black.readthedocs.io)","enable_with":"PYTHON_BLACK_ENABLED"},{"id":"isort","name":"isort","description":"Check imports order with [isort](https://pycqa.github.io/isort)","enable_with":"PYTHON_ISORT_ENABLED"},{"id":"ruff","name":"Ruff","description":"An extremely fast Python linter and code formatter, written in Rust. [Ruff](https://docs.astral.sh/ruff/)","enable_with":"RUFF_ENABLED","variables":[{"name":"RUFF_ARGS","description":"Additional [Ruff Linter CLI options](https://docs.astral.sh/ruff/configuration/#full-command-line-interface)","advanced":true}]},{"id":"ruff-format","name":"Ruff Format","description":"An extremely fast Python linter and code formatter, written in Rust. [Ruff](https://docs.astral.sh/ruff/)","enable_with":"RUFF_FORMAT_ENABLED","variables":[]},{"id":"mypy","name":"mypy","description":"Code analysis based on [mypy](https://mypy.readthedocs.io/).","enable_with":"MYPY_ENABLED","variables":[{"name":"MYPY_ARGS","description":"Additional [mypy CLI options](https://mypy.readthedocs.io/en/stable/command_line.html)","advanced":true},{"name":"MYPY_FILES","description":"Files or directories to analyse","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-python-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp-auth-provider","name":"Google Cloud","description":"Retrieves an [ADC](https://cloud.google.com/docs/authentication/application-default-credentials) for Python Google Client","template_path":"templates/gitlab-ci-python-gcp.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)"}]},{"id":"aws-codeartifact","name":"AWS CodeArtifact","description":"Retrieves AWS CodeArtifact credentials","template_path":"templates/gitlab-ci-python-aws-codeartifact.yml","variables":[{"name":"TBC_AWS_PROVIDER_IMAGE","description":"The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest","advanced":true},{"name":"AWS_REGION","description":"Default region (where the codeartifact repository is located)"},{"name":"AWS_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"AWS_OIDC_ROLE_ARN","description":"Default IAM Role ARN associated with GitLab _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_"},{"name":"AWS_ACCESS_KEY_ID","description":"Default access key ID (only required for basic authentication)","secret":true,"advanced":true},{"name":"AWS_SECRET_ACCESS_KEY","description":"Default secret access key (only required for basic authentication)","secret":true,"advanced":true},{"name":"AWS_CODEARTIFACT_DOMAIN","description":"The AWS CodeArtifact domain","mandatory":true},{"name":"AWS_CODEARTIFACT_DOMAIN_OWNER","description":"The AWS CodeArtifact domain owner","mandatory":true},{"name":"AWS_CODEARTIFACT_REPOSITORY","description":"The AWS CodeArtifact repository","mandatory":true}]}],"extension_id":null,"project":{"tag":"7.5.2","tags":["7.5.2","7.5.1","7.5.0","7.5","7.4.0","7.3.3","7.3.2","7.3.1","7.3.0","7.3","7.2.0","7.2","7.1.1","7.1.0","7.1","7.0.2","7.0.1","7.0.0","7.0","7","6.11.1","6.11.0","6.11","6.10.0","6.10","6.9.0","6.9","6.8.1","6.8.0","6.8","6.7.0","6.7","6.6.5","6.6.4","6.6.3","6.6.2","6.6.1","6.6.0","6.6","6.5.0","6.5","6.4.1","6.4.0","6.4","6.3.5","6.3.4","6.3.3","6.3.2","6.3.1","6.3.0","6.3","6.2.0","6.2","6.1.5","6.1.4","6.1.3","6.1.2","6.1.1","6.1.0","6.1","6.0.2","6.0.1","6.0.0","6.0","6","5.1.0","5.1","5.0.0","5.0","5","4.2.0","4.2","4.1.1","4.1.0","4.1","4.0.1","4.0.0","4","3.2.1","3.2.0","3.1.1","3.1.0","3.0.1","3.0.0","2.2.0","2.1.1","2.1.0","2.0.3","2.0.2","2.0.1","2.0.0","1.3.0","1.2.3","1.2.2","1.2.1","1.2.0","1.1.0","1.0.0"],"name":"python","path":"to-be-continuous/python","web_url":"https://gitlab.com/to-be-continuous/python","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454253/logo.png"}},{"name":"Renovate","description":"Automate your dependency updates with [Renovate](https://www.mend.io/renovate/)","template_path":"templates/gitlab-ci-renovate.yml","kind":"misc","prefix":"renovate","is_component":true,"variables":[{"name":"RENOVATE_IMAGE","description":"The Docker image used to run Renovate","default":"registry.hub.docker.com/renovate/renovate:latest"},{"name":"RENOVATE_ONBOARDING_CONFIG","description":"Renovate configuration to use for onboarding PRs","default":"{\n \"$$schema\": \"https://docs.renovatebot.com/renovate-schema.json\",\n \"extends\": [\n \"config:recommended\",\n \":dependencyDashboard\"\n ],\n \"labels\": [\n \"dependencies\"\n ],\n \"customManagers\": [\n {\n \"customType\": \"regex\",\n \"fileMatch\": [ \"\\\\.gitlab-ci\\\\.ya?ml$\" ], \n \"matchStrings\": [ \"\\\\s?_IMAGE:\\\\s['\\\"](?<registryUrls>.*?)\\\\/(?<depName>.*?):(?<currentValue>.*)['\\\"]\" ], \n \"datasourceTemplate\": \"docker\" \n },\n {\n \"customType\": \"regex\",\n \"fileMatch\": [ \"\\\\.gitlab-ci\\\\.ya?ml$\" ], \n \"matchStrings\": [ \"\\\\s?image:\\\\s['\\\"](?<registryUrls>.*?)\\\\/(?<depName>.*?):(?<currentValue>.*)['\\\"]\" ], \n \"datasourceTemplate\": \"docker\" \n }\n ] \n}"},{"name":"RENOVATE_TOKEN","description":"A GitLab access token to allow Renovate crawl your projects. [See doc](https://docs.renovatebot.com/modules/platform/gitlab/#authentication)","secret":true},{"name":"GITHUB_COM_TOKEN","description":"A GitHub access token to allow Renovate fetch changelogs. [See doc](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs)","secret":true}],"extension_id":null,"project":{"tag":"1.4.1","tags":["1.4.1","1.4.0","1.4","1.3.0","1.3","1.2.2","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.0","1.0","1"],"name":"renovate","path":"to-be-continuous/renovate","web_url":"https://gitlab.com/to-be-continuous/renovate","avatar":"https://gitlab.com/uploads/-/system/project/avatar/48678619/logo.png"}},{"name":"Robot Framework","description":"Run your automated tests with [Robot Framework](https://robotframework.org/)","template_path":"templates/gitlab-ci-robotframework.yml","kind":"acceptance","prefix":"robot","job_prefix":"robotframework","is_component":true,"variables":[{"name":"ROBOT_BASE_IMAGE","description":"The Docker image used to run Robot frame work CLI","default":"registry.hub.docker.com/ppodgorsek/robot-framework:latest"},{"name":"ROBOT_TESTS_DIR","description":"Path to Robot Framework tests directory","default":"robot"},{"name":"ROBOT_BROWSER","description":"Browser to use","default":"firefox","type":"enum","values":["firefox","chrome"]},{"name":"ROBOT_OPTIONS","description":"Robot Framework [additional options](http://robotframework.org/robotframework/latest/RobotFrameworkUserGuide.html#all-command-line-options)","advanced":true},{"name":"ROBOT_THREADS","description":"Number of threads to execute Robot Framework tests (uses [Pabot](https://pabot.org/) if > `1`)","default":"1","type":"number","advanced":true},{"name":"PABOT_OPTIONS","description":"Pabot [additional options](https://github.com/mkorpela/pabot#command-line-options) (if `ROBOT_THREADS` > `1`)","advanced":true},{"name":"ROBOT_SCREEN_COLOUR_DEPTH","description":"Screen colour depth for X Window Virtual Framebuffer","type":"number","default":"24"},{"name":"ROBOT_SCREEN_HEIGHT","description":"Screen height for X Window Virtual Framebuffer","type":"number","default":"1080"},{"name":"ROBOT_SCREEN_WIDTH","description":"Screen width for X Window Virtual Framebuffer","type":"number","default":"1920"},{"name":"REVIEW_ENABLED","description":"Set to enable Robot Framework tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"features":[{"id":"lint","name":"robotframework-lint","description":"This job performs a [Lint](https://github.com/boakley/robotframework-lint/) analysis on your `Robot Framework files`.","disable_with":"ROBOT_LINT_DISABLED"}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-robotframework-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"4.3.0","tags":["4.3.0","4.3","4.2.2","4.2.1","4.2.0","4.2","4.1.0","4.1","4.0.1","4.0.0","4.0","4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.2","2.0.1","2.0.0","2","1.3.0","1.2.0","1.1.0","1.0.0"],"name":"robotframework","path":"to-be-continuous/robotframework","web_url":"https://gitlab.com/to-be-continuous/robotframework","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26546374/logo.png"}},{"name":"Source-to-Image","description":"Build reproducible container images from your source code with [Source-to-Image](https://github.com/openshift/source-to-image) (S2I)","template_path":"templates/gitlab-ci-s2i.yml","kind":"package","prefix":"s2i","is_component":true,"variables":[{"name":"S2I_DIND_IMAGE","description":"The image used to run the Docker daemon","default":"registry.hub.docker.com/library/docker:dind"},{"name":"S2I_SKOPEO_IMAGE","description":"The image used to push the built container image with Skopeo","default":"quay.io/skopeo/stable:latest"},{"name":"S2I_VERSION","description":"The target S2I version to install/use","default":"latest","advanced":true},{"name":"S2I_PLATFORM","description":"The target S2I platform to install/use","default":"linux-386","advanced":true},{"name":"S2I_BUILDER_IMAGE","description":"The S2I [builder image](https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md) used to build your application image","mandatory":true},{"name":"S2I_ROOT_DIR","description":"Relative path to the application source code base directory in your repository","default":".","advanced":true},{"name":"S2I_BUILD_EXTRA_FLAGS","description":"S2I build [extra flags](https://github.com/openshift/source-to-image/blob/master/docs/cli.md#s2i-build)","advanced":true},{"name":"S2I_SNAPSHOT_IMAGE","description":"S2I snapshot image","default":"$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"},{"name":"S2I_RELEASE_IMAGE","description":"S2I release image","default":"$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"},{"name":"S2I_PUBLISH_ARGS","description":"Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)","advanced":true},{"name":"S2I_PROD_PUBLISH_STRATEGY","description":"Defines the publish to production strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"},{"name":"S2I_RELEASE_EXTRA_TAGS_PATTERN","description":"Defines the image tag pattern that `$S2I_RELEASE_IMAGE` should match to push extra tags (supports capturing groups)\n\nDefaults to [SemVer](https://semver.org/) pattern.","default":"^v?(?P<major>[0-9]+)\\.(?P<minor>[0-9]+)\\.(?P<patch>[0-9]+)(?P<suffix>(?P<prerelease>-[0-9A-Za-z-\\.]+)?(?P<build>\\+[0-9A-Za-z-\\.]+)?)$","advanced":true},{"name":"S2I_RELEASE_EXTRA_TAGS","description":"Defines extra tags to publish the _release_ image\n\nSupports capturing group references from `$S2I_RELEASE_EXTRA_TAGS_PATTERN` (ex: `latest \\g<major>.\\g<minor> \\g<major>`)","advanced":true},{"name":"S2I_SEMREL_RELEASE_DISABLED","description":"Disable integration with the [semantic release template](https://gitlab.com/to-be-continuous/semantic-release/)","type":"boolean"}],"extension_id":null,"project":{"tag":"1.1.1","tags":["1.1.1","1.1.0","1.1","1.0.1","1.0.0","1.0","1"],"name":"s2i","path":"to-be-continuous/s2i","web_url":"https://gitlab.com/to-be-continuous/s2i","avatar":"https://gitlab.com/uploads/-/system/project/avatar/48540470/logo.png"}},{"name":"S3 (Simple Storage Service)","description":"Deploy your objects to any [S3](https://en.wikipedia.org/wiki/Amazon_S3) (Simple Storage Service) compatible object storage service","template_path":"templates/gitlab-ci-s3.yml","kind":"hosting","prefix":"s3","is_component":true,"variables":[{"name":"S3_CMD_IMAGE","description":"The Docker image used to run [s3cmd](https://s3tools.org/usage) commands","advanced":true,"default":"registry.hub.docker.com/d3fk/s3cmd:latest"},{"name":"S3_ENDPOINT_HOST","description":"Default S3 endpoint hostname (with port)","default":"s3.amazonaws.com","mandatory":true},{"name":"S3_HOST_BUCKET","description":"Default DNS-style bucket+hostname:port template for accessing a bucket","default":"%(bucket)s.$S3_ENDPOINT_HOST","mandatory":true},{"name":"S3_REGION","description":"Default region to create the buckets in (if not defined, the template won't create any)"},{"name":"S3_ACCESS_KEY","description":"Default S3 service Access Key","secret":true,"mandatory":true},{"name":"S3_SECRET_KEY","description":"Default S3 service Secret Key","secret":true,"mandatory":true},{"name":"S3_BASE_BUCKET_NAME","description":"Base bucket name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"S3_DEPLOY_ARGS","description":"[s3cmd](https://s3tools.org/usage) command and options to deploy files to the bucket","default":"sync --recursive --delete-removed --acl-public --no-mime-magic --guess-mime-type","advanced":true},{"name":"S3_DEPLOY_FILES","description":"Pattern(s) of files to deploy to the S3 bucket","default":"public/"},{"name":"S3_WEBSITE_DISABLED","description":"Disables WebSite hosting by your S3 bucket","type":"boolean"},{"name":"S3_WEBSITE_ENDPOINT","description":"Default WebSite endpoint url pattern (supports `%(bucket)s` and `%(location)s` placeholders)","default":"http://%(bucket)s.s3-website.%(location)s.amazonaws.com"},{"name":"S3_WEBSITE_ARGS","description":"[s3cmd](https://s3tools.org/usage) command and options to enable WebSite hosting on the bucket","default":"ws-create --ws-index=index.html --ws-error=404.html","advanced":true},{"name":"S3_PREFIX","description":"Default S3 prefix to use as a root destination to upload objects in the S3 bucket"},{"name":"S3_SCRIPTS_DIR","description":"Directory where S3 hook scripts are located","default":".","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","disable_with":"S3_REVIEW_DISABLED","variables":[{"name":"S3_REVIEW_ENDPOINT_HOST","description":"S3 endpoint hostname (with port) for `review` env _(only define to override default)_"},{"name":"S3_REVIEW_REGION","description":"Region to create the `review` buckets in (if not defined, the template won't create any)"},{"name":"S3_REVIEW_ACCESS_KEY","description":"S3 service Access Key for `review` env (only define to override default)","secret":true},{"name":"S3_REVIEW_SECRET_KEY","description":"S3 service Secret Key for `review` env (only define to override default)","secret":true},{"name":"S3_REVIEW_BUCKET_NAME","description":"Bucket name for `review` env _(only define to override default)_","advanced":true},{"name":"CLEANUP_ALL_REVIEW","description":"Enables a **manual** job to cleanup all review envs at once.\n\nYou may also use it to [schedule](https://docs.gitlab.com/ee/ci/pipelines/schedules.html) cloud resources cleanup. See documentation.","type":"boolean"},{"name":"S3_REVIEW_PREFIX","description":"S3 prefix to use for `review` env _(only define to override default)_","advanced":true},{"name":"S3_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","disable_with":"S3_INTEG_DISABLED","variables":[{"name":"S3_INTEG_ENDPOINT_HOST","description":"S3 endpoint hostname (with port) for `integration` env _(only define to override default)_"},{"name":"S3_INTEG_REGION","description":"Region to create the `integration` bucket in"},{"name":"S3_INTEG_ACCESS_KEY","description":"S3 service Access Key for `integration` env (only define to override default)","secret":true},{"name":"S3_INTEG_SECRET_KEY","description":"S3 service Secret Key for `integration` env (only define to override default)","secret":true},{"name":"S3_INTEG_BUCKET_NAME","description":"Bucket name for `integration` env _(only define to override default)_","advanced":true},{"name":"S3_INTEG_PREFIX","description":"S3 prefix to use for `integration` env _(only define to override default)_","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","disable_with":"S3_STAGING_DISABLED","variables":[{"name":"S3_STAGING_ENDPOINT_HOST","description":"S3 endpoint hostname (with port) for `staging` env _(only define to override default)_"},{"name":"S3_STAGING_REGION","description":"Region to create the `staging` bucket in"},{"name":"S3_STAGING_ACCESS_KEY","description":"S3 service Access Key for `staging` env (only define to override default)","secret":true},{"name":"S3_STAGING_SECRET_KEY","description":"S3 service Secret Key for `staging` env (only define to override default)","secret":true},{"name":"S3_STAGING_BUCKET_NAME","description":"Bucket name for `staging` env _(only define to override default)_","advanced":true},{"name":"S3_STAGING_PREFIX","description":"S3 prefix to use for `staging` env _(only define to override default)_","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","disable_with":"S3_PROD_DISABLED","variables":[{"name":"S3_PROD_ENDPOINT_HOST","description":"S3 endpoint hostname (with port) for `production` env _(only define to override default)_"},{"name":"S3_PROD_REGION","description":"Region to create the `production` bucket in"},{"name":"S3_PROD_ACCESS_KEY","description":"S3 service Access Key for `production` env (only define to override default)","secret":true},{"name":"S3_PROD_SECRET_KEY","description":"S3 service Secret Key for `production` env (only define to override default)","secret":true},{"name":"S3_PROD_BUCKET_NAME","description":"Bucket name for `production` env _(only define to override default)_","advanced":true},{"name":"S3_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"S3_PROD_PREFIX","description":"S3 prefix to use for `production` env _(only define to override default)_","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-s3-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"7.2.3","tags":["7.2.3","7.2.2","7.2.1","7.2.0","7.2","7.1.0","7.1","7.0.1","7.0.0","7.0","7","6.0.0","6.0","6","5.2.0","5.2","5.1.0","5.1","5.0.0","5.0","5","4.1.1","4.1.0","4.1","4.0.0","4.0","4","3.0.0","3.0","3","2.3.0","2.3","2.2.0","2.2","2.1.5","2.1.4","2.1.3","2.1.2","2.1.1","2.1.0","2.0.0","2","1.2.1","1.2.0","1.1.0","1.0.0"],"name":"s3","path":"to-be-continuous/s3","web_url":"https://gitlab.com/to-be-continuous/s3","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26450933/logo.png"}},{"name":"Scala/SBT","description":"Build, test and analyse your [sbt](https://www.scala-sbt.org/)-based projects","template_path":"templates/gitlab-ci-sbt.yml","kind":"build","prefix":"sbt","is_component":true,"variables":[{"name":"SBT_IMAGE","description":"The Docker image used to run sbt - **set the version required by your project**","default":"registry.hub.docker.com/sbtscala/scala-sbt:17.0.2_1.6.2_3.1.3"},{"name":"SBT_BUILD_ARGS","description":"The sbt arguments for the sbt arguments for the [build job packaging](https://www.scala-sbt.org/1.x/docs/Running.html#Common+commands)","default":"clean package","advanced":true},{"name":"SBT_TEST_ARGS","description":"The sbt arguments for the sbt arguments for the [build job test phase](https://www.scala-sbt.org/1.x/docs/Running.html#Common+commands)","default":"coverage test coverageAggregate","advanced":true},{"name":"SBT_OPTS","description":"Global [sbt options](https://www.scala-sbt.org/1.x/docs/Command-Line-Reference.html#sbt+JVM+options+and+system+properties)","default":"-Dsbt.global.base=sbt-cache/sbtboot -Dsbt.boot.directory=sbt-cache/boot -Dsbt.coursier.home=sbt-cache/coursier -Dsbt.ci=true -Dsbt.color=always","advanced":true},{"name":"SBT_CLI_OPTS","description":"Additional sbt options used on the command line","default":"--batch","advanced":true}],"features":[{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [syft](https://github.com/anchore/syft)","disable_with":"SBT_SBOM_DISABLED","variables":[{"name":"SBT_SBOM_IMAGE","default":"registry.hub.docker.com/anchore/syft:debug","description":"The syft image used for SBOM analysis"},{"name":"SBT_SBOM_OPTS","description":"Options for syft used for SBOM analysis","default":"dir:sbt-cache/coursier --catalogers java-cataloger","advanced":true}]},{"id":"publish","name":"Publish (snapshot & release)","description":"Enable artifacts publishing to a Nexus repository","variables":[{"name":"SBT_PUBLISH_MODE","description":"Publish mode (one of `snapshot`, `ontag`, `release`)","type":"enum","values":["","snapshot","ontag","release"],"mandatory":true},{"name":"GIT_PRIVATE_KEY","description":"Git private key to perform Git operations (for `release` publish mode)","secret":true},{"name":"MAVEN_REPOSITORY_HOST","description":"Global Maven repository host where credentials apply","secret":false},{"name":"MAVEN_REPOSITORY_USERNAME","description":"Global Maven repository username","secret":true},{"name":"MAVEN_REPOSITORY_PASSWORD","description":"Global Maven repository password","secret":true},{"name":"MAVEN_REPOSITORY_PUBLISH_RELEASE_URL","description":"Maven repository URL where to publish release artifacts","secret":false},{"name":"MAVEN_REPOSITORY_PUBLISH_SNAPSHOT_URL","description":"Maven repository URL where to publish snapshot artifacts","secret":false},{"name":"MAVEN_REPOSITORY_PUBLISH_USERNAME","description":"Maven repository username used for publishing purposes","secret":true},{"name":"MAVEN_REPOSITORY_PUBLISH_PASSWORD","description":"Maven repository password used for publishing purposes","secret":true}]}],"extension_id":null,"project":{"tag":"1.7.1","tags":["1.7.1","1.7.0","1.7","1.6.0","1.6","1.5.1","1.5.0","1.5","1.4.0","1.4","1.3.1","1.3.0","1.3","1.2.0","1.2","1.1.2","1.1.1","1.1.0","1.1","1.0.0","1.0","1"],"name":"sbt","path":"to-be-continuous/sbt","web_url":"https://gitlab.com/to-be-continuous/sbt","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26717195/logo.png"}},{"name":"semantic-release","description":"Automate your versioning and release management with [semantic-release](https://github.com/semantic-release/semantic-release)","template_path":"templates/gitlab-ci-semrel.yml","kind":"publish","prefix":"semrel","job_prefix":"semantic-release","is_component":true,"variables":[{"name":"SEMREL_IMAGE","description":"The Docker image used to run semantic-release","default":"registry.hub.docker.com/library/node:lts-slim"},{"name":"SEMREL_VERSION","description":"The [semantic-release](https://www.npmjs.com/package/semantic-release) version to use","default":"latest","advanced":true},{"name":"SEMREL_EXEC_VERSION","description":"The [@semantic-release/exec](https://www.npmjs.com/package/@semantic-release/exec) version to use","default":"latest","advanced":true},{"name":"GITLAB_TOKEN","description":"A GitLab 'project access token' or 'personal access token' with `api`, `read_repository` and `write repository` scopes.","mandatory":true,"secret":true},{"name":"SEMREL_CONFIG_DIR","description":"directory containing your [semantic-release configuration](https://semantic-release.gitbook.io/semantic-release/usage/configuration#configuration-file)","default":".","advanced":true},{"name":"SEMREL_TAG_FORMAT","description":"For generated `.releaserc` file only. [tagFormat semantic-release option](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#tagformat)e. :warning: don't forget to double the `$` character so it is not interpreted by GitLab.","default":"$${version}","advanced":true},{"name":"SEMREL_REQUIRED_PLUGINS_FILE","description":"Full path to `semrel-required-plugins.txt` file _(relative to `$CI_PROJECT_DIR`)_","default":"semrel-required-plugins.txt","advanced":true}],"features":[{"id":"semantic-release","name":"semantic-release","description":"Performs a semantic release.","disable_with":"SEMREL_RELEASE_DISABLED","variables":[{"name":"SEMREL_CHANGELOG_ENABLED","description":"Add the [@semantic-release/changelog](https://github.com/semantic-release/changelog) plugin which will commit a changelog file in the repository.","type":"boolean"},{"name":"SEMREL_CHANGELOG_FILE","description":"[changelogFile @semantic-release/changelog option](https://github.com/semantic-release/changelog#options).","default":"CHANGELOG.md","advanced":true},{"name":"SEMREL_CHANGELOG_TITLE","description":"[changelogTitle @semantic-release/changelog option](https://github.com/semantic-release/changelog#options). You might want to use markdown format (for example `# MyApp Changelog`).","advanced":true},{"name":"SEMREL_DRY_RUN","description":"For generated `.releaserc` file only. Activate the [dryRun semantic-release option](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#dryrun) if present.","type":"boolean","advanced":true},{"name":"SEMREL_AUTO_RELEASE_ENABLED","description":"When set the job start automatically. When not set (default), the job is manual.","type":"boolean"},{"name":"SEMREL_BRANCHES_REF","description":"Regular expression pattern matching branches from which releases should happen (should match your [semantic-release configuration](https://semantic-release.gitbook.io/semantic-release/usage/configuration#branches))","default":"/^(master|main)$/","advanced":true},{"name":"SEMREL_HOOKS_DIR","description":"Hook scripts folder.","default":".","advanced":true},{"name":"SEMREL_GPG_SIGNKEY","description":"Path to the GPG signkey exported with `gpg --armor --export-secret-key`.","secret":true,"advanced":true},{"name":"SEMREL_COMMIT_MESSAGE","description":"[message @semantic-release/git option](https://github.com/semantic-release/git#message)","advanced":true},{"name":"SEMREL_COMMIT_SPEC","description":"Commit specification `preset` (possible values: `angular`, `atom`, `codemirror`, `ember`, `eslint`, `express`, `jquery`, `jshint`, `conventionalcommits`). The default is `angular`.","values":["angular","codemirror","conventionalcommits","ember","eslint","express","jquery","jshint"],"default":"angular","advanced":true}]},{"id":"semantic-release-info","name":"semantic-release-info","description":"Run `semantic-release` dry run to save next release version information as dotenv artifact and make them available in next pipeline stages","variables":[{"name":"SEMREL_INFO_ON","description":"Define on which branch(es) the job shall be run","type":"enum","values":["","prod","branches-ref","protected","all"],"mandatory":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-semrel-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"3.11.5","tags":["3.11.5","3.11.4","3.11.3","3.11.2","3.11.1","3.11.0","3.11","3.10.3","3.10.2","3.10.1","3.10.0","3.10","3.9.1","3.9.0","3.9","3.8.3","3.8.2","3.8.1","3.8.0","3.8","3.7.1","3.7.0","3.7","3.6.0","3.6","3.5.2","3.5.1","3.5.0","3.5","3.4.2","3.4.1","3.4.0","3.4","3.3.1","3.3.0","3.3","3.2.2","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.3.1","2.3.0","2.3","2.2.6","2.2.5","2.2.4","2.2.3","2.2.2","2.2.1","2.2.0","2.1.0","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.1","1.0.0"],"name":"semantic-release","path":"to-be-continuous/semantic-release","web_url":"https://gitlab.com/to-be-continuous/semantic-release","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454254/logo.png"}},{"name":"SonarQube","description":"Continuously inspect your codebase with [SonarQube](https://www.sonarqube.org/)","template_path":"templates/gitlab-ci-sonar.yml","kind":"analyse","prefix":"sonar","is_component":true,"variables":[{"name":"SONAR_SCANNER_IMAGE","description":"The Docker image used to run [sonar-scanner](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/)","default":"registry.hub.docker.com/sonarsource/sonar-scanner-cli:latest"},{"name":"SONAR_HOST_URL","type":"url","description":"SonarQube server url","mandatory":true},{"name":"SONAR_PROJECT_KEY","description":"SonarQube Project Key (might also be set in the `sonar-project.properties` file)","advanced":true},{"name":"SONAR_PROJECT_NAME","description":"SonarQube Project Name (might also be set in the `sonar-project.properties` file)","advanced":true},{"name":"SONAR_TOKEN","description":"SonarQube authentication token (depends on your authentication method)","secret":true},{"name":"SONAR_LOGIN","description":"SonarQube login (depends on your authentication method)","secret":true},{"name":"SONAR_PASSWORD","description":"SonarQube password (depends on your authentication method)","secret":true},{"name":"SONAR_BASE_ARGS","description":"SonarQube [analysis arguments](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/analysis-parameters/)","default":"-Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues","advanced":true},{"name":"SONAR_QUALITY_GATE_ENABLED","description":"Enables SonarQube [Quality Gate](https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/quality-gates/) verification.\n\n_Uses `sonar.qualitygate.wait` parameter ([see doc](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/ci-integration/overview/#quality-gate-fails))._","type":"boolean"}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-sonar-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"4.2.4","tags":["4.2.4","4.2.3","4.2.2","4.2.1","4.2.0","4.2","4.1.1","4.1.0","4.1","4.0.1","4.0.0","4.0","4","3.3.0","3.3","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.3.2","1.3.1","1.3.0","1.2.0","1.1.0","1.0.0"],"name":"sonar","path":"to-be-continuous/sonar","web_url":"https://gitlab.com/to-be-continuous/sonar","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454259/logo.png"}},{"name":"Spectral","description":"[Spectral](https://docs.stoplight.io/docs/spectral) is a JSON/YAML Linter with custom rulesets, out of the box support for OpenAPI and AsyncAPI","template_path":"templates/gitlab-ci-spectral.yml","kind":"analyse","prefix":"spectral","is_component":true,"variables":[{"name":"SPECTRAL_IMAGE","description":"The Docker image used to run `spectral`","default":"registry.hub.docker.com/stoplight/spectral:latest"},{"name":"SPECTRAL_DOCUMENTS","description":"Location of JSON/YAML documents to be linted. Can be either a file, a glob or fetchable resource(s) on the web","default":"{,api/,src/main/resources/}*{openapi,oas,swagger,async}*.{json,yml,yaml}"},{"name":"SPECTRAL_EXTRA_ARGS","description":"Extra Spectral CLI [options](https://docs.stoplight.io/docs/spectral/docs/guides/2-cli.md)","advanced":true},{"name":"SPECTRAL_DISABLED","description":"Set to `true` to disable this job","type":"boolean","advanced":true}],"extension_id":null,"project":{"tag":"1.1.2","tags":["1.1.2","1.1.1","1.1.0","1.1","1.0.0","1.0","1"],"name":"spectral","path":"to-be-continuous/spectral","web_url":"https://gitlab.com/to-be-continuous/spectral","avatar":"https://gitlab.com/uploads/-/system/project/avatar/52371414/logo.png"}},{"name":"Sphinx","description":"Build your documentation with [Sphinx](https://www.sphinx-doc.org/)","template_path":"templates/gitlab-ci-sphinx.yml","kind":"build","prefix":"sphinx","is_component":true,"variables":[{"name":"SPHINX_IMAGE","description":"The Docker image used to run Sphinx","default":"ghcr.io/sphinx-doc/sphinx:latest"},{"name":"SPHINX_BUILD_ARGS","description":"[`sphinx-build` options](https://www.sphinx-doc.org/en/master/man/sphinx-build.html)) to be used","default":"-M html"},{"name":"SPHINX_PROJECT_DIR","description":"Sphinx project root directory","default":"."},{"name":"SPHINX_SOURCE_DIR","description":"Sphinx source directory (relative to `$SPHINX_PROJECT_DIR`) containing the Sphinx `conf.py` file","default":"source","advanced":true},{"name":"SPHINX_BUILD_DIR","description":"Sphinx build output directory (relative to `$SPHINX_PROJECT_DIR`)","default":"build","advanced":true},{"name":"SPHINX_REQUIREMENTS_FILE","description":"Requirements file (relative to `$SPHINX_PROJECT_DIR`). If the file is not found in the repository, requirements are read from the `SPHINX_REQUIREMENTS` variable","default":"requirements.txt","advanced":true},{"name":"SPHINX_REQUIREMENTS","description":"Space separated requirements (ignored if a requirement file is found)","advanced":true},{"name":"SPHINX_PREBUILD_SCRIPT","description":"Pre-build hook script (relative to `$SPHINX_PROJECT_DIR`)","default":"sphinx-pre-build.sh","advanced":true},{"name":"PIP_OPTS","description":"pip extra [options](https://pip.pypa.io/en/stable/cli/pip/#general-options)","advanced":true}],"features":[{"id":"lychee","name":"lychee","description":"Checks broken links and emails with [lychee](https://github.com/lycheeverse/lychee)","enable_with":"SPHINX_LYCHEE_ENABLED","variables":[{"name":"SPHINX_LYCHEE_IMAGE","description":"The Docker image used to run [lychee](https://github.com/lycheeverse/lychee)","default":"registry.hub.docker.com/lycheeverse/lychee:latest","advanced":true},{"name":"SPHINX_LYCHEE_ARGS","description":"[lychee arguments](https://github.com/lycheeverse/lychee#commandline-parameters) to execute","default":"--exclude-loopback $SPHINX_SOURCE_DIR/**/*.rst"}]}],"variants":[{"id":"pages","name":"GitLab Pages","description":"Adds a job to publish the generated documentation to GitLab pages","template_path":"templates/gitlab-ci-sphinx-pages.yml"}],"extension_id":null,"project":{"tag":"1.2.0","tags":["1.2.0","1.2","1.1.1","1.1.0","1.1","1.0.0","1.0","1"],"name":"sphinx","path":"to-be-continuous/sphinx","web_url":"https://gitlab.com/to-be-continuous/sphinx","avatar":"https://gitlab.com/uploads/-/system/project/avatar/53144593/logo.png"}},{"name":"SQLFluff lint","description":"Lint your SQL files (whichever your dialect) with [SQLFluff](https://docs.sqlfluff.com)","template_path":"templates/gitlab-ci-sqlfluff.yml","kind":"analyse","prefix":"sqlfluff","is_component":true,"variables":[{"name":"SQLFLUFF_IMAGE","description":"The Docker image used to run SQLFluff","default":"registry.hub.docker.com/sqlfluff/sqlfluff:latest"},{"name":"SQLFLUFF_WORKING_DIR","description":"Sqlfluff working directory, scope of configuration and sql files used","default":".","advanced":true},{"name":"SQLFLUFF_LINT_ARGS","description":"Lint [options and arguments](https://docs.sqlfluff.com/en/stable/reference/cli.html#sqlfluff-lint)","advanced":true}],"extension_id":null,"project":{"tag":"1.3.1","tags":["1.3.1","1.3.0","1.3","1.2.0","1.2","1.1.2","1.1.1","1.1.0","1.1","1.0.2","1.0.1","1.0.0","1.0","1"],"name":"sqlfluff","path":"to-be-continuous/sqlfluff","web_url":"https://gitlab.com/to-be-continuous/sqlfluff","avatar":"https://gitlab.com/uploads/-/system/project/avatar/38513375/logo.png"}},{"name":"Terraform","description":"Manage your infrastructure with [Terraform](https://www.terraform.io)","template_path":"templates/gitlab-ci-terraform.yml","kind":"infrastructure","prefix":"tf","is_component":true,"variables":[{"name":"TF_IMAGE","description":"the Docker image used to run Terraform CLI commands - **set the version required by your project**","default":"registry.hub.docker.com/hashicorp/terraform:latest"},{"name":"TF_GITLAB_BACKEND_DISABLED","type":"boolean","description":"Set to disable [GitLab managed Terraform State](https://docs.gitlab.com/ee/user/infrastructure/iac/terraform_state.html)","advanced":true},{"name":"TF_PROJECT_DIR","description":"Terraform project root directory","default":".","advanced":true},{"name":"TF_SCRIPTS_DIR","description":"Terraform (hook) scripts base directory (relative to `$TF_PROJECT_DIR`)","default":".","advanced":true},{"name":"TF_OUTPUT_DIR","description":"Terraform output directory (relative to `$TF_PROJECT_DIR`).\n\n_Everything generated in this directory will be kept as job artifacts._","default":"tf-output","advanced":true},{"name":"TF_EXTRA_OPTS","description":"Default Terraform extra options (applies to all Terraform commands)","advanced":true},{"name":"TF_INIT_OPTS","description":"Default Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init)","advanced":true},{"name":"TF_WORKSPACE","description":"Default Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces)","advanced":true},{"name":"TF_PLAN_OPTS","description":"Default Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan)","advanced":true},{"name":"TF_APPLY_OPTS","description":"Default Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply)","advanced":true},{"name":"TF_DESTROY_OPTS","description":"Default Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy)","advanced":true}],"features":[{"id":"tfsec","name":"tfsec","description":"Detect security issues with [tfsec](https://github.com/tfsec/tfsec)","enable_with":"TF_TFSEC_ENABLED","variables":[{"name":"TF_TFSEC_IMAGE","description":"tfsec docker image","default":"registry.hub.docker.com/aquasec/tfsec-ci","advanced":true},{"name":"TF_TFSEC_ARGS","description":"tfsec [options and args](https://aquasecurity.github.io/tfsec/latest/guides/usage/)","default":"."}]},{"id":"trivy","name":"trivy","description":"Detect security issues with [trivy config](https://aquasecurity.github.io/trivy/latest/docs/scanner/misconfiguration/)","disable_with":"TF_TRIVY_DISABLED","variables":[{"name":"TF_TRIVY_IMAGE","description":"trivy docker image","default":"registry.hub.docker.com/aquasec/trivy","advanced":true},{"name":"TF_TRIVY_ARGS","description":"trivy config [options and args](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_config/)","default":"."}]},{"id":"checkov","name":"checkov","description":"Static code analysis tool for infrastructure-as-code","enable_with":"TF_CHECKOV_ENABLED","variables":[{"name":"TF_CHECKOV_IMAGE","description":"checkov docker image","default":"registry.hub.docker.com/bridgecrew/checkov","advanced":true},{"name":"TF_CHECKOV_ARGS","description":"checkov [options and args](https://www.checkov.io/2.Basics/CLI%20Command%20Reference.html)","default":"--framework terraform","advanced":true}]},{"id":"tf-infracost","name":"tf-infracost","description":"Shows cloud cost estimates for infrastructure-as-code projects","enable_with":"TF_INFRACOST_ENABLED","variables":[{"name":"TF_INFRACOST_IMAGE","description":"Infracost docker image","default":"registry.hub.docker.com/infracost/infracost","advanced":true},{"name":"TF_INFRACOST_ARGS","description":"infracost [CLI options and args](https://www.infracost.io/docs/#usage)","default":"breakdown"},{"name":"TF_INFACOST_USAGE_FILE","description":"infracost [usage file](https://www.infracost.io/docs/usage_based_resources/#infracost-usage-file)","default":"infracost-usage.yml"},{"name":"INFRACOST_API_KEY","description":"the infracost API key","secret":true}]},{"id":"tf-tflint","name":"tf-tflint","description":"Analyse your Terraform code with [tflint](https://github.com/terraform-linters/tflint)","disable_with":"TF_TFLINT_DISABLED","variables":[{"name":"TF_TFLINT_IMAGE","description":"Tflint docker image","default":"ghcr.io/terraform-linters/tflint-bundle:latest","advanced":true},{"name":"TF_TFLINT_ARGS","description":"tflint extra [options and args](https://github.com/terraform-linters/tflint/#usage)","default":"--enable-plugin=google --enable-plugin=azurerm --enable-plugin=aws --recursive"}]},{"id":"tf-fmt","name":"tf-fmt","description":"Check your Terraform code with [tffmt](https://developer.hashicorp.com/terraform/cli/commands/fmt#usage)","enable_with":"TF_FMT_ENABLED","variables":[{"name":"TF_FMT_ARGS","description":"terraform fmt extra [options](https://developer.hashicorp.com/terraform/cli/commands/fmt#usage)","default":"-diff -recursive"}]},{"id":"tf-validate","name":"tf-validate","description":"Check your Terraform code with [tfvalidate](https://developer.hashicorp.com/terraform/cli/commands/validate#usage)","enable_with":"TF_VALIDATE_ENABLED","variables":[]},{"id":"tfdocs","name":"terraform docs","description":"Build Terraform documentation based on [terraform docs](https://terraform-docs.io/)","enable_with":"TF_DOCS_ENABLED","variables":[{"name":"TF_DOCS_IMAGE","description":"[terraform docs](https://terraform-docs.io/) container image","default":"quay.io/terraform-docs/terraform-docs:edge","advanced":true},{"name":"TF_DOCS_EXTRA_OPTS","description":"Extra [terraform docs options](https://terraform-docs.io/reference/terraform-docs/)","advanced":true},{"name":"TF_DOCS_CONFIG","description":"terraform docs [configuration file](https://terraform-docs.io/user-guide/configuration/) (relative to `$TF_PROJECT_DIR`)","default":".terraform-docs.yml","advanced":true},{"name":"TF_DOCS_OUTPUT_DIR","description":"terraform docs output directory (relative to `$TF_PROJECT_DIR`)","default":"docs","advanced":true}]},{"id":"tfpublish","name":"publish module","description":"Publish a Terraform module to GitLab's [Terraform Module Registry](https://docs.gitlab.com/ee/user/packages/terraform_module_registry/)","enable_with":"TF_PUBLISH_ENABLED","variables":[{"name":"TF_PUBLISH_IMAGE","description":"container image used to publish module","default":"registry.hub.docker.com/curlimages/curl:latest","advanced":true},{"name":"TF_MODULE_NAME","description":"The module name. May not contain any spaces or underscores.","default":"$CI_PROJECT_NAME","advanced":true},{"name":"TF_MODULE_SYSTEM","description":"The module system or provider (example: `local`, `aws`, `google`)","default":"local"},{"name":"TF_MODULE_VERSION","description":"The module version. It must be valid according to the [semantic versioning](https://semver.org/) specification.","default":"$CI_COMMIT_TAG","advanced":true},{"name":"TF_MODULE_FILES","description":"Glob patterns matching files to include into the Terraform module (:warning: does not support double star)","default":"*.tf *.tpl *.md"}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/))","enable_with":"TF_REVIEW_ENABLED","variables":[{"name":"TF_REVIEW_EXTRA_OPTS","description":"Terraform extra options for `review` env (applies to all Terraform commands) (only define to override default)","advanced":true},{"name":"TF_REVIEW_INIT_OPTS","description":"Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_WORKSPACE","description":"Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_PLAN_ENABLED","description":"Set to enable separate Terraform plan job for `review` env.","type":"boolean","advanced":true},{"name":"TF_REVIEW_PLAN_OPTS","description":"Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_APPLY_OPTS","description":"Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_DESTROY_OPTS","description":"Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"TF_INTEG_ENABLED","variables":[{"name":"TF_INTEG_EXTRA_OPTS","description":"Terraform extra options for `integration` env (applies to all Terraform commands) (only define to override default)","advanced":true},{"name":"TF_INTEG_INIT_OPTS","description":"Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_WORKSPACE","description":"Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_PLAN_ENABLED","description":"Set to enable separate Terraform plan job for `integration` env.","type":"boolean","advanced":true},{"name":"TF_INTEG_PLAN_OPTS","description":"Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_APPLY_OPTS","description":"Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_DESTROY_OPTS","description":"Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `integration` env","default":"never"}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"TF_STAGING_ENABLED","variables":[{"name":"TF_STAGING_EXTRA_OPTS","description":"Terraform extra options for `staging` env (applies to all Terraform commands) (only define to override default)","advanced":true},{"name":"TF_STAGING_INIT_OPTS","description":"Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_WORKSPACE","description":"Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_PLAN_ENABLED","description":"Set to enable separate Terraform plan job for `staging` env.","type":"boolean","advanced":true},{"name":"TF_STAGING_PLAN_OPTS","description":"Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_APPLY_OPTS","description":"Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_DESTROY_OPTS","description":"Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `staging` env","default":"never"}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"TF_PROD_ENABLED","variables":[{"name":"TF_PROD_EXTRA_OPTS","description":"Terraform extra options for `production` env (applies to all Terraform commands) (only define to override default)","advanced":true},{"name":"TF_PROD_INIT_OPTS","description":"Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init) for `production` env (only define to override default)","advanced":true},{"name":"TF_PROD_WORKSPACE","description":"Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces) for `production` env (only define to override default)","advanced":true},{"name":"TF_PROD_PLAN_ENABLED","description":"Set to enable separate Terraform plan job for `production` env.","type":"boolean","default":"true","advanced":true},{"name":"TF_PROD_PLAN_OPTS","description":"Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan) for `production` env (only define to override default)","advanced":true},{"name":"TF_PROD_APPLY_OPTS","description":"Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply) for `production` env (only define to override default)","advanced":true},{"name":"TF_PROD_DESTROY_OPTS","description":"Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy) for `production` env (only define to override default)","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-terraform-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp-auth-provider","name":"Google Cloud","description":"Retrieves an [OAuth access token](https://developers.google.com/identity/protocols/oauth2) for the [Google Cloud Platform Provider for Terraform](https://registry.terraform.io/providers/hashicorp/google/latest/docs)","template_path":"templates/gitlab-ci-terraform-gcp.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ee/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) on `production` environment","advanced":true}]},{"id":"aws","name":"AWS","description":"Sets the appropriate Assume Role with Web Identity configuration for the [AWS Provider for Terraform](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#assume-role-with-web-identity-configuration-reference)","template_path":"templates/gitlab-ci-terraform-aws.yml","variables":[{"name":"AWS_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"AWS_OIDC_ROLE_ARN","description":"Default IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/)","advanced":true},{"name":"AWS_REVIEW_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/) on `review` env _(only define to override default)_","advanced":true},{"name":"AWS_INTEG_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/) on `integration` env _(only define to override default)_","advanced":true},{"name":"AWS_STAGING_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/) on `staging` env _(only define to override default)_","advanced":true},{"name":"AWS_PROD_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/aws/) on `production` env _(only define to override default)_","advanced":true}]}],"extension_id":null,"project":{"tag":"5.5.6","tags":["5.5.6","5.5.5","5.5.4","5.5.3","5.5.2","5.5.1","5.5.0","5.5","5.4.14","5.4.13","5.4.12","5.4.11","5.4.10","5.4.9","5.4.8","5.4.7","5.4.6","5.4.5","5.4.4","5.4.3","5.4.2","5.4.1","5.4.0","5.4","5.3.0","5.3","5.2.0","5.2","5.1.0","5.1","5.0.2","5.0.1","5.0.0","5.0","5","4.0.3","4.0.2","4.0.1","4.0.0","4.0","4","3.12.3","3.12.2","3.12.1","3.12.0","3.12","3.11.0","3.11","3.10.0","3.10","3.9.1","3.9.0","3.9","3.8.0","3.8","3.7.0","3.7","3.6.3","3.6.2","3.6.1","3.6.0","3.6","3.5.1","3.5.0","3.5","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.8.0","2.8","2.7.1","2.7.0","2.7","2.6.0","2.6","2.5.0","2.5","2.4.3","2.4.2","2.4.1","2.4.0","2.3.2","2.3.1","2.3.0","2.2.4","2.2.3","2.2.2","2.2.1","2.2.0","2.1.1","2"],"name":"terraform","path":"to-be-continuous/terraform","web_url":"https://gitlab.com/to-be-continuous/terraform","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454262/logo.png"}},{"name":"Test SSL","description":"Test your TLS/SSL servers compliance with [Test SSL](https://testssl.sh/)","template_path":"templates/gitlab-ci-testssl.yml","kind":"acceptance","prefix":"testssl","is_component":true,"variables":[{"name":"TESTSSL_IMAGE","description":"The Docker image used to run [Test SSL](https://testssl.sh/)","default":"registry.hub.docker.com/drwetter/testssl.sh:latest"},{"name":"TESTSSL_ARGS","description":"Test SSL [command-line options](https://testssl.sh/#usage)","default":"--severity MEDIUM","advanced":true},{"name":"TESTSSL_URL","description":"Server url to test TLS/SSL against\n\n_Leave unset if you're using deployment templates_"},{"name":"REVIEW_ENABLED","description":"Set to enable Test SSL tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.6.0","tags":["3.6.0","3.6","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.0"],"name":"testssl","path":"to-be-continuous/testssl","web_url":"https://gitlab.com/to-be-continuous/testssl","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454277/logo.png"}}]} +{"extensions":[],"presets":[{"name":"OpenShift Sandbox","description":"[OpenShift Sandbox](https://developers.redhat.com/developer-sandbox) by RedHat","values":{"OS_URL":"https://api.sandbox.x8i5.p1.openshiftapps.com:6443","OS_ENVIRONMENT_URL":"https://%{environment_name}.apps.sandbox.x8i5.p1.openshiftapps.com","K8S_URL":"https://api.sandbox.x8i5.p1.openshiftapps.com:6443","K8S_ENVIRONMENT_URL":"https://%{environment_name}.apps.sandbox.x8i5.p1.openshiftapps.com"},"extension_id":null,"project":{"tag":"1.0.0","tags":["1.0.0"],"name":"kicker-extras","path":"to-be-continuous/tools/kicker-extras","web_url":"https://gitlab.com/to-be-continuous/tools/kicker-extras"}},{"name":"SonarCloud","description":"[SonarCloud](https://www.sonarsource.com/products/sonarcloud/) (SaaS)","values":{"SONAR_HOST_URL":"https://sonarcloud.io"},"extension_id":null,"project":{"tag":"1.0.0","tags":["1.0.0"],"name":"kicker-extras","path":"to-be-continuous/tools/kicker-extras","web_url":"https://gitlab.com/to-be-continuous/tools/kicker-extras"}}],"templates":[{"name":"Angular","description":"Build, test and analyse your [Angular](https://angular.io/) projects","template_path":"templates/gitlab-ci-angular.yml","kind":"build","prefix":"ng","is_component":true,"variables":[{"name":"NG_CLI_IMAGE","description":"The Docker image used to run Angular-CLI (`ng`) - **set the version required by your project**","default":"registry.hub.docker.com/trion/ng-cli-karma:latest"},{"name":"NPM_CONFIG_REGISTRY","description":"NPM [registry](https://docs.npmjs.com/configuring-your-registry-settings-as-an-npm-enterprise-user)","type":"url","advanced":true},{"name":"NPM_CONFIG_SCOPED_REGISTRIES","description":"Space separated list of NPM [scoped registries](https://docs.npmjs.com/cli/v8/using-npm/scope#associating-a-scope-with-a-registry) (formatted as `@somescope:https://some.npm.registry/some/repo @anotherscope:https://another.npm.registry/another/repo`)","advanced":true},{"name":"NG_WORKSPACE_DIR","description":"Angular workspace directory","default":".","advanced":true},{"name":"NG_INSTALL_EXTRA_OPTS","description":"Extra options to install project dependencies (with [`npm ci`](https://docs.npmjs.com/cli/ci.html/))","advanced":true},{"name":"NG_BUILD_ARGS","description":"Angular [ng build](https://angular.io/cli/build) arguments","default":"build","advanced":true},{"name":"NG_TEST_ARGS","description":"Angular [ng test](https://angular.io/cli/test) arguments","default":"test --code-coverage --reporters progress,junit --watch=false --no-progress","advanced":true}],"features":[{"id":"lint","name":"Angular lint","description":"Angular lint analysis","disable_with":"NG_LINT_DISABLED","variables":[{"name":"NG_LINT_ARGS","description":"Angular [ng lint](https://angular.io/cli/lint) arguments","default":"lint","advanced":true}]},{"id":"publish","name":"Publish","description":"[publishes](https://docs.npmjs.com/cli/v6/commands/npm-publish) the project packages to a npm registry","enable_with":"NG_PUBLISH_ENABLED","variables":[{"name":"NG_PUBLISH_ARGS","description":"npm [publish](https://docs.npmjs.com/cli/v6/commands/npm-publish) arguments","advanced":true},{"name":"NG_PUBLISH_PROJECTS","description":"Space separated list of projects to publish. If no project is specified, all workspace projects are published.","advanced":true},{"name":"NPM_PUBLISH_REGISTRY","description":"npm registry to publish to. If none is specified, uses GitLab project npm packages registry","secret":true},{"name":"NPM_PUBLISH_TOKEN","description":"NPM publication registry authentication token","secret":true}]},{"id":"e2e-test","name":"e2e-test","description":"Run your [e2e tests](https://angular.io/cli/e2e) on your angular project","enable_with":"NG_E2E_ENABLED","variables":[{"name":"NG_E2E_ARGS","description":"ng [e2e](https://angular.io/cli/e2e) arguments","default":"e2e","advanced":true}]},{"id":"ng-outdated","name":"ng-outdated","description":"This job performs outdated analysis ([npm outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated)), to find dependencies that might be updated.","disable_with":"NG_OUTDATED_DISABLED","variables":[{"name":"NG_OUTDATED_ARGS","description":"npm [outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated) arguments","default":"--long"},{"name":"NG_OUTDATED_ALLOW_FAILURE","description":"Allow the job to fail and therefore not block the pipeline","type":"boolean","default":"true","advanced":true}]},{"id":" ng-audit","name":"ng-audit","description":"This job performs an audit using ([npm audit](https://docs.npmjs.com/cli/v8/commands/npm-audit)), to find vulnerabilities (security).","disable_with":"NG_AUDIT_DISABLED","variables":[{"name":"NG_AUDIT_ARGS","description":"npm [audit](https://docs.npmjs.com/cli/v8/commands/npm-audit) arguments","default":"--audit-level=low"}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [@cyclonedx/cyclonedx-npm](https://www.npmjs.com/package/@cyclonedx/cyclonedx-npm)","disable_with":"NG_SBOM_DISABLED","variables":[{"name":"NG_SBOM_VERSION","description":"Version of the @cyclonedx/cyclonedx-npm used for SBOM analysis","advanced":true},{"name":"NG_SBOM_OPTS","description":"Options for @cyclonedx/cyclonedx-npm used for SBOM analysis","default":"--omit dev","advanced":true}]}],"extension_id":null,"project":{"tag":"4.10.2","tags":["4.10.2","4.10.1","4.10.0","4.10","4.9.1","4.9.0","4.9","4.8.2","4.8.1","4.8.0","4.8","4.7.0","4.7","4.6.0","4.6","4.5.1","4.5.0","4.5","4.4.0","4.4","4.3.2","4.3.1","4.3.0","4.3","4.2.3","4.2.2","4.2.1","4.2.0","4.2","4.1.1","4.1.0","4.1","4.0.0","4.0","4","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.2.0","2.2","2.1.0","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.1","1.0.0"],"name":"angular","path":"to-be-continuous/angular","web_url":"https://gitlab.com/to-be-continuous/angular","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26451062/logo.png"}},{"name":"Ansible","description":"Provision your infrastructure and deploy your application with [Ansible](https://www.ansible.com/)","template_path":"templates/gitlab-ci-ansible.yml","kind":"hosting","prefix":"ansible","is_component":true,"variables":[{"name":"ANSIBLE_IMAGE","description":"The Docker image used to run Ansible. The image may contain your Ansible sources. **set the version required by your project**","default":"registry.hub.docker.com/cytopia/ansible:latest-tools"},{"name":"ANSIBLE_PROJECT_DIR","description":"Ansible project root directory","default":".","advanced":true},{"name":"ANSIBLE_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"ANSIBLE_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.acme.com`)_"},{"name":"ANSIBLE_VAULT_PASSWORD","description":"The Ansible vault password used to decrypt vars","secret":true},{"name":"ANSIBLE_PRIVATE_KEY","description":"The Ansible SSH private key to use in all stages (can be overridden per env)","secret":true},{"name":"ANSIBLE_PUBLIC_KEY","description":"The Ansible SSH public key associated to the private key to be use in all stages (can be overridden per env)","advanced":true},{"name":"ANSIBLE_DEFAULT_INVENTORY","description":"The default inventory, if used"},{"name":"ANSIBLE_DEFAULT_TAGS","description":"The default tags, if used"},{"name":"ANSIBLE_DEFAULT_EXTRA_ARGS","description":"Optional default args to add to the ansible-playbook command line","advanced":true},{"name":"ANSIBLE_FORCE_COLOR","description":"Forces color on Ansible output","type":"boolean","default":"true","advanced":true},{"name":"ANSIBLE_REQUIREMENTS_FILE","description":"The file used to install roles with `ansible-galaxy role install`","default":"requirements.yml","advanced":true},{"name":"ANSIBLE_GALAXY_EXTRA_ARGS","description":"`ansible-galaxy role install` command [extra options](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html#role-install)","advanced":true},{"name":"ANSIBLE_SCRIPTS_DIR","description":"The Ansible scripts base directory (relative to `$ANSIBLE_PROJECT_DIR`)","default":".","advanced":true},{"name":"ANSIBLE_HOST_KEY_CHECKING","description":"Enable or disable the SSH host key checking","type":"boolean","default":"false","advanced":true},{"name":"ANSIBLE_DEFAULT_ROLES_PATH","description":"The default path where the roles should be installed","default":"$CI_PROJECT_DIR/roles","advanced":true}],"features":[{"id":"lint","name":"Ansible Lint","description":"Static code analysis of your Ansible scripts with [Ansible Lint](https://docs.ansible.com/ansible-lint/)","disable_with":"ANSIBLE_LINT_DISABLED","variables":[{"name":"ANSIBLE_LINT_IMAGE","description":"The Docker image used to run Ansible Lint.","default":"registry.hub.docker.com/haxorof/ansible-lint:latest"}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","variables":[{"name":"ANSIBLE_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"ANSIBLE_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"ANSIBLE_REVIEW_INVENTORY","description":"The inventory for `review` env (only define to override default)"},{"name":"ANSIBLE_REVIEW_TAGS","description":"The tags for `review` env (only define to override default)"},{"name":"ANSIBLE_REVIEW_CLEANUP_TAGS","description":"The tags to cleanup the `review` env","mandatory":true},{"name":"ANSIBLE_REVIEW_EXTRA_ARGS","description":"The command line extra args for `review` env (only define to override default)","advanced":true},{"name":"ANSIBLE_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"ANSIBLE_REVIEW_PLAYBOOK_FILE","description":"The playbook filename for `review` env","mandatory":true},{"name":"ANSIBLE_REVIEW_CLEANUP_PLAYBOOK_FILE","description":"The playbook filename to cleanup `review` env (only define if different from deployment playbook)","advanced":true},{"name":"ANSIBLE_REVIEW_PRIVATE_KEY","description":"The SSH private key to be use in `review` env (only define to override default)","secret":true},{"name":"ANSIBLE_REVIEW_PUBLIC_KEY","description":"The SSH public key associated to the private key to be use in `review` env (only define to override default)","advanced":true},{"name":"ANSIBLE_REVIEW_VAULT_PASSWORD","description":"The Ansible vault password for `review` env (only define to override default)","secret":true,"advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"ANSIBLE_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"ANSIBLE_INTEG_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `integration` env","default":"never"},{"name":"ANSIBLE_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"ANSIBLE_INTEG_INVENTORY","description":"The inventory for `integration` env (only define to override default)"},{"name":"ANSIBLE_INTEG_TAGS","description":"The tags for `integration` env (only define to override default)"},{"name":"ANSIBLE_INTEG_CLEANUP_TAGS","description":"The tags to cleanup the `integration` env","mandatory":true},{"name":"ANSIBLE_INTEG_EXTRA_ARGS","description":"The command line extra args for `integration` env (only define to override default)","advanced":true},{"name":"ANSIBLE_INTEG_PLAYBOOK_FILE","description":"The playbook filename for `integration` env","mandatory":true},{"name":"ANSIBLE_INTEG_CLEANUP_PLAYBOOK_FILE","description":"The playbook filename to cleanup `integration` env (only define if different from deployment playbook)","advanced":true},{"name":"ANSIBLE_INTEG_PRIVATE_KEY","description":"The SSH private key to be use in `integration` env (only define to override default)","secret":true,"advanced":true},{"name":"ANSIBLE_INTEG_PUBLIC_KEY","description":"The SSH public key associated to the private key to be use in `integration` env (only define to override default)","advanced":true},{"name":"ANSIBLE_INTEG_VAULT_PASSWORD","description":"The Ansible vault password for `integration` env (only define to override default)","secret":true,"advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"ANSIBLE_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"ANSIBLE_STAGING_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `staging` env","default":"never"},{"name":"ANSIBLE_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"ANSIBLE_STAGING_INVENTORY","description":"The inventory for `staging` env (only define to override default)"},{"name":"ANSIBLE_STAGING_TAGS","description":"The tags for `staging` env (only define to override default)"},{"name":"ANSIBLE_STAGING_CLEANUP_TAGS","description":"The tags to cleanup the `staging` env","mandatory":true},{"name":"ANSIBLE_STAGING_EXTRA_ARGS","description":"The command line extra args for `staging` env (only define to override default)","advanced":true},{"name":"ANSIBLE_STAGING_PLAYBOOK_FILE","description":"The playbook filename for `staging` env","mandatory":true},{"name":"ANSIBLE_STAGING_CLEANUP_PLAYBOOK_FILE","description":"The playbook filename to cleanup `staging` env (only define if different from deployment playbook)","advanced":true},{"name":"ANSIBLE_STAGING_PRIVATE_KEY","description":"The SSH private key to be use in `staging` env (only define to override default)","secret":true,"advanced":true},{"name":"ANSIBLE_STAGING_PUBLIC_KEY","description":"The SSH public key associated to the private key to be use in `staging` env (only define to override default)","advanced":true},{"name":"ANSIBLE_STAGING_VAULT_PASSWORD","description":"The Ansible vault password for `staging` env (only define to override default)","secret":true,"advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"ANSIBLE_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"ANSIBLE_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"ANSIBLE_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"ANSIBLE_PROD_INVENTORY","description":"The inventory for `production` env (only define to override default)"},{"name":"ANSIBLE_PROD_TAGS","description":"The tags for `production` env (only define to override default)"},{"name":"ANSIBLE_PROD_EXTRA_ARGS","description":"The command line extra args for `production` env (only define to override default)","advanced":true},{"name":"ANSIBLE_PROD_PLAYBOOK_FILE","description":"The playbook filename for `production` env","mandatory":true},{"name":"ANSIBLE_PROD_PRIVATE_KEY","description":"The SSH private key to be use in `production` env (only define to override default)","secret":true,"advanced":true},{"name":"ANSIBLE_PROD_PUBLIC_KEY","description":"The SSH public key associated to the private key to be use in `production` env (only define to override default)","advanced":true},{"name":"ANSIBLE_PROD_VAULT_PASSWORD","description":"The Ansible vault password for `production` env (only define to override default)","secret":true,"advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-ansible-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp-auth-provider","name":"Google Cloud","description":"This variant uses [Application Default Credentials][gcp-adc] through the `GOOGLE_APPLICATION_CREDENTIALS` variable using Workload Identity federation.","template_path":"templates/gitlab-ci-ansible-gcp.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `production` environment","advanced":true}]}],"extension_id":null,"project":{"tag":"6.4.0","tags":["6.4.0","6.4","6.3.4","6.3.3","6.3.2","6.3.1","6.3.0","6.3","6.2.0","6.2","6.1.3","6.1.2","6.1.1","6.1.0","6.1","6.0.1","6.0.0","6.0","6","5.1.0","5.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.5.2","3.5.1","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.3.0","2.3","2.2.0","2.2","2.1.4","2.1.3","2.1.2","2.1.1","2.1.0","2.0.1","2.0.0","2","1.2.1","1.2.0","1.1.0","1.0.0"],"name":"ansible","path":"to-be-continuous/ansible","web_url":"https://gitlab.com/to-be-continuous/ansible","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26473639/logo.png"}},{"name":"Amazon Web Services","description":"Deploy your application to [Amazon Web Services](https://aws.amazon.com/)","template_path":"templates/gitlab-ci-aws.yml","kind":"hosting","prefix":"aws","is_component":true,"variables":[{"name":"AWS_CLI_IMAGE","description":"The Docker image used to run AWS CLI commands","default":"registry.hub.docker.com/amazon/aws-cli:latest"},{"name":"AWS_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"AWS_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.aws.acme.com`)_"},{"name":"AWS_SCRIPTS_DIR","description":"Directory where AWS scripts (deploy & cleanup) are located","default":".","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","enable_with":"AWS_REVIEW_ENABLED","variables":[{"name":"AWS_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"AWS_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"AWS_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"AWS_INTEG_ENABLED","variables":[{"name":"AWS_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"AWS_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"AWS_STAGING_ENABLED","variables":[{"name":"AWS_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"AWS_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"AWS_PROD_ENABLED","variables":[{"name":"AWS_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"AWS_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AWS_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"}]}],"variants":[{"id":"oidc","name":"OpenID Connect","description":"Enables [federated authentication using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)","template_path":"templates/gitlab-ci-aws-oidc.yml","variables":[{"name":"AWS_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"AWS_OIDC_ROLE_ARN","description":"Default IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/)","advanced":true},{"name":"AWS_REVIEW_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/) on `review` env _(only define to override default)_","advanced":true},{"name":"AWS_INTEG_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/) on `integration` env _(only define to override default)_","advanced":true},{"name":"AWS_STAGING_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/) on `staging` env _(only define to override default)_","advanced":true},{"name":"AWS_PROD_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/) on `production` env _(only define to override default)_","advanced":true}]},{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-aws-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"5.2.3","tags":["5.2.3","5.2.2","5.2.1","5.2.0","5.2","5.1.0","5.1","5.0.2","5.0.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.3.2","2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.0","2.1","2.0.0","2.0","2","1.4.0","1.4","1.3.0","1.3","1.2.0","1.2","1.1.3","1.1.2","1.1.1","1.1.0","1.0.2","1.0.1","1.0.0","1"],"name":"aws","path":"to-be-continuous/aws","web_url":"https://gitlab.com/to-be-continuous/aws","avatar":"https://gitlab.com/uploads/-/system/project/avatar/30120028/logo.png"}},{"name":"Azure","description":"Deploy your application to [Azure](https://azure.microsoft.com/)","template_path":"templates/gitlab-ci-azure.yml","kind":"hosting","prefix":"azure","is_component":true,"variables":[{"name":"AZURE_CLI_IMAGE","description":"The Docker image used to run Azure CLI commands","default":"mcr.microsoft.com/azure-cli:latest"},{"name":"AZURE_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"AZURE_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.azure.acme.com`)_"},{"name":"AZURE_SCRIPTS_DIR","description":"Directory where Azure scripts (deploy & cleanup) are located","default":".","advanced":true},{"name":"AZURE_SP_CLIENT_ID","description":"Default Service Principal client ID _(only define if using Service Principal authentication with credentials)_","advanced":true},{"name":"AZURE_SP_PASSWORD","description":"Default Service Principal password (client secret or certificate (File type)) (only define if using Service Principal authentication with credentials)","advanced":true,"secret":true},{"name":"AZURE_SP_TENANT_ID","description":"Default Service Principal tenant ID _(only define if using Service Principal authentication with credentials)_","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","enable_with":"AZURE_REVIEW_ENABLED","variables":[{"name":"AZURE_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"AZURE_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"AZURE_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AZURE_REVIEW_SP_CLIENT_ID","description":"Service Principal client ID for `review` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true},{"name":"AZURE_REVIEW_SP_PASSWORD","description":"Service Principal password (client secret or certificate (File type)) for `review` env - (only define if using Service Principal authentication with credentials and if different from default)","advanced":true,"secret":true},{"name":"AZURE_REVIEW_SP_TENANT_ID","description":"Service Principal tenant ID for `review` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"AZURE_INTEG_ENABLED","variables":[{"name":"AZURE_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"AZURE_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AZURE_INTEG_SP_CLIENT_ID","description":"Service Principal client ID for `integration` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true},{"name":"AZURE_INTEG_SP_PASSWORD","description":"Service Principal password (client secret or certificate (File type)) for `integration` env - (only define if using Service Principal authentication with credentials and if different from default)","advanced":true,"secret":true},{"name":"AZURE_INTEG_SP_TENANT_ID","description":"Service Principal tenant ID for `integration` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"AZURE_STAGING_ENABLED","variables":[{"name":"AZURE_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"AZURE_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AZURE_STAGING_SP_CLIENT_ID","description":"Service Principal client ID for `staging` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true},{"name":"AZURE_STAGING_SP_PASSWORD","description":"Service Principal password (client secret or certificate (File type)) for `staging` env - (only define if using Service Principal authentication with credentials and if different from default)","advanced":true,"secret":true},{"name":"AZURE_STAGING_SP_TENANT_ID","description":"Service Principal tenant ID for `staging` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"AZURE_PROD_ENABLED","variables":[{"name":"AZURE_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"AZURE_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"AZURE_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"AZURE_PROD_SP_CLIENT_ID","description":"Service Principal client ID for `production` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true},{"name":"AZURE_PROD_SP_PASSWORD","description":"Service Principal password (client secret or certificate (File type)) for `production` env - (only define if using Service Principal authentication with credentials and if different from default)","advanced":true,"secret":true},{"name":"AZURE_PROD_SP_TENANT_ID","description":"Service Principal tenant ID for `production` env - _(only define if using Service Principal authentication with credentials and if different from default)_","advanced":true}]}],"variants":[{"id":"oidc","name":"OpenID Connect","description":"Enables [federated authentication using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/)","template_path":"templates/gitlab-ci-azure-oidc.yml","variables":[{"name":"AZURE_OIDC_AUD","description":"The `aud` claim for the JWT","default":"api://AzureADTokenExchange"},{"name":"AZURE_OIDC_CLIENT_ID","description":"Default Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/)","advanced":true},{"name":"AZURE_OIDC_TENANT_ID","description":"Default Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/)","advanced":true},{"name":"AZURE_REVIEW_OIDC_CLIENT_ID","description":"Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/) on `review` env _(only define to override default)_","advanced":true},{"name":"AZURE_REVIEW_OIDC_TENANT_ID","description":"Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/) on `review` env _(only define to override default)_","advanced":true},{"name":"AZURE_INTEG_OIDC_CLIENT_ID","description":"Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/) on `integration` env _(only define to override default)_","advanced":true},{"name":"AZURE_INTEG_OIDC_TENANT_ID","description":"Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/) on `integration` env _(only define to override default)_","advanced":true},{"name":"AZURE_STAGING_OIDC_CLIENT_ID","description":"Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/) on `staging` env _(only define to override default)_","advanced":true},{"name":"AZURE_STAGING_OIDC_TENANT_ID","description":"Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/) on `staging` env _(only define to override default)_","advanced":true},{"name":"AZURE_PROD_OIDC_CLIENT_ID","description":"Service Principal client ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/) on `production` env _(only define to override default)_","advanced":true},{"name":"AZURE_PROD_OIDC_TENANT_ID","description":"Service Principal tenant ID associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/azure/) on `production` env _(only define to override default)_","advanced":true}]},{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-azure-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"2.2.3","tags":["2.2.3","2.2.2","2.2.1","2.2.0","2.2","2.1.0","2.1","2.0.2","2.0.1","2.0.0","2.0","2","1.0.0","1.0","1"],"name":"azure","path":"to-be-continuous/azure","web_url":"https://gitlab.com/to-be-continuous/azure","avatar":"https://gitlab.com/uploads/-/system/project/avatar/48544609/logo.png"}},{"name":"Bash","description":"Test and analyse your shell code","template_path":"templates/gitlab-ci-bash.yml","kind":"build","prefix":"bash","is_component":true,"features":[{"id":"shellcheck","name":"ShellCheck","description":"Analyse your shell scripts with [ShellCheck](https://github.com/koalaman/shellcheck)","disable_with":"BASH_SHELLCHECK_DISABLED","variables":[{"name":"BASH_SHELLCHECK_IMAGE","description":"The Docker image used to run [ShellCheck](https://github.com/koalaman/shellcheck)","default":"registry.hub.docker.com/koalaman/shellcheck-alpine:stable","advanced":true},{"name":"BASH_SHELLCHECK_FILES","description":"Shell file(s) or pattern(s) to analyse","default":"**/*.sh"},{"name":"BASH_SHELLCHECK_OPTS","description":"ShellCheck [options](https://github.com/koalaman/shellcheck/blob/master/shellcheck.1.md)"}]},{"id":"bats","name":"Bats","description":"Test your shell scripts with [Bats](https://bats-core.readthedocs.io/) (Bash Automated Testing System)","enable_with":"BASH_BATS_ENABLED","variables":[{"name":"BASH_BATS_IMAGE","description":"The Docker image used to run [Bats](https://hub.docker.com/r/bats/bats)","default":"registry.hub.docker.com/bats/bats:latest","advanced":true},{"name":"BASH_BATS_TESTS","description":"The path to a Bats test file, or the path to a directory containing Bats test files","default":"tests"},{"name":"BASH_BATS_OPTS","description":"Bats [options](https://bats-core.readthedocs.io/en/stable/usage.html)"},{"name":"BASH_BATS_LIBRARIES","description":"Coma separated list of Bats [libraries and add-ons](https://bats-core.readthedocs.io/en/stable/writing-tests.html#libraries-and-add-ons)\n\nFormatted as: `lib_name_1@archive_url_1 lib_name_2@archive_url_2 ...`\n\nExample: `bats-support@https://github.com/bats-core/bats-support/archive/v0.3.0.zip bats-assert@https://github.com/bats-core/bats-assert/archive/v2.0.0.zip`"}]}],"extension_id":null,"project":{"tag":"3.5.2","tags":["3.5.2","3.5.1","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.2","3.1.1","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.1.1","2.1.0","2.1","2.0.1","2.0.0","2","1.0.0"],"name":"bash","path":"to-be-continuous/bash","web_url":"https://gitlab.com/to-be-continuous/bash","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26449717/logo.png"}},{"name":"Bruno","description":"Test your APIs with [Bruno](https://www.usebruno.com/)","template_path":"templates/gitlab-ci-bruno.yml","kind":"acceptance","prefix":"bru","job_prefix":"bruno","is_component":true,"variables":[{"name":"BRU_IMAGE","description":"The Docker image used to run the [Bruno CLI](https://docs.usebruno.com/cli/overview.html)","default":"registry.hub.docker.com/library/node:lts-alpine"},{"name":"BRU_COLLECTIONS","description":"The matcher to select Bruno collection directory(ies) to run","default":"bruno"},{"name":"BRU_BASE_URL","description":"Explicit base url environment to test.\n\n_Auto-evaluated by default._","type":"url","advanced":true},{"name":"BRU_EXTRA_ARGS","description":"Bruno extra [run options](https://docs.usebruno.com/cli/overview.html#options)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Bruno tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"1.5.0","tags":["1.5.0","1.5","1.4.0","1.4","1.3.0","1.3","1.2.2","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.0","1.0","1"],"name":"bruno","path":"to-be-continuous/bruno","web_url":"https://gitlab.com/to-be-continuous/bruno","avatar":"https://gitlab.com/uploads/-/system/project/avatar/53021411/logo.png"}},{"name":"Cloud Foundry","description":"Deploy your application to a [Cloud Foundry](https://www.cloudfoundry.org/) platform","template_path":"templates/gitlab-ci-cf.yml","kind":"hosting","prefix":"cf","is_component":true,"variables":[{"name":"CF_CLI_IMAGE","description":"The Docker image used to run CF CLI commands - **set the version required by your Cloud Foundry server**","default":"registry.hub.docker.com/governmentpaas/cf-cli"},{"name":"CF_MANIFEST_BASENAME","description":"CF manifest file basename (without extension nor env suffix)","default":"manifest","advanced":true},{"name":"CF_URL","type":"url","description":"Global Cloud Foundry API url","mandatory":true},{"name":"CF_ORG","description":"Global Cloud Foundry organization for project","mandatory":true},{"name":"CF_DEFAULT_DOMAIN","description":"Global Cloud Foundry default CF domain _(only define if you want to use a different domain from CF default)_","advanced":true},{"name":"CF_DEFAULT_ROUTE_PATH","description":"Global Cloud Foundry default CF route path _(only define if you want to add a route path to your application route)_","advanced":true},{"name":"CF_DEFAULT_PUSH_ARGS","description":"Global additional arguments for cf push command _(only define if you want has a specific need not med by the template)_","advanced":true},{"name":"CF_USER","description":"Global Cloud Foundry username","secret":true,"mandatory":true},{"name":"CF_PASSWORD","description":"Global Cloud Foundry password","secret":true,"mandatory":true},{"name":"CF_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"CF_SCRIPTS_DIR","description":"Directory where Cloud Foundry scripts (manifest, hook scripts) are located","default":".","advanced":true},{"name":"CF_ROLLING_STRATEGY","description":"Use Cloud Foundry native zero-downtime deployment strategy instead of the historical blue-green method _(ignores $CF_XXX_ZERODOWNTIME)_","type":"boolean","default":"false","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","variables":[{"name":"CF_REVIEW_ORG","description":"Cloud Foundry organization for review env _(only define if different from global)_"},{"name":"CF_REVIEW_SPACE","description":"Cloud Foundry space for review env","mandatory":true},{"name":"CF_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"CF_REVIEW_HOST_NAME","description":"The review environment host name _(defaults to $CF_BASE_APP_NAME-$CI_ENVIRONMENT_SLUG)_","advanced":true},{"name":"CF_REVIEW_DOMAIN","description":"The review environment domain","advanced":true},{"name":"CF_REVIEW_ENVIRONMENT_SCHEME","description":"The review environment protocol scheme","default":"https","mandatory":true},{"name":"CF_REVIEW_ENVIRONMENT_DOMAIN","description":"The review environment domain (ex: `noprod-cloudfoundry.domain.com`).\n\nBy default review `environment.url` will be built as `${CF_REVIEW_ENVIRONMENT_SCHEME}://${$CI_PROJECT_NAME}-${CI_ENVIRONMENT_SLUG}.${CF_REVIEW_ENVIRONMENT_DOMAIN}/${CF_REVIEW_ROUTE_PATH}`","mandatory":true},{"name":"CF_REVIEW_ROUTE_PATH","description":"The review environment route path","advanced":true},{"name":"CF_REVIEW_PUSH_ARGS","description":"The review environment additional cf push arguments","advanced":true},{"name":"CF_REVIEW_DOMAIN_TMP","description":"The review environment domain for the temporary blue-green app","advanced":true},{"name":"CF_REVIEW_ZERODOWNTIME","type":"boolean","description":"Enables zero-downtime deployment on review env","advanced":true},{"name":"CF_REVIEW_URL","type":"url","description":"Cloud Foundry API url for review env (only define to override default)","advanced":true},{"name":"CF_REVIEW_USER","description":"Cloud Foundry API username for review env (only define to override default)","secret":true},{"name":"CF_REVIEW_PASSWORD","description":"Cloud Foundry API password for review env (only define to override default)","secret":true},{"name":"CLEANUP_ALL_REVIEW","description":"Enables a **manual** job to cleanup all review envs at once.\n\nYou may also use it to [schedule](https://docs.gitlab.com/ci/pipelines/schedules/) cloud resources cleanup. See documentation.","type":"enum","values":["","force","true"]},{"name":"CF_REVIEW_RETIRED_APP_SUFFIX","description":"If set, the app old version is not deleted/overriden but renamed with this suffix","advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"CF_INTEG_ORG","description":"Cloud Foundry organization for integration env _(only define if different from global)_"},{"name":"CF_INTEG_SPACE","description":"Cloud Foundry space for integration env","mandatory":true},{"name":"CF_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"CF_INTEG_HOST_NAME","description":"The integration environment host name _(defaults to $CF_BASE_APP_NAME-integration)_","advanced":true},{"name":"CF_INTEG_DOMAIN","description":"The integration environment domain","advanced":true},{"name":"CF_INTEG_ROUTE_PATH","description":"The integration environment route path","advanced":true},{"name":"CF_INTEG_PUSH_ARGS","description":"The integration environment additional cf push arguments","advanced":true},{"name":"CF_INTEG_DOMAIN_TMP","description":"The integration environment domain for the temporary blue-green app","advanced":true},{"name":"CF_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url including scheme (ex: `https://my-application-integration.noprod-cloudfoundry.domain.com`).\n\nDo not use variable inside variable definition as it will result in a two level cascade variable and gitlab does not allow that.","mandatory":true},{"name":"CF_INTEG_ZERODOWNTIME","type":"boolean","description":"Enables zero-downtime deployment on integration env","advanced":true},{"name":"CF_INTEG_URL","type":"url","description":"Cloud Foundry API url for integration env (only define to override default)","advanced":true},{"name":"CF_INTEG_USER","description":"Cloud Foundry API username for integration env (only define to override default)","secret":true},{"name":"CF_INTEG_PASSWORD","description":"Cloud Foundry API password for integration env (only define to override default)","secret":true},{"name":"CF_INTEG_RETIRED_APP_SUFFIX","description":"If set, the app old version is not deleted/overriden but renamed with this suffix","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"CF_STAGING_ORG","description":"Cloud Foundry organization for staging env _(only define if different from global)_"},{"name":"CF_STAGING_SPACE","description":"Cloud Foundry space for staging env","mandatory":true},{"name":"CF_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"CF_STAGING_HOST_NAME","description":"The staging environment host name _(defaults to $CF_BASE_APP_NAME-staging)_","advanced":true},{"name":"CF_STAGING_DOMAIN","description":"The staing environment domain","advanced":true},{"name":"CF_STAGING_ROUTE_PATH","description":"The staging environment route path","advanced":true},{"name":"CF_STAGING_PUSH_ARGS","description":"The staging environment additional cf push arguments","advanced":true},{"name":"CF_STAGING_DOMAIN_TMP","description":"The staging environment domain for the temporary blue-green app","advanced":true},{"name":"CF_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url including scheme (ex: `https://my-application-staging.noprod-cloudfoundry.domain.com`).\n\nDo not use variable inside variable definition as it will result in a two level cascade variable and gitlab does not allow that.","mandatory":true},{"name":"CF_STAGING_ZERODOWNTIME","type":"boolean","description":"Enables zero-downtime deployment on staging env","advanced":true},{"name":"CF_STAGING_URL","type":"url","description":"Cloud Foundry API url for staging env (only define to override default)","advanced":true},{"name":"CF_STAGING_USER","description":"Cloud Foundry API username for staging env (only define to override default)","secret":true},{"name":"CF_STAGING_PASSWORD","description":"Cloud Foundry API password for staging env (only define to override default)","secret":true},{"name":"CF_STAGING_RETIRED_APP_SUFFIX","description":"If set, the app old version is not deleted/overriden but renamed with this suffix","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"CF_PROD_ORG","description":"Cloud Foundry organization for production env _(only define if different from global)_"},{"name":"CF_PROD_SPACE","description":"Cloud Foundry space for production env","mandatory":true},{"name":"CF_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"CF_PROD_HOST_NAME","description":"The production environment host name _(defaults to $CF_BASE_APP_NAME)_","advanced":true},{"name":"CF_PROD_DOMAIN","description":"The production environment domain","advanced":true},{"name":"CF_PROD_ROUTE_PATH","description":"The production environment route path","advanced":true},{"name":"CF_PROD_PUSH_ARGS","description":"The production environment additional cf push arguments","advanced":true},{"name":"CF_PROD_DOMAIN_TMP","description":"The production environment domain for the temporary blue-green app","advanced":true},{"name":"CF_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url including scheme (ex: `https://my-application.cloudfoundry.domain.com`).\n\nDo not use variable inside variable definition as it will result in a two level cascade variable and gitlab does not allow that.","mandatory":true},{"name":"CF_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"CF_PROD_ZERODOWNTIME","type":"boolean","description":"Enables zero-downtime deployment on production env","default":"true","advanced":true},{"name":"CF_PROD_URL","type":"url","description":"Cloud Foundry API url for production env (only define to override default)","advanced":true},{"name":"CF_PROD_USER","description":"Cloud Foundry API username for production env (only define to override default)","secret":true},{"name":"CF_PROD_PASSWORD","description":"Cloud Foundry API password for production env (only define to override default)","secret":true},{"name":"CF_PROD_RETIRED_APP_SUFFIX","description":"If set, the app old version is not deleted/overriden but renamed with this suffix","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-cf-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"4.6.2","tags":["4.6.2","4.6.1","4.6.0","4.6","4.5.0","4.5","4.4.0","4.4","4.3.6","4.3.5","4.3.4","4.3.3","4.3.2","4.3.1","4.3.0","4.3","4.2.0","4.2","4.1.0","4.1","4.0.2","4.0.1","4.0.0","4.0","4","3.1.0","3.1","3.0.0","3.0","3","2.1.1","2.1.0","2.1","2.0.1","2.0.0","2.0","2","1.8.1","1.8.0","1.8","1.7.0","1.7","1.6.4","1.6.3","1.6.2","1.6.1","1.6.0","1.5.1","1.5.0","1.4.4","1.4.3","1.4.2","1.4.1","1.4.0","1.3.0","1.2.1","1.2.0","1.1.0","1.0.1","1.0.0","1"],"name":"cloud-foundry","path":"to-be-continuous/cloud-foundry","web_url":"https://gitlab.com/to-be-continuous/cloud-foundry","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26453989/cloud-foundry.png"}},{"name":"Cloud Native Buildpacks","description":"Transform your application source code into images that can run on any cloud with [Cloud Native Buildpacks](https://buildpacks.io/)","template_path":"templates/gitlab-ci-cnb.yml","kind":"package","prefix":"cnb","is_component":true,"variables":[{"name":"CNB_BUILDER_IMAGE","description":"The CNB builder image used to build your application image\n\n_depending on your needs, [choose the most appropriate one](https://paketo.io/docs/concepts/builders/#what-paketo-builders-are-available)_","default":"registry.hub.docker.com/paketobuildpacks/builder:base"},{"name":"CNB_APP_DIR","description":"Absolute root directory in final image","default":"/workspace","advanced":true},{"name":"CNB_SRC_APP_DIR","description":"Relative path to the application source code base directory in your repository","default":".","advanced":true},{"name":"CNB_PLATFORM_API","description":"The CNB [platform API version](https://github.com/buildpacks/spec/blob/main/platform.md#platform-api-version)","default":"0.9","advanced":true},{"name":"CNB_SNAPSHOT_IMAGE","description":"CNB snapshot image","default":"$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"},{"name":"CNB_RELEASE_IMAGE","description":"CNB release image","default":"$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"}],"features":[{"id":"trivy","name":"Trivy","description":"[Trivy](https://aquasecurity.github.io/trivy) vulnerability analysis","disable_with":"CNB_TRIVY_DISABLED","variables":[{"name":"CNB_TRIVY_IMAGE","description":"The docker image used to scan images with Trivy","default":"registry.hub.docker.com/aquasec/trivy:latest","advanced":true},{"name":"CNB_TRIVY_ARGS","description":"Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)","default":"--ignore-unfixed --vuln-type os --exit-on-eol 1","advanced":true}]},{"id":"publish","name":"Publish","description":"Promotes the snapshot image as the release image using [skopeo](https://github.com/containers/skopeo)","variables":[{"name":"CNB_SKOPEO_IMAGE","description":"The docker image used to publish docker image with Skopeo","default":"quay.io/skopeo/stable:latest"},{"name":"CNB_PUBLISH_ARGS","description":"Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)","advanced":true},{"name":"CNB_PROD_PUBLISH_STRATEGY","description":"Defines the publish to production strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"}]}],"extension_id":null,"project":{"tag":"3.0.0","tags":["3.0.0","3.0","3","2.4.2","2.4.1","2.4.0","2.4","2.3.0","2.3","2.2.1","2.2.0","2.2","2.1.2","2.1.1","2.1.0","2.1","2.0.0","2.0","2","1.0.3","1.0.2","1.0.1","1.0.0","1.0","1"],"name":"cnb","path":"to-be-continuous/cnb","web_url":"https://gitlab.com/to-be-continuous/cnb","avatar":"https://gitlab.com/uploads/-/system/project/avatar/38368181/logo.png"}},{"name":"Cypress","description":"Run your automated (web) tests with [Cypress](https://www.cypress.io/)","template_path":"templates/gitlab-ci-cypress.yml","kind":"acceptance","prefix":"cypress","is_component":true,"variables":[{"name":"CYPRESS_IMAGE","description":"The Docker image used to run Cypress (use [included images](https://github.com/cypress-io/cypress-docker-images/tree/master/included) only).","default":"registry.hub.docker.com/cypress/included:13.13.3"},{"name":"CYPRESS_PROJECT_DIR","description":"The Cypress project directory (containing `cypress.config.js` or `cypress.config.ts`)","default":"."},{"name":"CYPRESS_EXTRA_ARGS","description":"Cypress extra [run options](https://docs.cypress.io/guides/guides/command-line.html#cypress-run) (to select a different browser, configuration or spec files for e.g.)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Cypress tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.8.0","tags":["3.8.0","3.8","3.7.0","3.7","3.6.1","3.6.0","3.6","3.5.0","3.5","3.4.0","3.4","3.3.1","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.0"],"name":"cypress","path":"to-be-continuous/cypress","web_url":"https://gitlab.com/to-be-continuous/cypress","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454216/logo.png"}},{"name":"dbt","description":"Continuously integrate and deploy your data with [dbt](https://www.getdbt.com/)","template_path":"templates/gitlab-ci-dbt.yml","kind":"build","prefix":"dbt","is_component":true,"variables":[{"name":"DBT_IMAGE","description":"The Docker image used to run dbt","default":"ghcr.io/dbt-labs/dbt-core:latest"},{"name":"DBT_PROJECT_DIR","description":"The [dbt_project.yml](https://docs.getdbt.com/reference/dbt_project.yml) dir","default":"."},{"name":"DBT_PROFILES_DIR","description":"The dbt [profile](https://docs.getdbt.com/dbt-cli/configure-your-profile) location","default":"."},{"name":"DBT_ADAPTER","description":"The dbt [adapter](https://docs.getdbt.com/docs/available-adapters) to use ","mandatory":true},{"name":"DBT_TARGET","description":"The dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) to use "},{"name":"DBT_BUILD_ARGS","description":"Arguments used by [dbt cli](https://docs.getdbt.com/reference/global-configs#command-line-flags) ","advanced":true}],"features":[{"id":"dbt-sqlfluff-lint","name":"SQLFluff lint","description":"Lint SQL from dbt project","enable_with":"DBT_SQLFLUFF_ENABLED","variables":[{"name":"DBT_SQLFLUFF_LINT_ARGS","description":"Lint [options and arguments](https://docs.sqlfluff.com/en/stable/reference/cli.html#sqlfluff-lint)","advanced":true},{"name":"SQLFLUFF_WORKING_DIR","description":"Sqlfluff working directory, scope of configuration and sql files used","default":".","advanced":true}]},{"id":"dbt-deploy","name":"dbt deploy","description":"execute generated SQL from models on target","enable_with":"DBT_DEPLOY_ENABLED"},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","variables":[{"name":"DBT_REVIEW_TARGET","description":"dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) for `review` env","mandatory":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"DBT_INTEG_TARGET","description":" dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) for `integration` env","mandatory":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"DBT_STAGING_TARGET","description":"dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) for `staging` env","mandatory":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"DBT_PROD_TARGET","description":"dbt [target](https://docs.getdbt.com/reference/dbt-jinja-functions/target) for `production` env ","mandatory":true},{"name":"DBT_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"}]}],"variants":[{"id":"pages","name":"GitLab Pages","description":"Adds a job to publish the generated site to GitLab pages","template_path":"templates/gitlab-ci-dbt-pages.yml"},{"id":"gcp-auth-provider","name":"Google Cloud","description":"Retrieves an [OAuth access token](https://developers.google.com/identity/protocols/oauth2) for [dbt BigQuery setup](https://docs.getdbt.com/reference/warehouse-setups/bigquery-setup)","template_path":"templates/gitlab-ci-dbt-gcp.yml","variables":[{"name":"TBC_GCP_PROVIDER_IMAGE","description":"The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest","advanced":true},{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `production` environment","advanced":true}]}],"extension_id":null,"project":{"tag":"4.1.0","tags":["4.1.0","4.1","4.0.0","4.0","4","3.3.0","3.3","3.2.3","3.2.2","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.1.1","2.1.0","2.1","2.0.0","2.0","2","1.3.0","1.3","1.2.0","1.2","1.1.1","1.1.0","1.1","1.0.1","1.0.0","1.0","1"],"name":"dbt","path":"to-be-continuous/dbt","web_url":"https://gitlab.com/to-be-continuous/dbt","avatar":"https://gitlab.com/uploads/-/system/project/avatar/37018181/logo.png"}},{"name":"DefectDojo","description":"Import security reports into [DefectDojo](https://www.defectdojo.org/)","template_path":"templates/gitlab-ci-defectdojo.yml","kind":"analyse","prefix":"defectdojo","is_component":true,"variables":[{"name":"DEFECTDOJO_BASE_IMAGE","description":"The Docker image used to run import","default":"registry.hub.docker.com/library/node:alpine3.11"},{"name":"DEFECTDOJO_SERVER_URL","description":"URL of DefectDojo server","mandatory":true},{"name":"DEFECTDOJO_API_KEY","description":"Your DefectDojo API v2 key - must be saved as a masked CI/CD variable","secret":true,"mandatory":true},{"name":"DEFECTDOJO_DIR","description":"DefectDojo working directory","default":".","advanced":true},{"name":"DEFECTDOJO_NOPROD_ENABLED","description":"Determines whether security reports produced in non-production branches are uploaded to DefectDojo","type":"boolean"},{"name":"DEFECTDOJO_TIMEZONE","description":"Time zone used for naming imports in DefectDojo","default":"Europe/Paris","advanced":true},{"name":"DEFECTDOJO_SMTP_SERVER","description":"name:port of SMTP server used for notifications - if this value is set, DefectDojo will send an e-mail notification in case of new vulnerabilities","advanced":true},{"name":"DEFECTDOJO_NOTIFICATION_SEVERITIES","description":"List of severities for which you want to be notified - DEFECTDOJO_SMTP_SERVER must be defined if you want to be notified","default":"Critical,High","advanced":true},{"name":"DEFECTDOJO_BANDIT_REPORTS","description":"path to Bandit JSON reports","default":"bandit*.json reports/py-bandit.bandit.json","advanced":true},{"name":"DEFECTDOJO_DC_REPORTS","description":"Path to Dependency Check reports","default":"dependency-check*.xml","advanced":true},{"name":"DEFECTDOJO_DC_GRADLE_REPORTS","description":"Path to Dependency Check reports from Gradle template","default":"dependency-check*.xml","advanced":true},{"name":"DEFECTDOJO_GITLEAKS_REPORTS","description":"Path to Gitleaks reports","default":"gitleaks/gitleaks-report.json reports/gitleaks.native.json","advanced":true},{"name":"DEFECTDOJO_HADOLINT_REPORTS","description":"Path to Hadolint reports","default":"hadolint-json-*.json reports/docker-hadolint-*.native.json","advanced":true},{"name":"DEFECTDOJO_MOBSF_REPORTS","description":"Path to MobSF reports","default":"mobsf*.json","advanced":true},{"name":"DEFECTDOJO_NODEJSSCAN_REPORTS","description":"Path to NodeJSScan reports","default":"nodejsscan-report-sarif.json","advanced":true},{"name":"DEFECTDOJO_NPMAUDIT_REPORTS","description":"Path to NPMAudit reports","default":"npm-audit*.json","advanced":true},{"name":"DEFECTDOJO_TESTSSL_REPORTS","description":"Path to TestSSL reports","default":"reports/testssl.native.csv","advanced":true},{"name":"DEFECTDOJO_TRIVY_REPORTS","description":"Path to Trivy reports","default":"trivy/*.json trivy-*.json reports/docker-trivy-*.native.json reports/py-trivy.trivy.json","advanced":true},{"name":"DEFECTDOJO_ZAP_REPORTS","description":"Path to Zap reports","default":"reports/zap.native.xml","advanced":true},{"name":"ZAP_TPL_PROJECT","description":"Path to Zap template","advanced":true},{"name":"DEFECTDOJO_SEMGREP_REPORTS","description":"Path to Semgrep reports","default":"reports/semgrep.native.json","advanced":true},{"name":"SEMGREP_TEMPLATE","description":"Path to Semgrep template","advanced":true},{"name":"DEFECTDOJO_SONARQUBE_SINCELEAKPERIOD","description":"Determines if delta analysis is activated for SonarQube export","type":"boolean","advanced":true},{"name":"DEFECTDOJO_SONARQUBE_NOSECURITYHOTSPOT","description":"Set this flag to true if SonarQube version does not support security hotspots (v < 7.3)","type":"boolean","default":"true","advanced":true},{"name":"DEFECTDOJO_SONARQUBE_ALLBUGS","description":"In SonarQube, determines if all bugs are exported (true) or only vulnerabilities (false)","type":"boolean","advanced":true}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-defectdojo-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"2.6.5","tags":["2.6.5","2.6.4","2.6.3","2.6.2","2.6.1","2.6.0","2.6","2.5.1","2.5.0","2.5","2.4.1","2.4.0","2.4","2.3.2","2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.1","2.1.0","2.1","2.0.7","2.0.6","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","2.0","2","1.2.0","1.2","1.1.1","1.1.0","1.1","1.0.4","1.0.3","1.0.2","1.0.1","1.0.0","1"],"name":"defectdojo","path":"to-be-continuous/defectdojo","web_url":"https://gitlab.com/to-be-continuous/defectdojo","avatar":"https://gitlab.com/uploads/-/system/project/avatar/31516889/logo.png"}},{"name":"Dependency Track","description":"Identify and reduce risk in your software supply chain with [Dependency Track](https://dependencytrack.org/)","template_path":"templates/gitlab-ci-dependency-track.yml","kind":"analyse","prefix":"deptrack","job_prefix":"dependency-track","is_component":true,"variables":[{"name":"DEPTRACK_SBOM_SCANNER_IMAGE","description":"The container image with [Dependency Track SBOM Scanner](https://gitlab.com/to-be-continuous/tools/dt-sbom-scanner) tool","default":"registry.gitlab.com/to-be-continuous/tools/dt-sbom-scanner:latest","advanced":true},{"name":"DEPTRACK_BASE_API_URL","description":"Dependency Track server base API url (includes `/api`)","mandatory":true,"type":"url"},{"name":"DEPTRACK_API_KEY","description":"Dependency Track API key","secret":true},{"name":"DEPTRACK_PROJECT_PATH","description":"Dependency Track target project path to publish SBOM files to","default":"$CI_PROJECT_NAMESPACE//$CI_PROJECT_PATH-{file_prefix}@$CI_COMMIT_REF_NAME"},{"name":"DEPTRACK_PATH_SEPARATOR","description":"Separator to use in project path","default":"//","advanced":true},{"name":"DEPTRACK_MERGE","description":"Merge all SBOM files into one","type":"boolean","default":"false"},{"name":"DEPTRACK_MERGE_OUTPUT","description":"Output merged SBOM file (only used with merge enabled) - _for debugging purpose_","advanced":true,"default":"reports/deptrack-merged.cyclonedx.json"},{"name":"DEPTRACK_PURL_MAX_LEN","description":"PURLs max length (`-1`: auto, `0`: no trim, `>0`: trim to size - default: `-1`)","type":"number","advanced":true,"default":"-1"},{"name":"DEPTRACK_SBOM_PATTERNS","description":"SBOM file patterns to publish (supports glob patterns)","default":"**/*.cyclonedx.json **/*.cyclonedx.xml","advanced":true},{"name":"DEPTRACK_SHOW_FINDINGS","description":"Wait for analysis and display found vulnerabilities in logs","type":"boolean","default":"false"},{"name":"DEPTRACK_RISK_SCORE_THRESHOLD","description":"Fail the job if risk score threshold is exceeded (`<0`: disabled - default: `-1`)","type":"number","default":"-1"}],"features":[{"id":"quality-gate","name":"Quality Gate","description":"Enable a job at acceptance stage which will block the pipeline when failing","enable_with":"DEPTRACK_QUALITY_GATE_ENABLED","variables":[{"name":"DEPTRACK_QUALITY_GATE_BASE_API_URL","description":"Override Dependency Track server base API url (includes `/api`) to use for acceptance stage","type":"url"},{"name":"DEPTRACK_QUALITY_GATE_API_KEY","description":"Override Dependency Track API key to use for acceptance stage","secret":true},{"name":"DEPTRACK_QUALITY_GATE_PROJECT_PATH","description":"Override Dependency Track target project path to publish SBOM files to during acceptance stage"},{"name":"DEPTRACK_QUALITY_GATE_MERGE","description":"Merge all SBOM files into one during acceptance stage","advanced":true},{"name":"DEPTRACK_QUALITY_GATE_SHOW_FINDINGS","description":"Wait for analysis and display found vulnerabilities in logs during acceptance stage","advanced":true},{"name":"DEPTRACK_QUALITY_GATE_RISK_SCORE_THRESHOLD","description":"Fail the acceptance job if risk score threshold is exceeded (`<0`: disabled - default: `-1`)","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-dependency-track-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"1.5.1","tags":["1.5.1","1.5.0","1.5","1.4.0","1.4","1.3.0","1.3","1.2.0","1.2","1.1.0","1.1","1.0.0","1.0","1"],"name":"dependency-track","path":"to-be-continuous/dependency-track","web_url":"https://gitlab.com/to-be-continuous/dependency-track","avatar":"https://gitlab.com/uploads/-/system/project/avatar/56360582/dependency-track.png"}},{"name":"Docker Compose","description":"Deploy your application with [Docker Compose](https://docs.docker.com/compose/)","template_path":"templates/gitlab-ci-docker-compose.yml","kind":"hosting","prefix":"dcmp","job_prefix":"compose","is_component":true,"variables":[{"name":"DCMP_IMAGE","description":"The Docker image used to run Docker Compose CLI commands - **set the version required by your Docker Compose cluster**","default":"registry.hub.docker.com/library/docker:latest"},{"name":"DCMP_CMD","description":"The docker compose or stack command (empty means _auto_)","values":["","docker compose","docker-compose","docker stack"],"advanced":true},{"name":"DCMP_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"DCMP_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.dcmp.acme.com`)_"},{"name":"DCMP_SCRIPTS_DIR","description":"Directory where Compose files, dotenv files and hook scripts are located","default":".","advanced":true},{"name":"DCMP_UP_OPTS","description":"[`compose up` options](https://docs.docker.com/reference/cli/docker/compose/up/#options) (only when using Docker Compose)","default":"--no-build --remove-orphans --wait --wait-timeout 180"},{"name":"DCMP_DOWN_OPTS","description":"[`compose down` options](https://docs.docker.com/reference/cli/docker/compose/down/#options) (only when using Docker Compose)","default":"--volumes --remove-orphans --rmi all"},{"name":"DCMP_STACK_DEPLOY_OPTS","description":"[`stack deploy` options](https://docs.docker.com/reference/cli/docker/stack/deploy/) (only when using Docker Stack)","default":"--prune"},{"name":"DCMP_SSH_PRIVATE_KEY","description":"Default SSH key to use when connecting to Docker hosts over SSH (can be overridden per env)","secret":true},{"name":"DCMP_SSH_KNOWN_HOSTS","description":"SSH `known_hosts` (file or text variable)"}],"features":[{"id":"config","name":"Compose Config","description":"Runs [`compose config`](https://docs.docker.com/reference/cli/docker/compose/config/) to detect errors in your Compose file(s)","disable_with":"DCMP_CONFIG_DISABLED","variables":[{"name":"DCMP_CONFIG_OPTS","description":"[`compose config` options](https://docs.docker.com/reference/cli/docker/compose/config/#options)","default":"--quiet","advanced":true},{"name":"DCMP_STACK_CONFIG_OPTS","description":"[`stack config` options](https://docs.docker.com/reference/cli/docker/stack/config/)","advanced":true},{"name":"DCMP_STACK_CONFIG_SILENT","description":"Silences standard output of `stack config` command","type":"boolean","default":"true","advanced":true}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","variables":[{"name":"DCMP_REVIEW_DOCKER_HOST","description":"Docker Host for `review` env (ex: `ssh://docker@docker-host-for-review:2375`)","mandatory":true},{"name":"DCMP_REVIEW_SSH_PRIVATE_KEY","description":"`review` env specific SSH key to use when connecting to Docker Host over SSH","secret":true},{"name":"DCMP_REVIEW_APP_NAME","description":"The application name for `review` env (only define to override default)","advanced":true},{"name":"DCMP_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"DCMP_REVIEW_ENVIRONMENT_URL","type":"url","description":"The `review` environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"DCMP_INTEG_DOCKER_HOST","description":"Docker Host for `integration` env (ex: `ssh://docker@docker-host-for-integ:2375`)","mandatory":true},{"name":"DCMP_INTEG_SSH_PRIVATE_KEY","description":"`integration` env specific SSH key to use when connecting to Docker Host over SSH","secret":true},{"name":"DCMP_INTEG_APP_NAME","description":"The application name for `integration` env (only define to override default)","advanced":true},{"name":"DCMP_INTEG_ENVIRONMENT_URL","type":"url","description":"The `integration` environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"DCMP_STAGING_DOCKER_HOST","description":"Docker Host for `staging` env (ex: `ssh://docker@docker-host-for-staging:2375`)","mandatory":true},{"name":"DCMP_STAGING_SSH_PRIVATE_KEY","description":"`staging` env specific SSH key to use when connecting to Docker Host over SSH","secret":true},{"name":"DCMP_STAGING_APP_NAME","description":"The application name for `staging` env (only define to override default)","advanced":true},{"name":"DCMP_STAGING_ENVIRONMENT_URL","type":"url","description":"The `staging` environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"DCMP_PROD_DOCKER_HOST","description":"Docker Host for `production` env (ex: `ssh://docker@docker-host-for-prod:2375`)","mandatory":true},{"name":"DCMP_PROD_SSH_PRIVATE_KEY","description":"`production` env specific SSH key to use when connecting to Docker Host over SSH","secret":true},{"name":"DCMP_PROD_APP_NAME","description":"The application name for `production` env (only define to override default)","advanced":true},{"name":"DCMP_PROD_ENVIRONMENT_URL","type":"url","description":"The `production` environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"DCMP_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to `production` strategy.","type":"enum","values":["manual","auto"],"default":"manual"}]}],"extension_id":null,"project":{"tag":"1.0.2","tags":["1.0.2","1.0.1","1.0.0","1.0","1"],"name":"docker-compose","path":"to-be-continuous/docker-compose","web_url":"https://gitlab.com/to-be-continuous/docker-compose","avatar":"https://gitlab.com/uploads/-/system/project/avatar/55380145/logo.png"}},{"name":"Docker","description":"Build, check and inspect your containers with [Docker](https://www.docker.com/)","template_path":"templates/gitlab-ci-docker.yml","kind":"package","prefix":"docker","is_component":true,"variables":[{"name":"DOCKER_BUILD_TOOL","type":"enum","values":["kaniko","buildah","dind"],"description":"The build tool to use for building container image","default":"kaniko"},{"name":"DOCKER_KANIKO_IMAGE","description":"The image used to run kaniko\n\n_for kaniko build only_","default":"gcr.io/kaniko-project/executor:debug"},{"name":"DOCKER_BUILDAH_IMAGE","description":"The image used to run buildah\n\n_for buildah build only_","default":"quay.io/buildah/stable:latest"},{"name":"DOCKER_IMAGE","description":"The image used to run the docker client\n\n_for Docker-in-Docker(dind) build only_","default":"registry.hub.docker.com/library/docker:latest"},{"name":"DOCKER_DIND_IMAGE","description":"The image used to run the Docker daemon\n\n_for Docker-in-Docker(dind) build only_","default":"registry.hub.docker.com/library/docker:dind"},{"name":"DOCKER_SKOPEO_IMAGE","description":"The image used to publish docker image with Skopeo","default":"quay.io/skopeo/stable:latest"},{"name":"DOCKER_FILE","description":"The path to your `Dockerfile`","default":"Dockerfile"},{"name":"DOCKER_CONTEXT_PATH","description":"The Docker [context path](https://docs.docker.com/engine/reference/commandline/build/#build-with-path) (working directory) - _only set if you want a context path different from the Dockerfile location_","advanced":true},{"name":"DOCKER_CONFIG_FILE","description":"Path to the [Docker configuration file](https://docs.docker.com/engine/reference/commandline/cli/#sample-configuration-file) (JSON)","default":".docker/config.json","advanced":true},{"name":"DOCKER_SNAPSHOT_IMAGE","description":"Docker snapshot image","default":"$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"},{"name":"DOCKER_RELEASE_IMAGE","description":"Docker release image","default":"$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"},{"name":"DOCKER_RELEASE_EXTRA_TAGS_PATTERN","description":"Defines the image tag pattern that `$DOCKER_RELEASE_IMAGE` should match to push extra tags (supports capturing groups)\n\nDefaults to [SemVer](https://semver.org/) pattern.","default":"^v?(?P<major>[0-9]+)\\.(?P<minor>[0-9]+)\\.(?P<patch>[0-9]+)(?P<suffix>(?P<prerelease>-[0-9A-Za-z-\\.]+)?(?P<build>\\+[0-9A-Za-z-\\.]+)?)$","advanced":true},{"name":"DOCKER_RELEASE_EXTRA_TAGS","description":"Defines extra tags to publish the _release_ image\n\nSupports capturing group references from `$DOCKER_RELEASE_EXTRA_TAGS_PATTERN` (ex: `latest \\g<major>.\\g<minor> \\g<major>`)","advanced":true},{"name":"DOCKER_BUILD_ARGS","description":"Additional docker/kaniko/buildah build arguments.\n\n_If values contain spaces, ensure any required quote are correctly escaped when needed (not supported for Kaniko)_"},{"name":"DOCKER_METADATA","description":"Additional metadata to set as labels.\n\nIf values contain spaces, ensure any required quote are correctly escaped when needed (not supported for Kaniko)_","default":"--label \"org.opencontainers.image.url=${CI_PROJECT_URL}\" --label \"org.opencontainers.image.source=${CI_PROJECT_URL}\" --label \"org.opencontainers.image.title=${CI_PROJECT_PATH}\" --label \"org.opencontainers.image.ref.name=${CI_COMMIT_REF_NAME}\" --label \"org.opencontainers.image.revision=${CI_COMMIT_SHA}\" --label \"org.opencontainers.image.created=${CI_JOB_STARTED_AT}\"","advanced":true},{"name":"DOCKER_PUBLISH_ARGS","description":"Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)"},{"name":"DOCKER_PROD_PUBLISH_STRATEGY","description":"Defines the publish to production strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"},{"name":"DOCKER_SEMREL_RELEASE_DISABLED","description":"Disable integration with the [semantic release template](https://gitlab.com/to-be-continuous/semantic-release/)","type":"boolean"},{"name":"DOCKER_REGISTRY_MIRROR","description":"URL of a Docker registry mirror to use instead of default `https://index.docker.io`\n\n_Used by `kaniko` and `dind` builds only_"},{"name":"CONTAINER_REGISTRIES_CONFIG_FILE","description":"The [registries.conf](https://www.redhat.com/sysadmin/manage-container-registries) configuration to be used\n\n_Used by the `buildah` build only_","advanced":true},{"name":"KANIKO_SNAPSHOT_IMAGE_CACHE","description":"Snapshot image repository that will be used to store cached layers (leave empty to use default: snapshot image repository + `/cache`)\n\n_Used by the `kaniko` build only_","advanced":true},{"name":"DOCKER_BUILD_CACHE_DISABLED","description":"Set to `true` to disable the build cache.","type":"boolean","advanced":true},{"name":"DOCKER_PUSH_ARGS","description":"Additional docker/buildah `push` arguments (executed right after `build`).\n\nEx: `--compression-format zstd --compression-level 20`","advanced":true}],"features":[{"id":"hadolint","name":"Hadolint","description":"This job performs a [Lint](https://github.com/hadolint/hadolint) on your `Dockerfile`.","disable_with":"DOCKER_HADOLINT_DISABLED","variables":[{"name":"DOCKER_HADOLINT_IMAGE","description":"The docker image to lint your Dockerfile with Hadolint","default":"registry.hub.docker.com/hadolint/hadolint:latest-alpine"},{"name":"DOCKER_HADOLINT_ARGS","description":"Additional `hadolint` arguments","advanced":true}]},{"id":"healthcheck","name":"Health Check","description":"[Health Check](https://docs.docker.com/engine/reference/builder/#healthcheck) image analysis","disable_with":"DOCKER_HEALTHCHECK_DISABLED","variables":[{"name":"DOCKER_HEALTHCHECK_TIMEOUT","type":"number","description":"When testing an image, how long (in seconds) wait for the HealthCheck status","default":"60","advanced":true},{"name":"DOCKER_HEALTHCHECK_OPTIONS","description":"Docker options for health check such as port mapping, environment...","advanced":true},{"name":"DOCKER_HEALTHCHECK_CONTAINER_ARGS","description":"Arguments sent to the running container for health check","advanced":true}]},{"id":"trivy","name":"Trivy","description":"[Trivy](https://aquasecurity.github.io/trivy) vulnerability analysis","disable_with":"DOCKER_TRIVY_DISABLED","variables":[{"name":"DOCKER_TRIVY_IMAGE","description":"The docker image used to scan images with Trivy","default":"registry.hub.docker.com/aquasec/trivy:latest","advanced":true},{"name":"DOCKER_TRIVY_ARGS","description":"Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)","default":"--ignore-unfixed --pkg-types os --exit-on-eol 1 --detection-priority comprehensive","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [syft](https://github.com/anchore/syft)","disable_with":"DOCKER_SBOM_DISABLED","variables":[{"name":"DOCKER_SBOM_IMAGE","default":"registry.hub.docker.com/anchore/syft:debug"},{"name":"DOCKER_SBOM_OPTS","description":"Options for syft used for SBOM analysis","default":"--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-docker-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp","name":"Google Cloud","description":"Retrieves a registry authentication for the Google Cloud's [Artifact Registry](https://cloud.google.com/artifact-registry)","template_path":"templates/gitlab-ci-docker-gcp.yml","variables":[{"name":"TBC_GCP_PROVIDER_IMAGE","description":"The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest","advanced":true},{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)"},{"name":"GCP_SNAPSHOT_OIDC_ACCOUNT","description":"Service Account to use to push the snapshot image _(only define to override default)_","advanced":true},{"name":"GCP_SNAPSHOT_OIDC_PROVIDER","description":"Workload Identity Provider to push the snapshot image _(only define to override default)_","advanced":true},{"name":"GCP_RELEASE_OIDC_ACCOUNT","description":"Service Account to use to push the release image _(only define to override default)_","advanced":true},{"name":"GCP_RELEASE_OIDC_PROVIDER","description":"Workload Identity Provider to push the release image _(only define to override default)_","advanced":true}]},{"id":"ecr","name":"Amazon ECR","description":"Retrieves a registry authentication for the Amazon's [Elastic Container Registry](https://docs.aws.amazon.com/ecr/)","template_path":"templates/gitlab-ci-docker-ecr.yml","variables":[{"name":"TBC_AWS_PROVIDER_IMAGE","description":"The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest","advanced":true},{"name":"AWS_REGION","description":"Default region (where the ECR registry is located)"},{"name":"AWS_SNAPSHOT_REGION","description":"Region of the ECR registry for the snapshot image _(only define to override default)_","advanced":true},{"name":"AWS_RELEASE_REGION","description":"Region of the ECR registry for the release image _(only define to override default)_","advanced":true},{"name":"AWS_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"AWS_OIDC_ROLE_ARN","description":"Default IAM Role ARN associated with GitLab _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_"},{"name":"AWS_SNAPSHOT_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab for the snapshot image _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/) and if different from default)_","advanced":true},{"name":"AWS_RELEASE_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab for the release image _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/) and if different from default)_","advanced":true},{"name":"AWS_ACCESS_KEY_ID","description":"Default access key ID (only required for basic authentication)","secret":true,"advanced":true},{"name":"AWS_SECRET_ACCESS_KEY","description":"Default secret access key (only required for basic authentication)","secret":true,"advanced":true},{"name":"AWS_SNAPSHOT_ACCESS_KEY_ID","description":"Access key ID for the snapshot image (only required for basic authentication and if different from default)","secret":true,"advanced":true},{"name":"AWS_SNAPSHOT_SECRET_ACCESS_KEY","description":"Secret access key for the snapshot image (only required for basic authentication and if different from default)","secret":true,"advanced":true},{"name":"AWS_RELEASE_ACCESS_KEY_ID","description":"Access key ID for the release image (only required for basic authentication and if different from default)","secret":true,"advanced":true},{"name":"AWS_RELEASE_SECRET_ACCESS_KEY","description":"Secret access key for the release image (only required for basic authentication and if different from default)","secret":true,"advanced":true}]}],"extension_id":null,"project":{"tag":"6.0.0","tags":["6.0.0","6.0","6","5.14.1","5.14.0","5.14","5.13.3","5.13.2","5.13.1","5.13.0","5.13","5.12.1","5.12.0","5.12","5.11.1","5.11.0","5.11","5.10.3","5.10.2","5.10.1","5.10.0","5.10","5.9.1","5.9.0","5.9","5.8.2","5.8.1","5.8.0","5.8","5.7.1","5.7.0","5.7","5.6.1","5.6.0","5.6","5.5.6","5.5.5","5.5.4","5.5.3","5.5.2","5.5.1","5.5.0","5.5","5.4.1","5.4.0","5.4","5.3.1","5.3.0","5.3","5.2.2","5.2.1","5.2.0","5.2","5.1.0","5.1","5.0.3","5.0.2","5.0.1","5.0.0","5.0","5","4.0.0","4.0","4","3.6.0","3.6","3.5.3","3.5.2","3.5.1","3.5.0","3.5","3.4.0","3.4","3.3.0","3.3","3.2.2","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.7.1","2.7.0","2.7","2.6.0","2.6","2.5.0","2.5","2.4.0","2.4","2.3.3","2.3.2","2.3.1","2.3.0","2.3","2"],"name":"docker","path":"to-be-continuous/docker","web_url":"https://gitlab.com/to-be-continuous/docker","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26450930/logo.png"}},{"name":"Google Cloud","description":"Deploy your application to the [Google Cloud](https://cloud.google.com/) platform","template_path":"templates/gitlab-ci-gcloud.yml","kind":"hosting","prefix":"gcp","is_component":true,"variables":[{"name":"GCP_CLI_IMAGE","description":"The Docker image used to run Google Cloud CLI commands","default":"gcr.io/google.com/cloudsdktool/cloud-sdk:latest"},{"name":"GCP_KEY_FILE","description":"Global Service Account key file","secret":true,"mandatory":true},{"name":"GCP_WORKLOAD_IDENTITY_PROVIDER","description":"Default [Workload Identity Provider](https://docs.gitlab.com/ci/cloud_services/google_cloud/) associated with GitLab to authenticate\n\n(has format `projects/PROJECT_NUMBER/locations/global/workloadIdentityPools/POOL_ID/providers/PROVIDER_ID`)","advanced":true},{"name":"GCP_SERVICE_ACCOUNT","description":"Default Service Account to which impersonate with WIF authentication","advanced":true},{"name":"GCP_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"GCP_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.gcloud.acme.com`)_"},{"name":"GCP_SCRIPTS_DIR","description":"Directory where Google Cloud scripts (deploy & cleanup) are located","default":".","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","variables":[{"name":"GCP_REVIEW_PROJECT","description":"Google Cloud project ID for review env","mandatory":true},{"name":"GCP_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"GCP_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"GCP_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"GCP_REVIEW_KEY_FILE","description":"Service Account key file to authenticate on review env (only define to override default)","secret":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"GCP_INTEG_PROJECT","description":"Google Cloud project ID for integration env","mandatory":true},{"name":"GCP_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"GCP_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"GCP_INTEG_KEY_FILE","description":"Service Account key file to authenticate on integration env (only define to override default)","secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"GCP_STAGING_PROJECT","description":"Google Cloud project ID for staging env","mandatory":true},{"name":"GCP_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"GCP_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"GCP_STAGING_KEY_FILE","description":"Service Account key file to authenticate on staging env (only define to override default)","secret":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"GCP_PROD_PROJECT","description":"Google Cloud project ID for production env","mandatory":true},{"name":"GCP_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"GCP_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"GCP_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"GCP_PROD_KEY_FILE","description":"Service Account key file to authenticate on production env (only define to override default)","secret":true}]}],"variants":[{"id":"oidc","name":"OpenID Connect","description":"Enables [federated authentication using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)","template_path":"templates/gitlab-ci-gcloud-oidc.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"GCP_OIDC_PROVIDER","description":"Global Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Global Service Account to which impersonate with OpenID Connect authentication","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `review` environment\n\n_(only define to override default)_","advanced":true},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `integration` environment\n\n_(only define to override default)_","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `staging` environment\n\n_(only define to override default)_","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `production` environment\n\n_(only define to override default)_","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true}]},{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-gcloud-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"5.2.3","tags":["5.2.3","5.2.2","5.2.1","5.2.0","5.2","5.1.0","5.1","5.0.2","5.0.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.3.2","2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.1","2.1.0","2.1","2.0.0","2.0","2","1.8.0","1.8","1.7.0","1.7","1.6.2","1.6.1","1.6.0","1.5.2","1.5.1","1.5.0","1.4.1","1.4.0","1.3.0","1.2.0","1.1.0","1.0.0","1"],"name":"gcloud","path":"to-be-continuous/gcloud","web_url":"https://gitlab.com/to-be-continuous/gcloud","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454217/logo.png"}},{"name":"GitLab Butler","description":"Automate cleaning your projects with [GitLab Butler](https://gitlab.com/to-be-continuous/tools/gitlab-butler)","template_path":"templates/gitlab-ci-butler.yml","kind":"misc","prefix":"butler","is_component":true,"variables":[{"name":"BUTLER_IMAGE","description":"The Docker image used to run GitLab Butler","default":"registry.gitlab.com/to-be-continuous/tools/gitlab-butler:latest","advanced":true},{"name":"BUTLER_TOKEN","description":"A GitLab access token to allow GitLab Butler crawl your projects","secret":true},{"name":"BUTLER_GROUP_PATH","description":"GitLab group to process","default":"$CI_PROJECT_NAMESPACE"},{"name":"BUTLER_PIPELINES_DELETE_OLDER_THAN","description":"The max age (in days) after which pipelines are deleted","default":"90"}],"extension_id":null,"project":{"tag":"1.1.0","tags":["1.1.0","1.1","1.0.0","1.0","1"],"name":"gitlab-butler","path":"to-be-continuous/gitlab-butler","web_url":"https://gitlab.com/to-be-continuous/gitlab-butler","avatar":"https://gitlab.com/uploads/-/system/project/avatar/61952173/logo.png"}},{"name":"GitLab Package","description":"Publish artifacts to GitLab's [Generic Package Registry](https://docs.gitlab.com/user/packages/generic_packages/)","template_path":"templates/gitlab-ci-gitlab-package.yml","kind":"build","prefix":"glpkg","is_component":true,"variables":[{"name":"GLPKG_IMAGE","description":"The Docker image used to publish packages","default":"registry.hub.docker.com/curlimages/curl:latest","advanced":true},{"name":"GLPKG_FILES","description":"Glob patterns matching files to include in the GitLab package (:warning: does not support double star)","mandatory":true},{"name":"GLPKG_PACKAGE","description":"Name of the package to publish","default":"$CI_PROJECT_NAME"}],"extension_id":null,"project":{"tag":"1.2.2","tags":["1.2.2","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.0","1"],"name":"gitlab-package","path":"to-be-continuous/gitlab-package","web_url":"https://gitlab.com/to-be-continuous/gitlab-package","avatar":"https://gitlab.com/uploads/-/system/project/avatar/47461614/logo.png"}},{"name":"Gitleaks","description":"Detect and prevent hardcoded secrets in your Git repository with [Gitleaks](https://github.com/zricethezav/gitleaks/wiki)","template_path":"templates/gitlab-ci-gitleaks.yml","kind":"analyse","prefix":"gitleaks","is_component":true,"variables":[{"name":"GITLEAKS_IMAGE","description":"The Docker image used to run Gitleaks","default":"registry.hub.docker.com/zricethezav/gitleaks:latest"},{"name":"GITLEAKS_RULES","description":"Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks/wiki/Configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project).","advanced":true},{"name":"GITLEAKS_ARGS","description":"[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches)","default":"--verbose --redact","advanced":true}],"extension_id":null,"project":{"tag":"2.6.1","tags":["2.6.1","2.6.0","2.6","2.5.2","2.5.1","2.5.0","2.5","2.4.1","2.4.0","2.4","2.3.0","2.3","2.2.3","2.2.2","2.2.1","2.2.0","2.2","2.1.1","2.1.0","2.1","2.0.0","2.0","2","1.3.0","1.3","1.2.5","1.2.4","1.2.3","1.2.2","1.2.1","1.2.0","1.1.1","1.1.0","1.0.0","1"],"name":"gitleaks","path":"to-be-continuous/gitleaks","web_url":"https://gitlab.com/to-be-continuous/gitleaks","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454220/logo.png"}},{"name":"Go","description":"Build, test and analyse your [Go](https://golang.org/) projects","template_path":"templates/gitlab-ci-golang.yml","kind":"build","prefix":"go","is_component":true,"variables":[{"name":"GO_IMAGE","description":"The Docker image used to run Go (build+test or build only) - **set the version required by your project**","default":"registry.hub.docker.com/library/golang:bookworm"},{"name":"GO_PROJECT_DIR","description":"Go project root directory","default":".","advanced":true},{"name":"GOPROXY","description":"URL of Go module proxy (see [Go env](https://golang.org/cmd/go/#hdr-Environment_variables))","advanced":true},{"name":"GO_TEST_IMAGE","description":"Specific Docker image used to run Go tests (as a separate job)","advanced":true},{"name":"GO_BUILD_FLAGS","description":"Flags used by the [go build command](https://pkg.go.dev/cmd/go#hdr-Compile_packages_and_dependencies)","default":"-mod=readonly","advanced":true},{"name":"GO_BUILD_MODE","description":"The template build mode (accepted values are `application`, `modules` and `auto`)","type":"enum","values":["auto","application","modules"],"default":"auto","advanced":true},{"name":"GO_BUILD_LINKER_FLAGS","description":"Linker flags used by the [go build command](https://pkg.go.dev/cmd/go#hdr-Compile_packages_and_dependencies) `-ldflags`","default":"-s -w","advanced":true},{"name":"GO_BUILD_PACKAGES","description":"Packages to build with the [go build command](https://pkg.go.dev/cmd/go#hdr-Compile_packages_and_dependencies)","default":"./..."},{"name":"GO_TARGET_OS","description":"The `$GOOS` target [see available values](https://gist.github.com/asukakenji/f15ba7e588ac42795f421b48b8aede63)\n\nFallbacks to default `$GOOS` from the Go Docker image","advanced":true},{"name":"GO_TARGET_ARCH","description":"The `$GOARCH` target [see available values](https://gist.github.com/asukakenji/f15ba7e588ac42795f421b48b8aede63)\n\nFallbacks to default `$GOARCH` from the Go Docker image","advanced":true},{"name":"GO_TEST_FLAGS","description":"Flags used by the [go test command](https://pkg.go.dev/cmd/go#hdr-Test_packages)","default":"-mod=readonly -v -race","advanced":true},{"name":"GO_TEST_PACKAGES","description":"Packages to test with the [go test command](https://pkg.go.dev/cmd/go#hdr-Test_packages)","default":"./..."},{"name":"GO_LIST_ARGS","description":"Arguments used by the list command","default":"list -u -m -mod=readonly -json all","advanced":true},{"name":"GO_COBERTURA_FLAGS","description":"Build flags to add to use gocover-cobertura, leave blank if not needed","advanced":true}],"features":[{"id":"generate","name":"go generate","description":"generate code with [go generate](https://go.dev/blog/generate)","variables":[{"name":"GO_GENERATE_MODULES","description":"Space separated list of Go code generator modules (ex: `stringer mockery`)","mandatory":true}]},{"id":"golangci-lint","name":"GolangCI-Lint","description":"[GolangCI-Lint](https://github.com/golangci/golangci-lint) analysis","disable_with":"GO_CI_LINT_DISABLED","variables":[{"name":"GO_CI_LINT_IMAGE","description":"The Docker image used to run `golangci-lint`","default":"registry.hub.docker.com/golangci/golangci-lint:latest-alpine"},{"name":"GO_CI_LINT_ARGS","description":"`golangci-lint` [command line arguments](https://github.com/golangci/golangci-lint#command-line-options)","default":"-E gosec,goimports ./...","advanced":true}]},{"id":"go-mod-outdated","name":"Go-mod-outdated","description":"[Go-mod-outdated](https://github.com/psampaz/go-mod-outdated) analysis","variables":[{"name":"GO_MOD_OUTDATED_ARGS","description":"`god-mod-outdated` [command line arguments](https://github.com/psampaz/go-mod-outdated#usage","default":"-update -direct","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [cyclonedx-gomod](https://github.com/CycloneDX/cyclonedx-gomod)","disable_with":"GO_SBOM_DISABLED","variables":[{"name":"GO_SBOM_IMAGE","default":"registry.hub.docker.com/cyclonedx/cyclonedx-gomod:latest"},{"name":"GO_SBOM_OPTS","description":"[@cyclonedx/cyclonedx-gomod options](https://github.com/CycloneDX/cyclonedx-gomod#usage) used for SBOM analysis","default":"-main .","advanced":true}]},{"id":"go-semgrep","name":"Semgrep","description":"[Semgrep](https://semgrep.dev/docs/) analysis","disable_with":"GO_SEMGREP_DISABLED","variables":[{"name":"GO_SEMGREP_IMAGE","description":"The Docker image used to run [Semgrep](https://semgrep.dev/docs/)","default":"registry.hub.docker.com/semgrep/semgrep:latest"},{"name":"GO_SEMGREP_ARGS","description":"Semgrep [scan options](https://semgrep.dev/docs/cli-reference#semgrep-scan-command-options)","default":"--metrics off --disable-version-check"},{"name":"GO_SEMGREP_RULES","description":"Space-separated list of [Semgrep rules](https://semgrep.dev/docs/running-rules).\n\nCan be both local YAML files or remote rules from the [Semgrep Registry](https://semgrep.dev/explore) (denoted by the `p/` prefix)","default":"p/golang p/gosec"},{"name":"GO_SEMGREP_DOWNLOAD_RULES_ENABLED","description":"Download Semgrep remote rules","type":"boolean","default":"true"}]},{"id":"govulncheck","name":"Govulncheck","description":"Vulnerability Management with [Govulncheck](https://go.dev/blog/vuln)","disable_with":"GO_VULNCHECK_DISABLED","variables":[{"name":"GO_VULNCHECK_ARGS","description":"`govulncheck` [command line arguments](https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck#hdr-Flags)","default":"./...","advanced":true}]}],"extension_id":null,"project":{"tag":"4.11.1","tags":["4.11.1","4.11.0","4.11","4.10.0","4.10","4.9.2","4.9.1","4.9.0","4.9","4.8.3","4.8.2","4.8.1","4.8.0","4.8","4.7.0","4.7","4.6.1","4.6.0","4.6","4.5.1","4.5.0","4.5","4.4.0","4.4","4.3.0","4.3","4.2.0","4.2","4.1.2","4.1.1","4.1.0","4.1","4.0.2","4.0.1","4.0.0","4.0","4","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.3.0","2.3","2.2.0","2.2","2.1.3","2.1.2","2.1.1","2.1.0","2.0.3","2.0.2","2.0.1","2.0.0","2","1.3.0","1.2.2","1.2.1","1.2.0","1.1.0","1.0.0"],"name":"golang","path":"to-be-continuous/golang","web_url":"https://gitlab.com/to-be-continuous/golang","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454222/logo.png"}},{"name":"Gradle","description":"Build, test and analyse your [Gradle](https://gradle.org/)-based projects","template_path":"templates/gitlab-ci-gradle.yml","kind":"build","prefix":"gradle","is_component":true,"variables":[{"name":"GRADLE_IMAGE","description":"The Docker image used to run Gradle - **set the version required by your project**","default":"registry.hub.docker.com/library/gradle:latest"},{"name":"GRADLE_CLI_OPTS","description":"Additional Gradle options used on the command line","advanced":true},{"name":"GRADLE_CLI_BIN","description":"The location of the gradle binary. If you prefer using a [gradle wrapper](https://docs.gradle.org/current/userguide/gradle_wrapper.html) you should override this (for e.g. `gradlew`)","default":"gradle","advanced":true},{"name":"GRADLE_USER_HOME","description":"The gradle user home","default":"$CI_PROJECT_DIR/.gradle","advanced":true},{"name":"GRADLE_DAEMON","description":"Whether to use or not gradle daemon","default":"false","advanced":true},{"name":"GRADLE_BUILD_ARGS","description":"Gradle arguments for the build & test job","default":"build","advanced":true},{"name":"GRADLE_PROJECT_DIR","description":"Gradle project root directory","default":".","advanced":true},{"name":"JACOCO_CSV_REPORT","description":"Name of code coverage report","default":"jacocoTestReport.csv","advanced":true}],"features":[{"id":"sonar","name":"SONAR","description":"Code quality and security analysis with [SONARQube](https://www.sonarqube.org/)","variables":[{"name":"SONAR_HOST_URL","type":"url","description":"SonarQube server url","mandatory":true},{"name":"SONAR_TOKEN","description":"SonarQube authentication token (see https://docs.sonarsource.com/sonarqube-server/latest/user-guide/managing-tokens/)","secret":true},{"name":"SONAR_BASE_ARGS","description":"SonarQube [analysis arguments](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/analysis-parameters/)","default":"sonar -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues","advanced":true},{"name":"SONAR_QUALITY_GATE_ENABLED","description":"Enables SonarQube [Quality Gate](https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/quality-gates/) verification.\n\n_Uses `sonar.qualitygate.wait` parameter ([see doc](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/ci-integration/overview/#quality-gate-fails))._","type":"boolean"}]},{"id":"dependency-check","name":"Dependency Check","description":"Runs a Gradle dependency check","disable_with":"GRADLE_DEPENDENCY_CHECK_DISABLED","variables":[{"name":"GRADLE_DEPENDENCY_CHECK_TASK","description":"The dependency-check task that is invoked","default":"dependencyCheckAnalyze","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [cyclonedx-gradle-plugin](https://github.com/CycloneDX/cyclonedx-gradle-plugin)","disable_with":"GRADLE_SBOM_DISABLED","variables":[{"name":"GRADLE_SBOM_VERSION","description":"Version of the `cyclonedx-gradle-plugin` used for SBOM analysis.\n\n_When unset, the latest version will be used_"},{"name":"GRADLE_MAVEN_PLUGIN_URL","description":"Maven Repository that is used to download the `cyclonedx-gradle-plugin`. No trailing slash.","default":"https://plugins.gradle.org/m2"}]},{"id":"publish","name":"Publish (snapshot & release)","description":"Enable publishing to an artifacts repository","disable_with":"GRADLE_NO_PUBLISH","variables":[{"name":"GRADLE_PUBLISH_ARGS","description":"The publish task that is invoked","default":"publish","advanced":true},{"name":"GRADLE_PUBLISH_VERSION","description":"The value is propagated as gradle properties named `version`.\n\nIt should be used in your publish task","default":"${CI_COMMIT_REF_SLUG}-SNAPSHOT","advanced":true}]}],"extension_id":null,"project":{"tag":"2.8.0","tags":["2.8.0","2.8","2.7.2","2.7.1","2.7.0","2.7","2.6.3","2.6.2","2.6.1","2.6.0","2.6","2.5.0","2.5","2.4.2","2.4.1","2.4.0","2.4","2.3.0","2.3","2.2.2","2.2.1","2.2.0","2.2","2.1.0","2.1","2.0.0","2.0","2","1.4.0","1.4","1.3.1","1.3.0","1.2.1","1.2.0","1.1.0","1.0.0","1"],"name":"gradle","path":"to-be-continuous/gradle","web_url":"https://gitlab.com/to-be-continuous/gradle","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454226/logo.png"}},{"name":"Helm","description":"Build your Helm Charts and/or deploy your application to a Kubernetes platform using [Helm](https://helm.sh/)","template_path":"templates/gitlab-ci-helm.yml","kind":"hosting","prefix":"helm","is_component":true,"variables":[{"name":"HELM_CLI_IMAGE","description":"The Docker image used to run Helm - **set the version required by your Kubernetes server**","default":"registry.hub.docker.com/alpine/helm:latest"},{"name":"HELM_CHART_DIR","description":"The folder where the Helm chart is located","default":"."},{"name":"HELM_SCRIPTS_DIR","description":"The folder where hook scripts are located","default":"."},{"name":"HELM_COMMON_VALUES","description":"Common values file (used for all environments, overridden by specific per-env values files)"},{"name":"HELM_DEPLOY_CHART","description":"The Helm [chart](https://helm.sh/docs/topics/charts/) to deploy. _Only required if you want to deploy an **external** chart._"},{"name":"HELM_REPOS","description":"The Helm [chart repositories](https://helm.sh/docs/topics/chart_repository/) to use (formatted as `repo_name_1@repo_url_1 repo_name_2@repo_url_2 ...`)","default":"stable@https://charts.helm.sh/stable bitnami@https://charts.bitnami.com/bitnami"},{"name":"KUBE_NAMESPACE","description":"The default Kubernetes namespace to use. _Leave default if [GitLab Kubernetes integration](https://docs.gitlab.com/user/project/clusters/) is enabled._"},{"name":"HELM_DEFAULT_KUBE_CONFIG","description":"The default kubeconfig content to use. Automatically set if GitLab Kubernetes integration is enabled.","default":"$KUBECONFIG","secret":true},{"name":"HELM_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"HELM_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.helm.acme.com`)_"},{"name":"HELM_DEPLOY_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_upgrade/) to deploy the application (_without dynamic arguments such as release name and chart_)","default":"upgrade --install --atomic --timeout 120s","advanced":true},{"name":"HELM_DELETE_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_uninstall/) to cleanup the application (_without dynamic arguments such as release name_)","default":"uninstall","advanced":true},{"name":"HELM_DEPENDENCY_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_dependency_update/) to update on-disk the chart dependencies (_without dynamic arguments such as the chart path_)","default":"dependency update","advanced":true},{"name":"HELM_ENV_VALUE_NAME","description":"The name of the Helm [value](https://helm.sh/docs/chart_best_practices/values/) containing the _environment type_","default":"environmentType","advanced":true},{"name":"HELM_HOSTNAME_VALUE_NAME","description":"The name of the Helm [value](https://helm.sh/docs/chart_best_practices/values/) containing the _environment hostname_ (extracted from the environment URL)","default":"hostname","advanced":true}],"features":[{"id":"lint","name":"Helm Lint","description":"Static code analysis of your Helm chart with [Helm Lint](https://helm.sh/docs/helm/helm_lint/)","disable_with":"HELM_LINT_DISABLED","variables":[{"name":"HELM_LINT_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_lint/) to trigger the analysis (_without dynamic arguments such as the chart path_)","default":"lint --strict","advanced":true}]},{"id":"test","name":"Helm Test","description":"Acceptance test of your Helm chart with [Helm Test](https://helm.sh/docs/helm/helm_test/)","enable_with":"HELM_TEST_ENABLED","variables":[{"name":"HELM_TEST_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_test/) to perform acceptance test (_without dynamic arguments such as release name_)","default":"test","advanced":true}]},{"id":"yamllint","name":"Yaml Lint","description":"[Yaml Lint](https://github.com/adrienverge/yamllint) of your Helm [values file](https://helm.sh/docs/chart_template_guide/values_files/)","disable_with":"HELM_YAMLLINT_DISABLED","variables":[{"name":"HELM_YAMLLINT_IMAGE","description":"The Docker image used to run YamlLint test","default":"registry.hub.docker.com/cytopia/yamllint"},{"name":"HELM_YAMLLINT_CONFIG","description":"Config used with the yamllint tool","default":"{extends: relaxed, rules: {line-length: {max: 160}}}","advanced":true},{"name":"HELM_YAMLLINT_ARGS","description":"Arguments used by the lint job","default":"-f colored --strict","advanced":true}]},{"id":"kube-score","name":"Kube-Score","description":"Run [Kube-Score](https://kube-score.com/) on the resources to be created by Helm","disable_with":"HELM_KUBE_SCORE_DISABLED","variables":[{"name":"HELM_KUBE_SCORE_IMAGE","description":"The Docker image used to run [Kube-Score](https://kube-score.com/)","default":"registry.hub.docker.com/zegl/kube-score"},{"name":"HELM_KUBE_SCORE_ARGS","description":"Arguments used by the kube-score job","advanced":true},{"name":"HELM_K8S_VERSION","description":"Kubernetes version (_so that `.Capabilities.KubeVersion.Version` can be correctly interpreted_). \n\n Expected format: `vX.YY`","advanced":true}]},{"id":"package","name":"Package your chart","description":"[Package](https://helm.sh/docs/helm/helm_package/) your Helm chart","variables":[{"name":"HELM_PACKAGE_ARGS","description":"The Helm [command with options](https://helm.sh/docs/helm/helm_package/) to perform the packaging (_without dynamic arguments such as the chart path_)","default":"package --dependency-update","advanced":true},{"name":"HELM_PUBLISH_SNAPSHOT_ENABLED","description":"Set to `true` to enable publishing the snapshot (untested) chart during the packaging step","type":"boolean","advanced":true},{"name":"HELM_SEMREL_RELEASE_DISABLED","description":"Disable semantic-release integration","type":"boolean","advanced":true}]},{"id":"publish","name":"Publish your chart","description":"Publishes the chart to a [Helm repository](https://helm.sh/docs/topics/chart_repository/) or [OCI-based registry](https://helm.sh/docs/topics/registries/)","variables":[{"name":"HELM_PUBLISH_URL","description":"The URL of the Helm repository to publish your Helm package","default":"oci://$CI_REGISTRY/$CI_PROJECT_PATH/charts"},{"name":"HELM_PUBLISH_METHOD","description":"HTTP method to use to push the package","default":"auto","type":"enum","values":["auto","push","post","put","custom","disabled"],"advanced":true},{"name":"HELM_PUBLISH_USER","description":"Helm repository username","default":"$CI_REGISTRY_USER","secret":true},{"name":"HELM_PUBLISH_PASSWORD","description":"Helm repository password","default":"$CI_REGISTRY_PASSWORD","secret":true},{"name":"HELM_PUBLISH_ON","description":"Defines on which Git reference(s) the publish job shall be enabled\n\n`prod` to enable on production branch only, `protected` to enable on protected references, `all` to enable on all Git branches and `tag` on Git release tags (always auto, superseeds `HELM_PUBLISH_STRATEGY`)","default":"prod","type":"enum","values":["prod","protected","all","tag"]},{"name":"HELM_PUBLISH_STRATEGY","description":"Defines the publish strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"},{"name":"HELM_CM_PUSH_PLUGIN_VERSION","description":"cm-push plugin version to install (only when using `push` method with a regular chart [repository](https://helm.sh/docs/topics/chart_repository/)","advanced":true}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","enable_with":"HELM_REVIEW_ENABLED","variables":[{"name":"HELM_REVIEW_APP_NAME","description":"The application name for `review` env _(only define to override default)_","advanced":true},{"name":"HELM_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"HELM_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELM_REVIEW_VALUES","description":"The Values file to use with `review` environment"},{"name":"HELM_REVIEW_NAMESPACE","description":"The Kubernetes namespace to use for `review` env _(only define to override default)_","advanced":true},{"name":"HELM_REVIEW_KUBE_CONFIG","description":"Specific kubeconfig for review env (only define to override default)","advanced":true,"secret":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"HELM_INTEG_ENABLED","variables":[{"name":"HELM_INTEG_APP_NAME","description":"The application name for `integration` env _(only define to override default)_","advanced":true},{"name":"HELM_INTEG_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `integration` env","default":"never"},{"name":"HELM_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELM_INTEG_VALUES","description":"The Values file to use with `integration` environment"},{"name":"HELM_INTEG_NAMESPACE","description":"The Kubernetes namespace to use for `integration` env _(only define to override default)_","advanced":true},{"name":"HELM_INTEG_KUBE_CONFIG","description":"Specific kubeconfig for integration env (only define to override default)","advanced":true,"secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"HELM_STAGING_ENABLED","variables":[{"name":"HELM_STAGING_APP_NAME","description":"The application name for `staging` env _(only define to override default)_","default":"${HELM_BASE_APP_NAME}-staging","advanced":true},{"name":"HELM_STAGING_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `staging` env","default":"never"},{"name":"HELM_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELM_STAGING_VALUES","description":"The Values file to use with `staging` environment"},{"name":"HELM_STAGING_NAMESPACE","description":"The Kubernetes namespace to use for `staging` env _(only define to override default)_","advanced":true},{"name":"HELM_STAGING_KUBE_CONFIG","description":"Specific kubeconfig for staging env (only define to override default)","advanced":true,"secret":true}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"HELM_PROD_ENABLED","variables":[{"name":"HELM_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"HELM_PROD_APP_NAME","description":"The application name for `production` env _(only define to override default)_","advanced":true},{"name":"HELM_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELM_PROD_VALUES","description":"The Values file to use with `production` environment"},{"name":"HELM_PROD_NAMESPACE","description":"The Kubernetes namespace to use for `production` env _(only define to override default)_","advanced":true},{"name":"HELM_PROD_KUBE_CONFIG","description":"Specific kubeconfig for production env (only define to override default)","advanced":true,"secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-helm-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp","name":"Google Cloud","description":"Retrieve credentials for Google Cloud","template_path":"templates/gitlab-ci-helm-gcp.yml","variables":[{"name":"TBC_GCP_PROVIDER_IMAGE","description":"The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest","advanced":true},{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `production` environment","advanced":true}]}],"extension_id":null,"project":{"tag":"7.4.1","tags":["7.4.1","7.4.0","7.4","7.3.1","7.3.0","7.3","7.2.6","7.2.5","7.2.4","7.2.3","7.2.2","7.2.1","7.2.0","7.2","7.1.0","7.1","7.0.2","7.0.1","7.0.0","7.0","7","6.1.1","6.1.0","6.1","6.0.0","6.0","6","5.3.1","5.3.0","5.3","5.2.0","5.2","5.1.0","5.1","5.0.0","5.0","5","4.1.7","4.1.6","4.1.5","4.1.4","4.1.3","4.1.2","4.1.1","4.1.0","4.1","4.0.1","4.0.0","4.0","4","3.3.2","3.3.1","3.3.0","3.3","3.2.0","3.2","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.4.1","2.4.0","2.4","2.3.0","2.3","2.2.0","2.1.0","2.0.6","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","2","1.4.2","1.4.1","1.4.0","1.3.0","1.2.1","1.2.0","1.1.1","1.1.0","1.0.0"],"name":"helm","path":"to-be-continuous/helm","web_url":"https://gitlab.com/to-be-continuous/helm","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454230/logo.png"}},{"name":"Helmfile","description":"Deploy your application to a [Kubernetes](https://kubernetes.io/) platform using [helmfile](https://github.com/helmfile/helmfile)","template_path":"templates/gitlab-ci-helmfile.yml","kind":"hosting","prefix":"helmfile","is_component":true,"variables":[{"name":"HELMFILE_CLI_IMAGE","description":"The Docker image used to run helmfile - **set the version required by your Kubernetes server**","default":"ghcr.io/helmfile/helmfile:latest"},{"name":"HELMFILE_SCRIPTS_DIR","description":"The folder where hook scripts are located","default":"."},{"name":"HELMFILE_PATH","description":"Path to the `helmfile.yaml` to deploy","default":"./helmfile.yaml"},{"name":"KUBE_NAMESPACE","description":"The default Kubernetes namespace to use. _Leave default if [GitLab Kubernetes integration](https://docs.gitlab.com/user/project/clusters/) is enabled._"},{"name":"HELMFILE_DEFAULT_KUBE_CONFIG","description":"The default kubeconfig content to use. Automatically set if GitLab Kubernetes integration is enabled.","default":"$KUBECONFIG","secret":true},{"name":"HELMFILE_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"HELMFILE_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.helm.acme.com`)_"},{"name":"HELMFILE_DEPLOY_ARGS","description":"The helmfile [command with options](https://helmfile.readthedocs.io/en/latest/#apply) to deploy the application (_without dynamic global parameters such as helmfile path, namespace and environment name)","default":"apply --suppress-secrets --wait","advanced":true},{"name":"HELMFILE_DELETE_ARGS","description":"The helmfile [command with options](https://helmfile.readthedocs.io/en/latest/#destroy) to cleanup the application (_without dynamic global parameters such as helmfile path, namespace and environment name)","default":"destroy","advanced":true},{"name":"HELMFILE_PGP_PRIVATE_KEY_FILE","description":"PGP Private key for decrypting helmfile secrets with SOPS (optional). Should be set as a File type variable.","secret":true},{"name":"HELMFILE_PGP_PASSPHRASE","description":"Passphrase for PGP private key (optional)","secret":true},{"name":"HELMFILE_IMAGE_PULL_SECRET_NAME","description":"Name of the `docker-registry` k8s secret that will be created if the special [GitLab deploy token](https://docs.gitlab.com/user/project/deploy_tokens/#gitlab-deploy-token) is available.","default":"gitlab-registry","advanced":true}],"features":[{"id":"lint","name":"Helmfile Lint","description":"Runs a [helm lint](https://helm.sh/docs/helm/helm_lint/) across all of the charts/releases in the helmfile manifest.","enable_with":"HELMFILE_LINT_ENABLED","variables":[{"name":"HELMFILE_LINT_ARGS","description":"The helmfile [command with options](https://helmfile.readthedocs.io/en/latest/#lint) to trigger the analysis (_without dynamic arguments such as the helmfile path)","default":"lint","advanced":true}]},{"id":"test","name":"Helmfile Test","description":"Runs acceptance [Helm tests](https://helm.sh/docs/topics/chart_tests/) against the specified releases in the helmfile manifest","enable_with":"HELMFILE_TEST_ENABLED","variables":[{"name":"HELMFILE_TEST_ARGS","description":"The helmfile [command with options](https://helmfile.readthedocs.io/en/latest/#test) to perform acceptance test (_without dynamic global arguments such as the helmfile.yaml path, namespace and environment name_)","default":"test --logs --cleanup","advanced":true}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","enable_with":"HELMFILE_REVIEW_ENABLED","variables":[{"name":"HELMFILE_REVIEW_APP_NAME","description":"The application name for `review` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"HELMFILE_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELMFILE_REVIEW_NAMESPACE","description":"The Kubernetes namespace to use for `review` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_REVIEW_KUBE_CONFIG","description":"Specific kubeconfig for review env (only define to override default)","advanced":true,"secret":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"HELMFILE_INTEG_ENABLED","variables":[{"name":"HELMFILE_INTEG_APP_NAME","description":"The application name for `integration` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_INTEG_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `integration` env","default":"never"},{"name":"HELMFILE_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELMFILE_INTEG_NAMESPACE","description":"The Kubernetes namespace to use for `integration` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_INTEG_KUBE_CONFIG","description":"Specific kubeconfig for integration env (only define to override default)","advanced":true,"secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"HELMFILE_STAGING_ENABLED","variables":[{"name":"HELMFILE_STAGING_APP_NAME","description":"The application name for `staging` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_STAGING_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `staging` env","default":"never"},{"name":"HELMFILE_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELMFILE_STAGING_NAMESPACE","description":"The Kubernetes namespace to use for `staging` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_STAGING_KUBE_CONFIG","description":"Specific kubeconfig for staging env (only define to override default)","advanced":true,"secret":true}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"HELMFILE_PROD_ENABLED","variables":[{"name":"HELMFILE_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"HELMFILE_PROD_APP_NAME","description":"The application name for `production` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"HELMFILE_PROD_NAMESPACE","description":"The Kubernetes namespace to use for `production` env _(only define to override default)_","advanced":true},{"name":"HELMFILE_PROD_KUBE_CONFIG","description":"Specific kubeconfig for production env (only define to override default)","advanced":true,"secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-helmfile-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"3.2.4","tags":["3.2.4","3.2.3","3.2.2","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.3","3.0.2","3.0.1","3.0.0","3.0","3","2.1.0","2.1","2.0.0","2.0","2","1.1.0","1.1","1.0.0","1.0","1"],"name":"helmfile","path":"to-be-continuous/helmfile","web_url":"https://gitlab.com/to-be-continuous/helmfile","avatar":"https://gitlab.com/uploads/-/system/project/avatar/44473697/logo.png"}},{"name":"Hurl","description":"Run your automated tests with [Hurl](https://hurl.dev/)","template_path":"templates/gitlab-ci-hurl.yml","kind":"acceptance","prefix":"hurl","is_component":true,"variables":[{"name":"HURL_IMAGE","description":"The Docker image used to run Hurl","default":"ghcr.io/orange-opensource/hurl:latest"},{"name":"HURL_TEST_FILES","description":"The Hurl test files to run","default":"--glob **/*.hurl"},{"name":"HURL_EXTRA_ARGS","description":"Hurl extra [run options](https://hurl.dev/docs/manual.html#options)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Hurl tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"1.4.0","tags":["1.4.0","1.4","1.3.0","1.3","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.1","1.0.0","1.0","1"],"name":"hurl","path":"to-be-continuous/hurl","web_url":"https://gitlab.com/to-be-continuous/hurl","avatar":"https://gitlab.com/uploads/-/system/project/avatar/50266464/logo.png"}},{"name":"k6","description":"Run your automated load-testing with [k6](https://k6.io/)","template_path":"templates/gitlab-ci-k6.yml","kind":"acceptance","prefix":"k6","is_component":true,"variables":[{"name":"K6_IMAGE","description":"The Docker image used to run k6 CLI.","default":"registry.hub.docker.com/grafana/k6:latest"},{"name":"K6_TESTS_DIR","description":"The k6 tests directory","default":"k6"},{"name":"K6_EXTRA_ARGS","description":"k6 extra [command-line](https://k6.io/docs/getting-started/running-k6)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable k6 tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.4.3","tags":["3.4.3","3.4.2","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.0.0"],"name":"k6","path":"to-be-continuous/k6","web_url":"https://gitlab.com/to-be-continuous/k6","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26797499/logo.png"}},{"name":"Kubernetes","description":"Deploy your application to a [Kubernetes](https://kubernetes.io/) platform using [declarative configuration](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/declarative-config/) or [Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/)","template_path":"templates/gitlab-ci-k8s.yml","kind":"hosting","prefix":"k8s","is_component":true,"variables":[{"name":"K8S_KUBECTL_IMAGE","description":"The Docker image used to run Kubernetes `kubectl` commands - **set the version required by your Kubernetes server**","default":"registry.hub.docker.com/bitnami/kubectl:latest"},{"name":"K8S_DEFAULT_KUBE_CONFIG","description":"The default kubeconfig to use (either content or file variable) (only define if not using exploded kubeconfig parameters)","secret":true},{"name":"K8S_URL","type":"url","description":"Global Kubernetes API url (only define if using exploded kubeconfig parameters)"},{"name":"K8S_TOKEN","description":"Global Kubernetes API token (only define if using exploded kubeconfig parameters)","secret":true},{"name":"K8S_CA_CERT","description":"Global Kubernetes cluster server certificate authority (only define if using exploded kubeconfig parameters)","secret":true},{"name":"K8S_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"K8S_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.k8s.acme.com`)_"},{"name":"K8S_SCRIPTS_DIR","description":"directory where Kubernetes scripts (templates, hook scripts) are located","default":".","advanced":true},{"name":"K8S_KUSTOMIZE_ENABLED","description":"Set to `true` to enable [Kustomize](https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/)","type":"boolean","advanced":true},{"name":"K8S_KUSTOMIZE_ARGS","description":"Additional [`kubectl kustomize` options](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#kustomize)\n\n_For example: `--enable-helm`_","advanced":true}],"features":[{"id":"kube-score","name":"kube-score","description":"Static code analysis of your Kubernetes templates with [kube-score](https://github.com/zegl/kube-score)","disable_with":"K8S_SCORE_DISABLED","variables":[{"name":"K8S_KUBE_SCORE_IMAGE","description":"Docker image to run [kube-score](https://github.com/zegl/kube-score)","default":"registry.hub.docker.com/zegl/kube-score:latest"},{"name":"K8S_SCORE_EXTRA_OPTS","description":"Additional [kube-score options](https://github.com/zegl/kube-score#configuration)","advanced":true}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","variables":[{"name":"K8S_REVIEW_SPACE","description":"Kubernetes namespace for review env","mandatory":true},{"name":"K8S_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"K8S_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"K8S_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"K8S_REVIEW_KUBE_CONFIG","description":"Specific kubeconfig for review env (only define if not using exploded parameters and if different from global)","secret":true},{"name":"K8S_REVIEW_URL","type":"url","description":"Kubernetes API url for review env (only define if using exploded kubeconfig parameters and if different from global)","advanced":true},{"name":"K8S_REVIEW_TOKEN","description":"Kubernetes API token for review env (only define if using exploded kubeconfig parameters and if different from global)","secret":true},{"name":"K8S_REVIEW_CA_CERT","description":"Kubernetes cluster server certificate authority for review env (only define if using exploded kubeconfig parameters and if different from global)","secret":true}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"K8S_INTEG_SPACE","description":"Kubernetes namespace for integration env","mandatory":true},{"name":"K8S_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"K8S_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"K8S_INTEG_KUBE_CONFIG","description":"Specific kubeconfig for integration env (only define if not using exploded parameters and if different from global)","secret":true},{"name":"K8S_INTEG_URL","type":"url","description":"Kubernetes API url for integration env (only define if using exploded kubeconfig parameters and if different from global)","advanced":true},{"name":"K8S_INTEG_TOKEN","description":"Kubernetes API token for integration env (only define if using exploded kubeconfig parameters and if different from global)","secret":true},{"name":"K8S_INTEG_CA_CERT","description":"Kubernetes cluster server certificate authority for integration env (only define if using exploded kubeconfig parameters and if different from global)","secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"K8S_STAGING_SPACE","description":"Kubernetes namespace for staging env","mandatory":true},{"name":"K8S_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"K8S_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"K8S_STAGING_KUBE_CONFIG","description":"Specific kubeconfig for staging env (only define if not using exploded parameters and if different from global)","secret":true},{"name":"K8S_STAGING_URL","type":"url","description":"Kubernetes API url for staging env (only define if using exploded kubeconfig parameters and if different from global)","advanced":true},{"name":"K8S_STAGING_TOKEN","description":"Kubernetes API token for staging env (only define if using exploded kubeconfig parameters and if different from global)","secret":true},{"name":"K8S_STAGING_CA_CERT","description":"Kubernetes cluster server certificate authority for staging env (only define if using exploded kubeconfig parameters and if different from global)","secret":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"K8S_PROD_SPACE","description":"Kubernetes namespace for production env","mandatory":true},{"name":"K8S_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"K8S_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"K8S_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"K8S_PROD_KUBE_CONFIG","description":"Specific kubeconfig for production env (only define if not using exploded parameters and if different from global)","secret":true},{"name":"K8S_PROD_URL","type":"url","description":"Kubernetes API url for production env (only define if using exploded kubeconfig parameters and if different from global)","advanced":true},{"name":"K8S_PROD_TOKEN","description":"Kubernetes API token for production env (only define if using exploded kubeconfig parameters and if different from global)","secret":true},{"name":"K8S_PROD_CA_CERT","description":"Kubernetes cluster server certificate authority for production env (only define if using exploded kubeconfig parameters and if different from global)","secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-k8s-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp-auth-provider","name":"Google Cloud","description":"This variant uses [Application Default Credentials][gcp-adc] through the `GOOGLE_APPLICATION_CREDENTIALS` variable using Workload Identity federation.","template_path":"templates/gitlab-ci-k8s-gcp.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `production` environment","advanced":true},{"name":"K8S_KUBECTL_IMAGE","description":"The Docker image used to run Kubernetes `kubectl` commands on [GKE](https://cloud.google.com/kubernetes-engine/docs)","default":"gcr.io/google.com/cloudsdktool/cloud-sdk:latest"}]}],"extension_id":null,"project":{"tag":"6.3.0","tags":["6.3.0","6.3","6.2.0","6.2","6.1.4","6.1.3","6.1.2","6.1.1","6.1.0","6.1","6.0.2","6.0.1","6.0.0","6.0","6","5.2.0","5.2","5.1.0","5.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.5.0","3.5","3.4.3","3.4.2","3.4.1","3.4.0","3.4","3.3.3","3.3.2","3.3.1","3.3.0","3.3","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.3.2","2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.0","2.0.7","2.0.6","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","2","1.3.1","1.3.0","1.2.0","1.1.0","1.0.0"],"name":"kubernetes","path":"to-be-continuous/kubernetes","web_url":"https://gitlab.com/to-be-continuous/kubernetes","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454231/logo.png"}},{"name":"Lighthouse","description":"Continuously analyse your web apps and web pages performances and developer best practices with [Lighthouse CI](https://github.com/GoogleChrome/lighthouse-ci)","template_path":"templates/gitlab-ci-lighthouse.yml","kind":"acceptance","prefix":"lhci","job_prefix":"lighthouse","is_component":true,"variables":[{"name":"LHCI_IMAGE","description":"The Docker image used to run Lighthouse CI (use [browser images](https://github.com/cypress-io/cypress-docker-images/tree/master/browsers) only).","default":"registry.hub.docker.com/cypress/browsers:latest"},{"name":"LHCI_VERSION","description":"Lighthouse CI version to run","default":"latest","advanced":true},{"name":"LHCI_RUN_OPTS","description":"Lighthouse CI [autorun options](https://github.com/GoogleChrome/lighthouse-ci/blob/main/docs/configuration.md#autorun)","default":"--upload.target=filesystem --collect.settings.chromeFlags=\"--no-sandbox\" --collect.url=\"%{environment_url}\"","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Cypress tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"1.4.0","tags":["1.4.0","1.4","1.3.0","1.3","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.2","1.0.1","1.0.0","1.0","1"],"name":"lighthouse","path":"to-be-continuous/lighthouse","web_url":"https://gitlab.com/to-be-continuous/lighthouse","avatar":"https://gitlab.com/uploads/-/system/project/avatar/47102540/logo.png"}},{"name":"GNU Make","description":"GitLab CI template for [GNU Make](https://www.gnu.org/software/make/)","template_path":"templates/gitlab-ci-make.yml","kind":"build","prefix":"make","is_component":true,"variables":[{"name":"MAKE_IMAGE","description":"The Docker image used to run GNU Make - **set the image required by your project** (see doc)","default":"registry.hub.docker.com/alpinelinux/build-base"},{"name":"MAKE_BUILD_ARGS","description":"Make [options](https://www.gnu.org/software/make/manual/html_node/Options-Summary.html) and [goals](https://www.gnu.org/software/make/manual/html_node/Goals.html) for the build & test job","default":"all test"},{"name":"MAKE_PROJECT_DIR","description":"Makefile root directory","default":".","advanced":true}],"extension_id":null,"project":{"tag":"1.4.1","tags":["1.4.1","1.4.0","1.4","1.3.0","1.3","1.2.0","1.2","1.1.3","1.1.2","1.1.1","1.1.0","1.1","1.0.0","1.0","1"],"name":"make","path":"to-be-continuous/make","web_url":"https://gitlab.com/to-be-continuous/make","avatar":"https://gitlab.com/uploads/-/system/project/avatar/42537057/logo.png"}},{"name":"Maven","description":"Build, test and analyse your [Maven](https://maven.apache.org/)-based projects","template_path":"templates/gitlab-ci-maven.yml","kind":"build","prefix":"maven","job_prefix":"mvn","is_component":true,"variables":[{"name":"MAVEN_IMAGE","description":"The Docker image used to run Maven - **set the version required by your project**","default":"registry.hub.docker.com/library/maven:latest"},{"name":"MAVEN_PROJECT_DIR","description":"Maven project root directory","default":".","advanced":true},{"name":"MAVEN_CFG_DIR","description":"The Maven configuration directory","default":".m2","advanced":true},{"name":"MAVEN_SETTINGS_FILE","description":"The Maven `settings.xml` file path","default":"$MAVEN_CFG_DIR/settings.xml","advanced":true},{"name":"MAVEN_OPTS","description":"[Global Maven options](http://maven.apache.org/configure.html#maven_opts-environment-variable)","default":"-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=${MAVEN_CFG_DIR}/repository -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true","advanced":true},{"name":"MAVEN_CLI_OPTS","description":"Additional [Maven options](https://maven.apache.org/ref/3-LATEST/maven-embedder/cli.html) used on the command line","default":"--no-transfer-progress --batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true","advanced":true},{"name":"MAVEN_BUILD_ARGS","description":"Maven arguments for the build & test job","default":"org.jacoco:jacoco-maven-plugin:prepare-agent verify org.jacoco:jacoco-maven-plugin:report","advanced":true}],"features":[{"id":"sonar","name":"SONAR","description":"Code quality and security analysis with [SONARQube](https://www.sonarqube.org/)","variables":[{"name":"SONAR_HOST_URL","type":"url","description":"SonarQube server url","mandatory":true},{"name":"SONAR_TOKEN","description":"SonarQube authentication token (see https://docs.sonarsource.com/sonarqube-server/latest/user-guide/managing-tokens/) - depends on your authentication method","secret":true},{"name":"SONAR_LOGIN","description":"SonarQube login (depends on your authentication method)","secret":true},{"name":"SONAR_PASSWORD","description":"SonarQube password (depends on your authentication method)","secret":true},{"name":"SONAR_BASE_ARGS","description":"SonarQube [analysis arguments](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/analysis-parameters/)","default":"sonar:sonar -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues","advanced":true},{"name":"SONAR_QUALITY_GATE_ENABLED","description":"Enables SonarQube [Quality Gate](https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/quality-gates/) verification.\n\n_Uses `sonar.qualitygate.wait` parameter ([see doc](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/ci-integration/overview/#quality-gate-fails))._","type":"boolean"}]},{"id":"dependency-check","name":"Dependency-Check","description":"[Dependency-Check](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html) analysis","disable_with":"MAVEN_DEPENDENCY_CHECK_DISABLED","variables":[{"name":"MAVEN_DEPENDENCY_CHECK_ARGS","description":"Maven arguments for Dependency Check job","default":"org.owasp:dependency-check-maven:aggregate -DretireJsAnalyzerEnabled=false -DassemblyAnalyzerEnabled=false -Dformats=HTML,JSON,XML","advanced":true}]},{"id":"forbid-snapshot-dependencies","name":"Snapshot dependencies verification","description":"This job verifies your project has no _snapshot_ dependencies. Failure is allowed in feature branches.","disable_with":"MVN_FORBID_SNAPSHOT_DEPENDENCIES_DISABLED"},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [cyclonedx-maven-plugin](https://github.com/CycloneDX/cyclonedx-maven-plugin)","disable_with":"MAVEN_SBOM_DISABLED","variables":[{"name":"MAVEN_SBOM_GEN_ARGS","description":"Maven command used for SBOM analysis","default":"org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom","advanced":true}]},{"id":"publish","name":"Publish","description":"Publish [Snapshot](https://maven.apache.org/plugins/maven-deploy-plugin/) & [Releases](http://maven.apache.org/maven-release/maven-release-plugin) to a Maven-compliant repository","enable_with":"MAVEN_DEPLOY_ENABLED","variables":[{"name":"MAVEN_DEPLOY_ARGS","description":"Maven arguments for the deploy job","default":"deploy -Dmaven.test.skip=true","advanced":true},{"name":"MAVEN_DEPLOY_FROM_UNPROTECTED_DISABLED","description":"Set to limit snapshot publication to protected branches","type":"boolean","advanced":true},{"name":"MAVEN_DEPLOY_SNAPSHOT_WITH_SLUG_ENABLED","description":"Enable to inject the Git branch slug in SNAPSHOT versions","type":"boolean","advanced":true},{"name":"MAVEN_RELEASE_ARGS","description":"Maven arguments for the release job","default":"release:prepare -DtagNameFormat=@{project.version} -Darguments=-Dmaven.test.skip=true","advanced":true},{"name":"MAVEN_RELEASE_VERSION","description":"Explicit version to use when triggering a release\n\n_Otherwise uses the current snapshot version from `pom.xml`)_","advanced":true},{"name":"MAVEN_RELEASE_SCM_COMMENT_PREFIX","description":"Maven release plugin [scmCommentPrefix](https://maven.apache.org/maven-release/maven-release-plugin/prepare-mojo.html#scmCommentPrefix) parameter","default":"chore(maven-release): ","advanced":true},{"name":"MAVEN_RELEASE_SCM_RELEASE_COMMENT","description":"Maven release plugin [scmReleaseCommitComment](https://maven.apache.org/maven-release/maven-release-plugin/prepare-mojo.html#scmReleaseCommitComment) parameter\n\n(since Maven `3.0.0-M1`)","advanced":true},{"name":"MAVEN_RELEASE_SCM_DEV_COMMENT","description":"Maven release plugin [scmDevelopmentCommitComment](https://maven.apache.org/maven-release/maven-release-plugin/prepare-mojo.html#scmDevelopmentCommitComment) parameter\n\n(since Maven `3.0.0-M1`)","advanced":true},{"name":"MVN_SEMREL_RELEASE_DISABLED","description":"Disable semantic-release integration","advanced":true},{"name":"GIT_USERNAME","description":"Git username (if you wish to release using Git credentials)","secret":true},{"name":"GIT_PASSWORD","description":"Git password (if you wish to release using Git credentials)","secret":true},{"name":"GIT_PRIVATE_KEY","description":"Git private SSH key (if you wish to release using SSH key or GitLab Deploy Key)","secret":true},{"name":"MAVEN_REPOSITORY_USERNAME","description":"Maven repository username (inject in your settings.xml as ${env.MAVEN_REPOSITORY_USERNAME})","secret":true},{"name":"MAVEN_REPOSITORY_PASSWORD","description":"Maven repository password (inject in your settings.xml as ${env.MAVEN_REPOSITORY_PASSWORD})","secret":true}]}],"variants":[{"id":"jib","name":"Jib","description":"Build Docker and OCI images for your Java applications with [Jib](https://github.com/GoogleContainerTools/jib)","template_path":"templates/gitlab-ci-maven-jib.yml","features":[{"id":"mvn-trivy","name":"Maven Trivy","description":"[Trivy](https://aquasecurity.github.io/trivy) vulnerability analysis","disable_with":"MAVEN_TRIVY_DISABLED","variables":[{"name":"MAVEN_TRIVY_IMAGE","description":"The docker image used to scan images with Trivy","default":"registry.hub.docker.com/aquasec/trivy:latest","advanced":true},{"name":"MAVEN_TRIVY_ARGS","description":"Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)","default":"--ignore-unfixed --vuln-type os","advanced":true}]},{"id":"mvn-sbom","name":"Maven Software Bill of Materials","description":"This job generates a file listing all dependencies using [syft](https://github.com/anchore/syft)","disable_with":"MAVEN_SBOM_DISABLED","variables":[{"name":"MAVEN_SBOM_IMAGE","default":"registry.hub.docker.com/anchore/syft:debug","advanced":true},{"name":"MAVEN_SBOM_OPTS","description":"Options for syft used for SBOM analysis","default":"--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,nix-store-cataloger,java","advanced":true}]}],"variables":[{"name":"MAVEN_JIB_SNAPSHOT_IMAGE","description":"Maven Jib Snapshot image","default":"$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"},{"name":"MAVEN_JIB_RELEASE_IMAGE","description":"Maven Jib Release image","default":"$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"},{"name":"MAVEN_SKOPEO_IMAGE","description":"The image used to publish images with Skopeo","default":"quay.io/skopeo/stable:latest","advanced":true},{"name":"MAVEN_JIB_BUILD_ARGS","description":"[Jib Maven Plugin arguments](https://github.com/GoogleContainerTools/jib/tree/master/jib-maven-plugin#extended-usage)","default":"-Djib.to.image=$MAVEN_JIB_SNAPSHOT_IMAGE"},{"name":"MAVEN_JIB_PROD_PUBLISH_STRATEGY","description":"Defines the publish to production strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"},{"name":"MAVEN_JIB_PUBLISH_ARGS","description":"Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)"}]}],"extension_id":null,"project":{"tag":"4.0.1","tags":["4.0.1","4.0.0","4.0","4","3.11.4","3.11.3","3.11.2","3.11.1","3.11.0","3.11","3.10.2","3.10.1","3.10.0","3.10","3.9.2","3.9.1","3.9.0","3.9","3.8.0","3.8","3.7.1","3.7.0","3.7","3.6.2","3.6.1","3.6.0","3.6","3.5.0","3.5","3.4.0","3.4","3.3.1","3.3.0","3.3","3.2.3","3.2.2","3.2.1","3.2.0","3.2","3.1.4","3.1.3","3.1.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.3.0","2.3","2.2.0","2.1.6","2.1.5","2.1.4","2.1.3","2.1.2","2.1.1","2.1.0","2.0.1","2.0.0","2","1.4.2","1.4.1","1.4.0","1.3.0","1.2.0","1.1.2","1.1.1","1.1.0","1.0.0"],"name":"maven","path":"to-be-continuous/maven","web_url":"https://gitlab.com/to-be-continuous/maven","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454233/logo.png"}},{"name":"MkDocs","description":"Build your static website with [MkDocs](https://www.mkdocs.org/)","template_path":"templates/gitlab-ci-mkdocs.yml","kind":"build","prefix":"mkd","job_prefix":"mkdocs","is_component":true,"variables":[{"name":"MKD_IMAGE","description":"The Docker image used to run MkDocs","default":"docker.io/squidfunk/mkdocs-material:latest"},{"name":"MKD_BUILD_ARGS","description":"Arguments used by the build job","advanced":true},{"name":"MKD_WORKSPACE_DIR","description":"MkDocs sources directory","default":".","advanced":true},{"name":"MKD_SITE_DIR","description":"MkDocs generated site directory (relative to `$MKD_WORKSPACE_DIR`)","default":"site","advanced":true},{"name":"MKD_REQUIREMENTS_FILE","description":"Requirements file. If the file is not found in the repository, requirements are read from the `MKD_REQUIREMENTS` variable","default":"requirements.txt","advanced":true},{"name":"MKD_REQUIREMENTS","description":"Space separated requirements (ignored if a requirement file is found)","default":"mkdocs","advanced":true},{"name":"MKD_PREBUILD_SCRIPT","description":"Pre-build hook script","default":"mkdocs-pre-build.sh","advanced":true},{"name":"PIP_OPTS","description":"pip extra [options](https://pip.pypa.io/en/stable/cli/pip/#general-options)","advanced":true}],"features":[{"id":"lychee","name":"lychee","description":"Checks broken links and emails with [lychee](https://github.com/lycheeverse/lychee)","enable_with":"MKD_LYCHEE_ENABLED","variables":[{"name":"MKD_LYCHEE_IMAGE","description":"The Docker image used to run [lychee](https://github.com/lycheeverse/lychee)","default":"docker.io/lycheeverse/lychee:latest","advanced":true},{"name":"MKD_LYCHEE_ARGS","description":"[lychee arguments](https://github.com/lycheeverse/lychee#commandline-parameters) to execute","default":"docs/"}]}],"variants":[{"id":"pages","name":"GitLab Pages","description":"Adds a job to publish the generated site to GitLab pages","template_path":"templates/gitlab-ci-mkdocs-pages.yml"}],"extension_id":null,"project":{"tag":"2.7.0","tags":["2.7.0","2.7","2.6.1","2.6.0","2.6","2.5.1","2.5.0","2.5","2.4.0","2.4","2.3.1","2.3.0","2.3","2.2.1","2.2.0","2.2","2.1.0","2.1","2.0.1","2.0.0","2.0","2","1.5.0","1.5","1.4.3","1.4.2","1.4.1","1.4.0","1.3.0","1.2.0","1.1.1","1.1.0","1.0.0","1"],"name":"mkdocs","path":"to-be-continuous/mkdocs","web_url":"https://gitlab.com/to-be-continuous/mkdocs","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26450936/logo.png"}},{"name":"MobSF","description":"Perform pen-testing, malware analysis and security assessment for mobile applications with [Mobile Security Framework](https://github.com/MobSF/Mobile-Security-Framework-MobSF) (MobSF)","template_path":"templates/gitlab-ci-mobsf.yml","kind":"analyse","prefix":"mobsf","is_component":true,"variables":[{"name":"MOBSF_CLIENT_IMAGE","description":"The Docker image used to send requests to the MobSF server","default":"registry.hub.docker.com/badouralix/curl-jq"},{"name":"MOBSF_SERVER_URL","description":"URL of MobSF server","mandatory":false},{"name":"MOBSF_API_KEY","description":"API key of the MobSF server","secret":true},{"name":"MOBSF_APP_FILE","description":"Application package file (APK or IPA)","mandatory":true}],"extension_id":null,"project":{"tag":"2.3.1","tags":["2.3.1","2.3.0","2.3","2.2.0","2.2","2.1.3","2.1.2","2.1.1","2.1.0","2.1","2.0.2","2.0.1","2.0.0","2.0","2","1.2.0","1.2","1.1.0","1.0.1","1.0.0","1"],"name":"mobsf","path":"to-be-continuous/mobsf","web_url":"https://gitlab.com/to-be-continuous/mobsf","avatar":"https://gitlab.com/uploads/-/system/project/avatar/29247375/logo.png"}},{"name":"Node.js","description":"Build, test and analyse your JavaScript/TypeScript/[Node.js](https://nodejs.org/) projects","template_path":"templates/gitlab-ci-node.yml","kind":"build","prefix":"node","is_component":true,"variables":[{"name":"NODE_CONFIG_REGISTRY","description":"npm [registry](https://docs.npmjs.com/cli/v8/using-npm/registry) ","type":"url","advanced":true},{"name":"NODE_IMAGE","description":"The Docker image used to run Node.js - **set the version required by your project**","default":"registry.hub.docker.com/library/node:lts-alpine"},{"name":"NODE_MANAGER","description":"The package manager used by your project (npm, yarn or pnpm) - **if undefined, automatic detection**","default":"auto","type":"enum","values":["auto","npm","yarn","pnpm"],"advanced":true},{"name":"NODE_PROJECT_DIR","description":"Node project root directory","default":".","advanced":true},{"name":"NODE_SOURCE_DIR","description":"Sources directory","default":"src","advanced":true},{"name":"NODE_CONFIG_SCOPED_REGISTRIES","description":"Space separated list of NPM [scoped registries](https://docs.npmjs.com/cli/v8/using-npm/scope#associating-a-scope-with-a-registry) (formatted as `@somescope:https://some.npm.registry/some/repo @anotherscope:https://another.npm.registry/another/repo`)","advanced":true},{"name":"NODE_BUILD_DISABLED","description":"Set to true to disable build","default":"false","type":"boolean","advanced":true},{"name":"NODE_BUILD_ARGS","description":"npm [run script](https://docs.npmjs.com/cli/v8/commands/npm-run-script) arguments - yarn [run script](https://classic.yarnpkg.com/en/docs/cli/run) arguments - pnpm [run script](https://pnpm.io/cli/run) arguments\n\n⚠ default value should be overridden for `pnpm` as `--prod` is not a valid option","default":"run build --prod","advanced":true},{"name":"NODE_BUILD_DIR","description":"Variable to define build directory","default":"dist","advanced":true},{"name":"NODE_TEST_ARGS","description":"npm [test](https://docs.npmjs.com/cli/v8/commands/npm-test) arguments - yarn [test](https://classic.yarnpkg.com/en/docs/cli/test) arguments - pnpm [test](https://pnpm.io/cli/test) arguments","default":"test -- --coverage","advanced":true},{"name":"NODE_INSTALL_EXTRA_OPTS","description":"Extra options to install project dependencies (either [`npm ci`](https://docs.npmjs.com/cli/ci.html/), [`yarn install`](https://yarnpkg.com/cli/install) or [`pnpm install`](https://pnpm.io/cli/install))","advanced":true}],"features":[{"id":"node-lint","name":"node lint","description":"code analysis with [ESLint](https://eslint.org/)","enable_with":"NODE_LINT_ENABLED","variables":[{"name":"NODE_LINT_ARGS","description":"npm [run script](https://docs.npmjs.com/cli/v8/commands/npm-run-script) arguments to execute the lint analysis - yarn [run script](https://classic.yarnpkg.com/en/docs/cli/run) arguments to execute the lint analysis - pnpm [run script](https://pnpm.io/cli/run) arguments to execute the lint analysis","default":"run lint","advanced":true}]},{"id":"node-audit","name":"node audit","description":"node audit analysis","disable_with":"NODE_AUDIT_DISABLED","variables":[{"name":"NODE_AUDIT_ARGS","description":"npm [audit](https://docs.npmjs.com/cli/v8/commands/npm-audit) arguments - yarn [audit](https://classic.yarnpkg.com/en/docs/cli/audit) arguments - [pnpm audit](https://pnpm.io/cli/audit) arguments","default":"--audit-level=low"}]},{"id":"node-outdated","name":"node outdated","description":"node outdated analysis","disable_with":"NODE_OUTDATED_DISABLED","variables":[{"name":"NODE_OUTDATED_ARGS","description":"npm [outdated](https://docs.npmjs.com/cli/v8/commands/npm-outdated) arguments - yarn [outdated](https://classic.yarnpkg.com/lang/en/docs/cli/outdated/) arguments - pnpm [outdated](https://pnpm.io/cli/outdated) arguments","default":"--long"}]},{"id":"node-semgrep","name":"Semgrep","description":"[Semgrep](https://semgrep.dev/docs/) analysis","disable_with":"NODE_SEMGREP_DISABLED","variables":[{"name":"NODE_SEMGREP_IMAGE","description":"The Docker image used to run [Semgrep](https://semgrep.dev/docs/)","default":"registry.hub.docker.com/semgrep/semgrep:latest"},{"name":"NODE_SEMGREP_ARGS","description":"Semgrep [scan options](https://semgrep.dev/docs/cli-reference#semgrep-scan-command-options)","default":"--metrics off --disable-version-check --no-suppress-errors"},{"name":"NODE_SEMGREP_RULES","description":"Space-separated list of [Semgrep rules](https://semgrep.dev/docs/running-rules).\n\nCan be both local YAML files or remote rules from the [Semgrep Registry](https://semgrep.dev/explore) (denoted by the `p/` prefix).","default":"p/javascript p/eslint p/gitlab-eslint"},{"name":"NODE_SEMGREP_REGISTRY_BASE_URL","description":"The Semgrep Registry base URL that is used to download the rules. No trailing slash.","default":"https://semgrep.dev/c"},{"name":"NODE_SEMGREP_DOWNLOAD_RULES_ENABLED","description":"Download Semgrep remote rules","type":"boolean","default":"true"}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [@cyclonedx/cyclonedx-npm](https://www.npmjs.com/package/@cyclonedx/cyclonedx-npm)","disable_with":"NODE_SBOM_DISABLED","variables":[{"name":"NODE_SBOM_VERSION","description":"Version of the @cyclonedx/cyclonedx-npm used for SBOM analysis","advanced":true},{"name":"NODE_SBOM_OPTS","description":"Options for @cyclonedx/cyclonedx-npm used for SBOM analysis","default":"--omit dev","advanced":true}]},{"id":"publish","name":"Publish","description":"[publishes](https://docs.npmjs.com/cli/v8/commands/npm-publish) the project package to a npm registry","enable_with":"NODE_PUBLISH_ENABLED","variables":[{"name":"NODE_PUBLISH_ARGS","description":"npm [publish](https://docs.npmjs.com/cli/v8/commands/npm-publish) extra arguments - yarn [publish](https://classic.yarnpkg.com/lang/en/docs/cli/publish/) extra arguments - pnpm [publish](https://pnpm.io/cli/publish) extra arguments","advanced":true},{"name":"NODE_PUBLISH_TOKEN","description":"npm publication registry authentication token","secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-node-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"4.1.1","tags":["4.1.1","4.1.0","4.1","4.0.3","4.0.2","4.0.1","4.0.0","4.0","4","3.15.2","3.15.1","3.15.0","3.15","3.14.0","3.14","3.13.0","3.13","3.12.3","3.12.2","3.12.1","3.12.0","3.12","3.11.1","3.11.0","3.11","3.10.1","3.10.0","3.10","3.9.0","3.9","3.8.0","3.8","3.7.1","3.7.0","3.7","3.6.0","3.6","3.5.3","3.5.2","3.5.1","3.5.0","3.5","3.4.2","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.1","3.0.0","3.0","3","2.4.0","2.4","2.3.0","2.3","2.2.0","2.1.0","2.0.2","2.0.1","2.0.0","2","1.2.0","1.1.1","1.1.0","1.0.0"],"name":"node","path":"to-be-continuous/node","web_url":"https://gitlab.com/to-be-continuous/node","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454237/logo.png"}},{"name":"OpenShift","description":"Deploy your application to an [OpenShift](https://www.openshift.com/) platform","template_path":"templates/gitlab-ci-openshift.yml","kind":"hosting","prefix":"os","is_component":true,"variables":[{"name":"OS_CLI_IMAGE","description":"the Docker image used to run OpenShift Client (OC) CLI commands - **set the version required by your OpenShift server**","default":"quay.io/openshift/origin-cli:latest"},{"name":"OS_URL","type":"url","description":"Global OpenShift API url","mandatory":true},{"name":"OS_TOKEN","description":"Global OpenShift API token","secret":true,"mandatory":true},{"name":"OS_BASE_APP_NAME","description":"Base application name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"OS_BASE_TEMPLATE_NAME","description":"Base OpenShift template name","default":"openshift","advanced":true},{"name":"OS_ENVIRONMENT_URL","type":"url","description":"The default environments url _(only define for static environment URLs declaration)_\n\n_supports late variable expansion (ex: `https://%{environment_name}.openshift.acme.com`)_"},{"name":"OS_SCRIPTS_DIR","description":"directory where OpenShift scripts (templates, hook scripts) are located","default":".","advanced":true},{"name":"OS_APP_LABEL","description":"The OpenShift [label](https://docs.openshift.com/container-platform/3.11/dev_guide/templates.html#writing-labels) set with the `$environment_name` dynamic variable.","default":"app","advanced":true},{"name":"OS_ENV_LABEL","description":"The OpenShift [label](https://docs.openshift.com/container-platform/3.11/dev_guide/templates.html#writing-labels) set with the `$environment_type` dynamic variable.","default":"env","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","variables":[{"name":"OS_REVIEW_PROJECT","description":"OpenShift project for review env","mandatory":true},{"name":"OS_REVIEW_APP_NAME","description":"The application name for review env (only define to override default)","advanced":true},{"name":"OS_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"},{"name":"OS_REVIEW_ENVIRONMENT_URL","type":"url","description":"The review environments url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"OS_REVIEW_URL","type":"url","description":"OpenShift API url for review env (only define to override default)","advanced":true},{"name":"OS_REVIEW_TOKEN","description":"OpenShift API token for review env (only define to override default)","secret":true},{"name":"CLEANUP_ALL_REVIEW","description":"Enables a **manual** job to cleanup all review envs at once.\n\nYou may also use it to [schedule](https://docs.gitlab.com/ci/pipelines/schedules/) cloud resources cleanup. See documentation.","type":"boolean"}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","variables":[{"name":"OS_INTEG_PROJECT","description":"OpenShift project for integration env","mandatory":true},{"name":"OS_INTEG_APP_NAME","description":"The application name for integration env (only define to override default)","advanced":true},{"name":"OS_INTEG_ENVIRONMENT_URL","type":"url","description":"The integration environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"OS_INTEG_URL","type":"url","description":"OpenShift API url for integration env (only define to override default)","advanced":true},{"name":"OS_INTEG_TOKEN","description":"OpenShift API token for integration env (only define to override default)","secret":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","variables":[{"name":"OS_STAGING_PROJECT","description":"OpenShift project for staging env","mandatory":true},{"name":"OS_STAGING_APP_NAME","description":"The application name for staging env (only define to override default)","advanced":true},{"name":"OS_STAGING_ENVIRONMENT_URL","type":"url","description":"The staging environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"OS_STAGING_URL","type":"url","description":"OpenShift API url for staging env (only define to override default)","advanced":true},{"name":"OS_STAGING_TOKEN","description":"OpenShift API token for staging env (only define to override default)","secret":true}]},{"id":"prod","name":"Production","description":"The production environment","variables":[{"name":"OS_PROD_PROJECT","description":"OpenShift project for production env","mandatory":true},{"name":"OS_PROD_APP_NAME","description":"The application name for production env (only define to override default)","advanced":true},{"name":"OS_PROD_ENVIRONMENT_URL","type":"url","description":"The production environment url _(only define for static environment URLs declaration and if different from default)_","advanced":true},{"name":"OS_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"OS_PROD_URL","type":"url","description":"OpenShift API url for production env (only define to override default)","advanced":true},{"name":"OS_PROD_TOKEN","description":"OpenShift API token for production env (only define to override default)","secret":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-openshift-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"5.2.3","tags":["5.2.3","5.2.2","5.2.1","5.2.0","5.2","5.1.0","5.1","5.0.1","5.0.0","5.0","5","4.1.0","4.1","4.0.0","4.0","4","3.1.0","3.1","3.0.0","3.0","3","2.2.5","2.2.4","2.2.3","2.2.2","2.2.1","2.2.0","2.2","2.1.0","2.1","2.0.0","2.0","2","1.4.0","1.4","1.3.0","1.3","1.2.7","1.2.6","1.2.5","1.2.4","1.2.3","1.2.2","1.2.1","1.2.0","1.1.0","1.0.0","1"],"name":"openshift","path":"to-be-continuous/openshift","web_url":"https://gitlab.com/to-be-continuous/openshift","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454239/logo.png"}},{"name":"PHP","description":"Build, test and analyse your [PHP](https://www.php.net/) projects","template_path":"templates/gitlab-ci-php.yml","kind":"build","prefix":"php","is_component":true,"variables":[{"name":"PHP_IMAGE","description":"The Docker image used to run PHP - **set the version required by your project**","default":"registry.hub.docker.com/library/php:latest"},{"name":"PHP_PROJECT_DIR","description":"The PHP project root directory","default":".","advanced":true}],"features":[{"id":"phpunit","name":"PHPUnit","description":"[PHPUnit](https://docs.phpunit.de/) tests\n\nAutomatically enabled if a PHPUnit [XML configuration file](https://docs.phpunit.de/en/11.5/configuration.html#appendixes-configuration) is found in the project (`phpunit.xml`)","disable_with":"PHP_UNIT_DISABLED","variables":[{"name":"PHP_UNIT_ARGS","description":"Additional PHPUnit [options](https://docs.phpunit.de/en/11.5/textui.html#command-line-options)","advanced":true}]},{"id":"codesniffer","name":"PHP_CodeSniffer","description":"[PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) analysis","disable_with":"PHP_CODESNIFFER_DISABLED","variables":[{"name":"PHP_CODESNIFFER_ARGS","description":"PHP_CodeSniffer [options](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Configuration-Options)\n\nEither use this variable or use an [XML configuration file](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Advanced-Usage#using-a-default-configuration-file) in your project.","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [@cyclonedx/cyclonedx-php](https://github.com/CycloneDX/cyclonedx-php-composer)","disable_with":"PHP_SBOM_DISABLED","variables":[{"name":"PHP_SBOM_VERSION","description":"Version of the cyclonedx-php-composer used for SBOM analysis","advanced":true},{"name":"PHP_SBOM_OPTS","description":"[`cyclonedx/cyclonedx-php` options](https://github.com/CycloneDX/cyclonedx-php-composer#usage) used for SBOM analysis","advanced":true}]},{"id":"outdated","name":"composer outdated","description":"Shows the list of installed packages that have updates available (uses [`composer outdated`](https://getcomposer.org/doc/03-cli.md#outdated))","variables":[{"name":"PHP_OUTDATED_OPTS","description":"[`composer outdated` options](https://getcomposer.org/doc/03-cli.md#outdated)","default":"--direct","advanced":true}]},{"id":"audit","name":"composer audit","description":" Scan your dependencies for vulnerabilities with [`composer audit`](https://getcomposer.org/doc/03-cli.md#audit)","disable_with":"PHP_COMPOSER_AUDIT_DISABLED","variables":[{"name":"PHP_COMPOSER_AUDIT_OPTS","description":"[`composer audit` options](https://getcomposer.org/doc/03-cli.md#audit)","default":"--locked","advanced":true}]}],"extension_id":null,"project":{"tag":"4.8.0","tags":["4.8.0","4.8","4.7.1","4.7.0","4.7","4.6.0","4.6","4.5.0","4.5","4.4.2","4.4.1","4.4.0","4.4","4.3.0","4.3","4.2.2","4.2.1","4.2.0","4.2","4.1.0","4.1","4.0.0","4.0","4","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.2.1","1.2.0","1.1.1","1.1.0","1.0.0"],"name":"php","path":"to-be-continuous/php","web_url":"https://gitlab.com/to-be-continuous/php","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454241/logo.png"}},{"name":"Playwright","description":"Run your automated tests with [Playwright](https://playwright.dev/docs/intro)","template_path":"templates/gitlab-ci-playwright.yml","kind":"acceptance","prefix":"playwright","is_component":true,"variables":[{"name":"PLAYWRIGHT_IMAGE","description":"The Docker image used to run Playwright","default":"mcr.microsoft.com/playwright:latest"},{"name":"PLAYWRIGHT_PROJECT_DIR","description":"The Playwright root project directory (contains the `playwright.config.ts` file)","default":"."},{"name":"PLAYWRIGHT_EXTRA_ARGS","description":"Playwright extra [run options](https://playwright.dev/docs/test-cli)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Playwright tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"},{"name":"NODE_INSTALL_EXTRA_OPTS","description":"Extra [`npm ci`](https://docs.npmjs.com/cli/ci.html/) options to install project dependencies","type":"text"}],"extension_id":null,"project":{"tag":"1.4.0","tags":["1.4.0","1.4","1.3.1","1.3.0","1.3","1.2.0","1.2","1.1.0","1.1","1.0.0","1.0","1"],"name":"playwright","path":"to-be-continuous/playwright","web_url":"https://gitlab.com/to-be-continuous/playwright","avatar":"https://gitlab.com/uploads/-/system/project/avatar/51928175/logo.png"}},{"name":"Postman","description":"Run your automated (API) tests with [Postman](https://www.postman.com/automated-testing)","template_path":"templates/gitlab-ci-postman.yml","kind":"acceptance","prefix":"postman","is_component":true,"variables":[{"name":"POSTMAN_IMAGE","description":"The Docker image used to run Postman CLI.","default":"registry.hub.docker.com/postman/newman:latest"},{"name":"POSTMAN_COLLECTIONS","description":"The matcher to select Postman collection file(s) to run.","default":"postman/*collection.json"},{"name":"POSTMAN_EXTRA_ARGS","description":"Newman extra [run options](https://github.com/postmanlabs/newman#command-line-options) (to use global variables, an environment or a data source for e.g.)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Postman tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.6.0","tags":["3.6.0","3.6","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.2","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.0"],"name":"postman","path":"to-be-continuous/postman","web_url":"https://gitlab.com/to-be-continuous/postman","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454247/logo.png"}},{"name":"pre-commit","description":"Test your [pre-commit](https://pre-commit.com/) hooks in CI","template_path":"templates/gitlab-ci-pre-commit.yml","kind":"build","prefix":"pre-commit","is_component":true,"variables":[{"name":"PRE_COMMIT_IMAGE","description":"The Docker image used to run `pre-commit`\n\n:information_source: You may build your own pre-configured image to speed-up things and prevent the tool and plugins from being pip-installed (see documentation).","default":"registry.hub.docker.com/library/python:3-alpine"}],"features":[{"id":"pre-commit-run","name":"pre-commit run","description":"[pre-commit](https://pre-commit.com/) analysis","disable_with":"PRE_COMMIT_DISABLED","variables":[{"name":"PRE_COMMIT_ARGS","description":"Additionnal arguments for the `pre-commit run` command","advanced":true},{"name":"PRE_COMMIT_SKIP","description":"pre-commit `SKIP` environment variable that allows to disable some hooks (see https://pre-commit.com/#temporarily-disabling-hooks)","default":"no-commit-to-branch","advanced":true},{"name":"PRE_COMMIT_FILE","description":"pre-commit config file to use for the `pre-commit run` command","default":".pre-commit-ci.yaml","advanced":true}]}],"extension_id":null,"project":{"tag":"1.1.1","tags":["1.1.1","1.1.0","1.1","1.0.2","1.0.1","1.0.0","1.0","1"],"name":"pre-commit","path":"to-be-continuous/pre-commit","web_url":"https://gitlab.com/to-be-continuous/pre-commit","avatar":"https://gitlab.com/uploads/-/system/project/avatar/56753211/logo.png"}},{"name":"Puppeteer","description":"Run your automated (web) tests with [Puppeteer](https://pptr.dev/)","template_path":"templates/gitlab-ci-puppeteer.yml","kind":"acceptance","prefix":"puppeteer","is_component":true,"variables":[{"name":"PUPPETEER_IMAGE","description":"The Docker image used to run [Puppeteer](https://hub.docker.com/r/ghcr.io/puppeteer/puppeteer)","default":"ghcr.io/puppeteer/puppeteer:latest"},{"name":"PUPPETEER_PROJECT_DIR","description":"The Puppeteer project directory (containing `package.json`)","default":"."},{"name":"PUPPETEER_TEST_EXTRA_ARGS","description":"Testing framework extra options based on [Jest](https://jestjs.io/docs/en/cli)","advanced":true},{"name":"REVIEW_ENABLED","description":"Set to enable Puppeteer tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.6.0","tags":["3.6.0","3.6","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.0"],"name":"puppeteer","path":"to-be-continuous/puppeteer","web_url":"https://gitlab.com/to-be-continuous/puppeteer","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454250/logo.png"}},{"name":"Python","description":"Build, test and analyse your [Python](https://www.python.org/) projects","template_path":"templates/gitlab-ci-python.yml","kind":"build","prefix":"python","job_prefix":"py","is_component":true,"variables":[{"name":"PYTHON_IMAGE","description":"The Docker image used to run Python - **set the version required by your project**","default":"registry.hub.docker.com/library/python:3-slim"},{"name":"PYTHON_PROJECT_DIR","description":"Python project root directory","default":"."},{"name":"PYTHON_BUILD_SYSTEM","description":"Python build-system to use to install dependencies, build and package the project","type":"enum","values":["auto","setuptools","poetry","pipenv","reqfile","uv"],"default":"auto","advanced":true},{"name":"PYTHON_REQS_FILE","description":"Main requirements file _(relative to `$PYTHON_PROJECT_DIR`)_\n\nFor [Requirements Files](https://pip.pypa.io/en/stable/user_guide/#requirements-files) build-system only","default":"requirements.txt","advanced":true},{"name":"PYTHON_EXTRA_REQS_FILES","description":"Extra dev requirements file(s) to install _(relative to `$PYTHON_PROJECT_DIR`)_\n\nFor [Requirements Files](https://pip.pypa.io/en/stable/user_guide/#requirements-files) build-system only","default":"requirements-dev.txt","advanced":true},{"name":"PYTHON_COMPILE_ARGS","description":"[`compileall` CLI options](https://docs.python.org/3/library/compileall.html)","default":"*","advanced":true},{"name":"PIP_OPTS","description":"pip extra [options](https://pip.pypa.io/en/stable/cli/pip/#general-options)","advanced":true},{"name":"PYTHON_EXTRA_DEPS","description":"Extra sets of dependencies to install\n\nFor [Setuptools](https://setuptools.pypa.io/en/latest/userguide/dependency_management.html?highlight=extras#optional-dependencies) or [Poetry](https://python-poetry.org/docs/pyproject/#extras) only"}],"features":[{"id":"package","name":"package","description":"This job allows building your Python project [distribution packages](https://packaging.python.org/en/latest/glossary/#term-Distribution-Package).","enable_with":"PYTHON_PACKAGE_ENABLED"},{"id":"pylint","name":"pylint","description":"Code analysis based on [pylint](http://pylint.pycqa.org/en/latest/) Python lib.","enable_with":"PYLINT_ENABLED","variables":[{"name":"PYLINT_ARGS","description":"Additional [pylint CLI options](http://pylint.pycqa.org/en/latest/user_guide/run.html#command-line-options)","advanced":true},{"name":"PYLINT_FILES","description":"Files or directories to analyse","advanced":true}]},{"id":"unittest","name":"unittest","description":"Unit tests based on [unittest](https://docs.python.org/3/library/unittest.html) framework","enable_with":"UNITTEST_ENABLED","variables":[{"name":"UNITTEST_ARGS","description":"Additional xmlrunner/unittest CLI options","advanced":true}]},{"id":"pytest","name":"pytest","description":"Unit tests based on [pytest](https://docs.pytest.org/) framework","enable_with":"PYTEST_ENABLED","variables":[{"name":"PYTEST_ARGS","description":"Additional [pytest](https://docs.pytest.org/en/stable/usage.html) or [pytest-cov](https://github.com/pytest-dev/pytest-cov#usage) CLI options","advanced":true}]},{"id":"nose","name":"nose","description":"Unit tests based on [nose](https://nose.readthedocs.io/) framework","enable_with":"NOSETESTS_ENABLED","variables":[{"name":"NOSETESTS_ARGS","description":"Additional [nose CLI options](https://nose.readthedocs.io/en/latest/usage.html#options)","advanced":true}]},{"id":"bandit","name":"Bandit","description":"[Bandit](https://pypi.org/project/bandit/) analysis (SAST)","enable_with":"BANDIT_ENABLED","variables":[{"name":"BANDIT_ARGS","description":"Additional [Bandit CLI options](https://github.com/PyCQA/bandit#usage)","default":"--recursive .","advanced":true}]},{"id":"trivy","name":"Trivy","description":"Detect security vulnerabilities with [Trivy](https://aquasecurity.github.io/trivy) (dependencies analysis)","disable_with":"PYTHON_TRIVY_DISABLED","variables":[{"name":"PYTHON_TRIVY_DIST_URL","description":"Url to the `tar.gz` package for `linux_amd64` of Trivy to use\n\n_When unset, the latest version will be used_","advanced":true},{"name":"PYTHON_TRIVY_ARGS","description":"Additional [Trivy CLI options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_filesystem/)","default":"--ignore-unfixed --pkg-types library --detection-priority comprehensive","advanced":true}]},{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [syft](https://github.com/anchore/syft)","disable_with":"PYTHON_SBOM_DISABLED","variables":[{"name":"PYTHON_SBOM_SYFT_URL","description":"Url to the `tar.gz` package for `linux_amd64` of Syft to use\n\n_When unset, the latest version will be used_","advanced":true},{"name":"PYTHON_SBOM_NAME","description":"Component name of the emitted SBOM","default":"$CI_PROJECT_PATH/$PYTHON_PROJECT_DIR","advanced":true},{"name":"PYTHON_SBOM_OPTS","description":"Options for syft used for SBOM analysis","default":"--override-default-catalogers python-package-cataloger","advanced":true}]},{"id":"release","name":"Release","description":"Manually trigger a release of your code (uses [bumpversion](https://pypi.org/project/bumpversion/))","enable_with":"PYTHON_RELEASE_ENABLED","variables":[{"name":"PYTHON_RELEASE_NEXT","type":"enum","values":["","major","minor","patch"],"description":"The part of the version to increase (one of: `major`, `minor`, `patch`)","default":"minor","advanced":true},{"name":"PYTHON_SEMREL_RELEASE_DISABLED","description":"Disable semantic-release integration","type":"boolean","advanced":true},{"name":"PYTHON_RELEASE_COMMIT_MESSAGE","description":"The Git commit message to use on the release commit. This is templated using the [Python Format String Syntax](http://docs.python.org/2/library/string.html#format-string-syntax). Available in the template context are current_version and new_version.","default":"chore(python-release): {current_version} → {new_version}","advanced":true},{"name":"GIT_USERNAME","description":"Git username for Git push operations","secret":true},{"name":"GIT_PASSWORD","description":"Git password for Git push operations","secret":true},{"name":"GIT_PRIVATE_KEY","description":"SSH key for Git push operations","secret":true},{"name":"PYTHON_REPOSITORY_URL","type":"url","description":"Target PyPI repository to publish packages.\n\n_defaults to [GitLab project's packages repository](https://docs.gitlab.com/user/packages/pypi_repository/)_","default":"${CI_SERVER_URL}/api/v4/projects/${CI_PROJECT_ID}/packages/pypi"},{"name":"PYTHON_REPOSITORY_USERNAME","description":"Target PyPI repository username credential","secret":true,"default":"gitlab-ci-token"},{"name":"PYTHON_REPOSITORY_PASSWORD","description":"Target PyPI repository password credential","secret":true,"default":"$CI_JOB_TOKEN"}]},{"id":"black","name":"black","description":"Code formatting based on [black](https://black.readthedocs.io)","enable_with":"PYTHON_BLACK_ENABLED"},{"id":"isort","name":"isort","description":"Check imports order with [isort](https://pycqa.github.io/isort)","enable_with":"PYTHON_ISORT_ENABLED"},{"id":"ruff","name":"Ruff","description":"An extremely fast Python linter and code formatter, written in Rust. [Ruff](https://docs.astral.sh/ruff/)","enable_with":"RUFF_ENABLED","variables":[{"name":"RUFF_ARGS","description":"Additional [Ruff Linter CLI options](https://docs.astral.sh/ruff/configuration/#full-command-line-interface)","advanced":true}]},{"id":"ruff-format","name":"Ruff Format","description":"An extremely fast Python linter and code formatter, written in Rust. [Ruff](https://docs.astral.sh/ruff/)","enable_with":"RUFF_FORMAT_ENABLED","variables":[]},{"id":"mypy","name":"mypy","description":"Code analysis based on [mypy](https://mypy.readthedocs.io/).","enable_with":"MYPY_ENABLED","variables":[{"name":"MYPY_ARGS","description":"Additional [mypy CLI options](https://mypy.readthedocs.io/en/stable/command_line.html)","advanced":true},{"name":"MYPY_FILES","description":"Files or directories to analyse","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-python-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp-auth-provider","name":"Google Cloud","description":"Retrieves an [ADC](https://cloud.google.com/docs/authentication/application-default-credentials) for Python Google Client","template_path":"templates/gitlab-ci-python-gcp.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/google_cloud/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)"}]},{"id":"aws-codeartifact","name":"AWS CodeArtifact","description":"Retrieves AWS CodeArtifact credentials","template_path":"templates/gitlab-ci-python-aws-codeartifact.yml","variables":[{"name":"TBC_AWS_PROVIDER_IMAGE","description":"The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest","advanced":true},{"name":"AWS_REGION","description":"Default region (where the codeartifact repository is located)"},{"name":"AWS_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"AWS_OIDC_ROLE_ARN","description":"Default IAM Role ARN associated with GitLab _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_"},{"name":"AWS_ACCESS_KEY_ID","description":"Default access key ID (only required for basic authentication)","secret":true,"advanced":true},{"name":"AWS_SECRET_ACCESS_KEY","description":"Default secret access key (only required for basic authentication)","secret":true,"advanced":true},{"name":"AWS_CODEARTIFACT_DOMAIN","description":"The AWS CodeArtifact domain","mandatory":true},{"name":"AWS_CODEARTIFACT_DOMAIN_OWNER","description":"The AWS CodeArtifact domain owner","mandatory":true},{"name":"AWS_CODEARTIFACT_REPOSITORY","description":"The AWS CodeArtifact repository","mandatory":true}]}],"extension_id":null,"project":{"tag":"7.5.2","tags":["7.5.2","7.5.1","7.5.0","7.5","7.4.0","7.3.3","7.3.2","7.3.1","7.3.0","7.3","7.2.0","7.2","7.1.1","7.1.0","7.1","7.0.2","7.0.1","7.0.0","7.0","7","6.11.1","6.11.0","6.11","6.10.0","6.10","6.9.0","6.9","6.8.1","6.8.0","6.8","6.7.0","6.7","6.6.5","6.6.4","6.6.3","6.6.2","6.6.1","6.6.0","6.6","6.5.0","6.5","6.4.1","6.4.0","6.4","6.3.5","6.3.4","6.3.3","6.3.2","6.3.1","6.3.0","6.3","6.2.0","6.2","6.1.5","6.1.4","6.1.3","6.1.2","6.1.1","6.1.0","6.1","6.0.2","6.0.1","6.0.0","6.0","6","5.1.0","5.1","5.0.0","5.0","5","4.2.0","4.2","4.1.1","4.1.0","4.1","4.0.1","4.0.0","4","3.2.1","3.2.0","3.1.1","3.1.0","3.0.1","3.0.0","2.2.0","2.1.1","2.1.0","2.0.3","2.0.2","2.0.1","2.0.0","1.3.0","1.2.3","1.2.2","1.2.1","1.2.0","1.1.0","1.0.0"],"name":"python","path":"to-be-continuous/python","web_url":"https://gitlab.com/to-be-continuous/python","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454253/logo.png"}},{"name":"Renovate","description":"Automate your dependency updates with [Renovate](https://www.mend.io/renovate/)","template_path":"templates/gitlab-ci-renovate.yml","kind":"misc","prefix":"renovate","is_component":true,"variables":[{"name":"RENOVATE_IMAGE","description":"The Docker image used to run Renovate","default":"registry.hub.docker.com/renovate/renovate:latest"},{"name":"RENOVATE_ONBOARDING_CONFIG","description":"Renovate configuration to use for onboarding PRs","default":"{\n \"$$schema\": \"https://docs.renovatebot.com/renovate-schema.json\",\n \"extends\": [\n \"config:recommended\",\n \":dependencyDashboard\"\n ],\n \"labels\": [\n \"dependencies\"\n ],\n \"customManagers\": [\n {\n \"customType\": \"regex\",\n \"fileMatch\": [ \"\\\\.gitlab-ci\\\\.ya?ml$\" ], \n \"matchStrings\": [ \"\\\\s?_IMAGE:\\\\s['\\\"](?<registryUrls>.*?)\\\\/(?<depName>.*?):(?<currentValue>.*)['\\\"]\" ], \n \"datasourceTemplate\": \"docker\" \n },\n {\n \"customType\": \"regex\",\n \"fileMatch\": [ \"\\\\.gitlab-ci\\\\.ya?ml$\" ], \n \"matchStrings\": [ \"\\\\s?image:\\\\s['\\\"](?<registryUrls>.*?)\\\\/(?<depName>.*?):(?<currentValue>.*)['\\\"]\" ], \n \"datasourceTemplate\": \"docker\" \n }\n ] \n}"},{"name":"RENOVATE_TOKEN","description":"A GitLab access token to allow Renovate crawl your projects. [See doc](https://docs.renovatebot.com/modules/platform/gitlab/#authentication)","secret":true},{"name":"GITHUB_COM_TOKEN","description":"A GitHub access token to allow Renovate fetch changelogs. [See doc](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs)","secret":true}],"extension_id":null,"project":{"tag":"1.4.1","tags":["1.4.1","1.4.0","1.4","1.3.0","1.3","1.2.2","1.2.1","1.2.0","1.2","1.1.0","1.1","1.0.0","1.0","1"],"name":"renovate","path":"to-be-continuous/renovate","web_url":"https://gitlab.com/to-be-continuous/renovate","avatar":"https://gitlab.com/uploads/-/system/project/avatar/48678619/logo.png"}},{"name":"Robot Framework","description":"Run your automated tests with [Robot Framework](https://robotframework.org/)","template_path":"templates/gitlab-ci-robotframework.yml","kind":"acceptance","prefix":"robot","job_prefix":"robotframework","is_component":true,"variables":[{"name":"ROBOT_BASE_IMAGE","description":"The Docker image used to run Robot frame work CLI","default":"registry.hub.docker.com/ppodgorsek/robot-framework:latest"},{"name":"ROBOT_TESTS_DIR","description":"Path to Robot Framework tests directory","default":"robot"},{"name":"ROBOT_BROWSER","description":"Browser to use","default":"firefox","type":"enum","values":["firefox","chrome"]},{"name":"ROBOT_OPTIONS","description":"Robot Framework [additional options](http://robotframework.org/robotframework/latest/RobotFrameworkUserGuide.html#all-command-line-options)","advanced":true},{"name":"ROBOT_THREADS","description":"Number of threads to execute Robot Framework tests (uses [Pabot](https://pabot.org/) if > `1`)","default":"1","type":"number","advanced":true},{"name":"PABOT_OPTIONS","description":"Pabot [additional options](https://github.com/mkorpela/pabot#command-line-options) (if `ROBOT_THREADS` > `1`)","advanced":true},{"name":"ROBOT_SCREEN_COLOUR_DEPTH","description":"Screen colour depth for X Window Virtual Framebuffer","type":"number","default":"24"},{"name":"ROBOT_SCREEN_HEIGHT","description":"Screen height for X Window Virtual Framebuffer","type":"number","default":"1080"},{"name":"ROBOT_SCREEN_WIDTH","description":"Screen width for X Window Virtual Framebuffer","type":"number","default":"1920"},{"name":"REVIEW_ENABLED","description":"Set to enable Robot Framework tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"features":[{"id":"lint","name":"robotframework-lint","description":"This job performs a [Lint](https://github.com/boakley/robotframework-lint/) analysis on your `Robot Framework files`.","disable_with":"ROBOT_LINT_DISABLED"}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-robotframework-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"4.3.0","tags":["4.3.0","4.3","4.2.2","4.2.1","4.2.0","4.2","4.1.0","4.1","4.0.1","4.0.0","4.0","4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.2","2.0.1","2.0.0","2","1.3.0","1.2.0","1.1.0","1.0.0"],"name":"robotframework","path":"to-be-continuous/robotframework","web_url":"https://gitlab.com/to-be-continuous/robotframework","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26546374/logo.png"}},{"name":"Source-to-Image","description":"Build reproducible container images from your source code with [Source-to-Image](https://github.com/openshift/source-to-image) (S2I)","template_path":"templates/gitlab-ci-s2i.yml","kind":"package","prefix":"s2i","is_component":true,"variables":[{"name":"S2I_DIND_IMAGE","description":"The image used to run the Docker daemon","default":"registry.hub.docker.com/library/docker:dind"},{"name":"S2I_SKOPEO_IMAGE","description":"The image used to push the built container image with Skopeo","default":"quay.io/skopeo/stable:latest"},{"name":"S2I_VERSION","description":"The target S2I version to install/use","default":"latest","advanced":true},{"name":"S2I_PLATFORM","description":"The target S2I platform to install/use","default":"linux-386","advanced":true},{"name":"S2I_BUILDER_IMAGE","description":"The S2I [builder image](https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md) used to build your application image","mandatory":true},{"name":"S2I_ROOT_DIR","description":"Relative path to the application source code base directory in your repository","default":".","advanced":true},{"name":"S2I_BUILD_EXTRA_FLAGS","description":"S2I build [extra flags](https://github.com/openshift/source-to-image/blob/master/docs/cli.md#s2i-build)","advanced":true},{"name":"S2I_SNAPSHOT_IMAGE","description":"S2I snapshot image","default":"$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"},{"name":"S2I_RELEASE_IMAGE","description":"S2I release image","default":"$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"},{"name":"S2I_PUBLISH_ARGS","description":"Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)","advanced":true},{"name":"S2I_PROD_PUBLISH_STRATEGY","description":"Defines the publish to production strategy.","type":"enum","values":["none","manual","auto"],"default":"manual"},{"name":"S2I_RELEASE_EXTRA_TAGS_PATTERN","description":"Defines the image tag pattern that `$S2I_RELEASE_IMAGE` should match to push extra tags (supports capturing groups)\n\nDefaults to [SemVer](https://semver.org/) pattern.","default":"^v?(?P<major>[0-9]+)\\.(?P<minor>[0-9]+)\\.(?P<patch>[0-9]+)(?P<suffix>(?P<prerelease>-[0-9A-Za-z-\\.]+)?(?P<build>\\+[0-9A-Za-z-\\.]+)?)$","advanced":true},{"name":"S2I_RELEASE_EXTRA_TAGS","description":"Defines extra tags to publish the _release_ image\n\nSupports capturing group references from `$S2I_RELEASE_EXTRA_TAGS_PATTERN` (ex: `latest \\g<major>.\\g<minor> \\g<major>`)","advanced":true},{"name":"S2I_SEMREL_RELEASE_DISABLED","description":"Disable integration with the [semantic release template](https://gitlab.com/to-be-continuous/semantic-release/)","type":"boolean"}],"extension_id":null,"project":{"tag":"1.1.1","tags":["1.1.1","1.1.0","1.1","1.0.1","1.0.0","1.0","1"],"name":"s2i","path":"to-be-continuous/s2i","web_url":"https://gitlab.com/to-be-continuous/s2i","avatar":"https://gitlab.com/uploads/-/system/project/avatar/48540470/logo.png"}},{"name":"S3 (Simple Storage Service)","description":"Deploy your objects to any [S3](https://en.wikipedia.org/wiki/Amazon_S3) (Simple Storage Service) compatible object storage service","template_path":"templates/gitlab-ci-s3.yml","kind":"hosting","prefix":"s3","is_component":true,"variables":[{"name":"S3_CMD_IMAGE","description":"The Docker image used to run [s3cmd](https://s3tools.org/usage) commands","advanced":true,"default":"registry.hub.docker.com/d3fk/s3cmd:latest"},{"name":"S3_ENDPOINT_HOST","description":"Default S3 endpoint hostname (with port)","default":"s3.amazonaws.com","mandatory":true},{"name":"S3_HOST_BUCKET","description":"Default DNS-style bucket+hostname:port template for accessing a bucket","default":"%(bucket)s.$S3_ENDPOINT_HOST","mandatory":true},{"name":"S3_REGION","description":"Default region to create the buckets in (if not defined, the template won't create any)"},{"name":"S3_ACCESS_KEY","description":"Default S3 service Access Key","secret":true,"mandatory":true},{"name":"S3_SECRET_KEY","description":"Default S3 service Secret Key","secret":true,"mandatory":true},{"name":"S3_BASE_BUCKET_NAME","description":"Base bucket name","default":"$CI_PROJECT_NAME","advanced":true},{"name":"S3_DEPLOY_ARGS","description":"[s3cmd](https://s3tools.org/usage) command and options to deploy files to the bucket","default":"sync --recursive --delete-removed --acl-public --no-mime-magic --guess-mime-type","advanced":true},{"name":"S3_DEPLOY_FILES","description":"Pattern(s) of files to deploy to the S3 bucket","default":"public/"},{"name":"S3_WEBSITE_DISABLED","description":"Disables WebSite hosting by your S3 bucket","type":"boolean"},{"name":"S3_WEBSITE_ENDPOINT","description":"Default WebSite endpoint url pattern (supports `%(bucket)s` and `%(location)s` placeholders)","default":"http://%(bucket)s.s3-website.%(location)s.amazonaws.com"},{"name":"S3_WEBSITE_ARGS","description":"[s3cmd](https://s3tools.org/usage) command and options to enable WebSite hosting on the bucket","default":"ws-create --ws-index=index.html --ws-error=404.html","advanced":true},{"name":"S3_PREFIX","description":"Default S3 prefix to use as a root destination to upload objects in the S3 bucket"},{"name":"S3_SCRIPTS_DIR","description":"Directory where S3 hook scripts are located","default":".","advanced":true}],"features":[{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","disable_with":"S3_REVIEW_DISABLED","variables":[{"name":"S3_REVIEW_ENDPOINT_HOST","description":"S3 endpoint hostname (with port) for `review` env _(only define to override default)_"},{"name":"S3_REVIEW_REGION","description":"Region to create the `review` buckets in (if not defined, the template won't create any)"},{"name":"S3_REVIEW_ACCESS_KEY","description":"S3 service Access Key for `review` env (only define to override default)","secret":true},{"name":"S3_REVIEW_SECRET_KEY","description":"S3 service Secret Key for `review` env (only define to override default)","secret":true},{"name":"S3_REVIEW_BUCKET_NAME","description":"Bucket name for `review` env _(only define to override default)_","advanced":true},{"name":"CLEANUP_ALL_REVIEW","description":"Enables a **manual** job to cleanup all review envs at once.\n\nYou may also use it to [schedule](https://docs.gitlab.com/ci/pipelines/schedules/) cloud resources cleanup. See documentation.","type":"boolean"},{"name":"S3_REVIEW_PREFIX","description":"S3 prefix to use for `review` env _(only define to override default)_","advanced":true},{"name":"S3_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","disable_with":"S3_INTEG_DISABLED","variables":[{"name":"S3_INTEG_ENDPOINT_HOST","description":"S3 endpoint hostname (with port) for `integration` env _(only define to override default)_"},{"name":"S3_INTEG_REGION","description":"Region to create the `integration` bucket in"},{"name":"S3_INTEG_ACCESS_KEY","description":"S3 service Access Key for `integration` env (only define to override default)","secret":true},{"name":"S3_INTEG_SECRET_KEY","description":"S3 service Secret Key for `integration` env (only define to override default)","secret":true},{"name":"S3_INTEG_BUCKET_NAME","description":"Bucket name for `integration` env _(only define to override default)_","advanced":true},{"name":"S3_INTEG_PREFIX","description":"S3 prefix to use for `integration` env _(only define to override default)_","advanced":true}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","disable_with":"S3_STAGING_DISABLED","variables":[{"name":"S3_STAGING_ENDPOINT_HOST","description":"S3 endpoint hostname (with port) for `staging` env _(only define to override default)_"},{"name":"S3_STAGING_REGION","description":"Region to create the `staging` bucket in"},{"name":"S3_STAGING_ACCESS_KEY","description":"S3 service Access Key for `staging` env (only define to override default)","secret":true},{"name":"S3_STAGING_SECRET_KEY","description":"S3 service Secret Key for `staging` env (only define to override default)","secret":true},{"name":"S3_STAGING_BUCKET_NAME","description":"Bucket name for `staging` env _(only define to override default)_","advanced":true},{"name":"S3_STAGING_PREFIX","description":"S3 prefix to use for `staging` env _(only define to override default)_","advanced":true}]},{"id":"prod","name":"Production","description":"The production environment","disable_with":"S3_PROD_DISABLED","variables":[{"name":"S3_PROD_ENDPOINT_HOST","description":"S3 endpoint hostname (with port) for `production` env _(only define to override default)_"},{"name":"S3_PROD_REGION","description":"Region to create the `production` bucket in"},{"name":"S3_PROD_ACCESS_KEY","description":"S3 service Access Key for `production` env (only define to override default)","secret":true},{"name":"S3_PROD_SECRET_KEY","description":"S3 service Secret Key for `production` env (only define to override default)","secret":true},{"name":"S3_PROD_BUCKET_NAME","description":"Bucket name for `production` env _(only define to override default)_","advanced":true},{"name":"S3_PROD_DEPLOY_STRATEGY","description":"Defines the deployment to production strategy.","type":"enum","values":["manual","auto"],"default":"manual"},{"name":"S3_PROD_PREFIX","description":"S3 prefix to use for `production` env _(only define to override default)_","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-s3-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"7.2.3","tags":["7.2.3","7.2.2","7.2.1","7.2.0","7.2","7.1.0","7.1","7.0.1","7.0.0","7.0","7","6.0.0","6.0","6","5.2.0","5.2","5.1.0","5.1","5.0.0","5.0","5","4.1.1","4.1.0","4.1","4.0.0","4.0","4","3.0.0","3.0","3","2.3.0","2.3","2.2.0","2.2","2.1.5","2.1.4","2.1.3","2.1.2","2.1.1","2.1.0","2.0.0","2","1.2.1","1.2.0","1.1.0","1.0.0"],"name":"s3","path":"to-be-continuous/s3","web_url":"https://gitlab.com/to-be-continuous/s3","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26450933/logo.png"}},{"name":"Scala/SBT","description":"Build, test and analyse your [sbt](https://www.scala-sbt.org/)-based projects","template_path":"templates/gitlab-ci-sbt.yml","kind":"build","prefix":"sbt","is_component":true,"variables":[{"name":"SBT_IMAGE","description":"The Docker image used to run sbt - **set the version required by your project**","default":"registry.hub.docker.com/sbtscala/scala-sbt:17.0.2_1.6.2_3.1.3"},{"name":"SBT_BUILD_ARGS","description":"The sbt arguments for the sbt arguments for the [build job packaging](https://www.scala-sbt.org/1.x/docs/Running.html#Common+commands)","default":"clean package","advanced":true},{"name":"SBT_TEST_ARGS","description":"The sbt arguments for the sbt arguments for the [build job test phase](https://www.scala-sbt.org/1.x/docs/Running.html#Common+commands)","default":"coverage test coverageAggregate","advanced":true},{"name":"SBT_OPTS","description":"Global [sbt options](https://www.scala-sbt.org/1.x/docs/Command-Line-Reference.html#sbt+JVM+options+and+system+properties)","default":"-Dsbt.global.base=sbt-cache/sbtboot -Dsbt.boot.directory=sbt-cache/boot -Dsbt.coursier.home=sbt-cache/coursier -Dsbt.ci=true -Dsbt.color=always","advanced":true},{"name":"SBT_CLI_OPTS","description":"Additional sbt options used on the command line","default":"--batch","advanced":true}],"features":[{"id":"sbom","name":"Software Bill of Materials","description":"This job generates a file listing all dependencies using [syft](https://github.com/anchore/syft)","disable_with":"SBT_SBOM_DISABLED","variables":[{"name":"SBT_SBOM_IMAGE","default":"registry.hub.docker.com/anchore/syft:debug","description":"The syft image used for SBOM analysis"},{"name":"SBT_SBOM_OPTS","description":"Options for syft used for SBOM analysis","default":"dir:sbt-cache/coursier --catalogers java-cataloger","advanced":true}]},{"id":"publish","name":"Publish (snapshot & release)","description":"Enable artifacts publishing to a Nexus repository","variables":[{"name":"SBT_PUBLISH_MODE","description":"Publish mode (one of `snapshot`, `ontag`, `release`)","type":"enum","values":["","snapshot","ontag","release"],"mandatory":true},{"name":"GIT_PRIVATE_KEY","description":"Git private key to perform Git operations (for `release` publish mode)","secret":true},{"name":"MAVEN_REPOSITORY_HOST","description":"Global Maven repository host where credentials apply","secret":false},{"name":"MAVEN_REPOSITORY_USERNAME","description":"Global Maven repository username","secret":true},{"name":"MAVEN_REPOSITORY_PASSWORD","description":"Global Maven repository password","secret":true},{"name":"MAVEN_REPOSITORY_PUBLISH_RELEASE_URL","description":"Maven repository URL where to publish release artifacts","secret":false},{"name":"MAVEN_REPOSITORY_PUBLISH_SNAPSHOT_URL","description":"Maven repository URL where to publish snapshot artifacts","secret":false},{"name":"MAVEN_REPOSITORY_PUBLISH_USERNAME","description":"Maven repository username used for publishing purposes","secret":true},{"name":"MAVEN_REPOSITORY_PUBLISH_PASSWORD","description":"Maven repository password used for publishing purposes","secret":true}]}],"extension_id":null,"project":{"tag":"1.7.1","tags":["1.7.1","1.7.0","1.7","1.6.0","1.6","1.5.1","1.5.0","1.5","1.4.0","1.4","1.3.1","1.3.0","1.3","1.2.0","1.2","1.1.2","1.1.1","1.1.0","1.1","1.0.0","1.0","1"],"name":"sbt","path":"to-be-continuous/sbt","web_url":"https://gitlab.com/to-be-continuous/sbt","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26717195/logo.png"}},{"name":"semantic-release","description":"Automate your versioning and release management with [semantic-release](https://github.com/semantic-release/semantic-release)","template_path":"templates/gitlab-ci-semrel.yml","kind":"publish","prefix":"semrel","job_prefix":"semantic-release","is_component":true,"variables":[{"name":"SEMREL_IMAGE","description":"The Docker image used to run semantic-release","default":"registry.hub.docker.com/library/node:lts-slim"},{"name":"SEMREL_VERSION","description":"The [semantic-release](https://www.npmjs.com/package/semantic-release) version to use","default":"latest","advanced":true},{"name":"SEMREL_EXEC_VERSION","description":"The [@semantic-release/exec](https://www.npmjs.com/package/@semantic-release/exec) version to use","default":"latest","advanced":true},{"name":"GITLAB_TOKEN","description":"A GitLab 'project access token' or 'personal access token' with `api`, `read_repository` and `write repository` scopes.","mandatory":true,"secret":true},{"name":"SEMREL_CONFIG_DIR","description":"directory containing your [semantic-release configuration](https://semantic-release.gitbook.io/semantic-release/usage/configuration#configuration-file)","default":".","advanced":true},{"name":"SEMREL_TAG_FORMAT","description":"For generated `.releaserc` file only. [tagFormat semantic-release option](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#tagformat)e. :warning: don't forget to double the `$` character so it is not interpreted by GitLab.","default":"$${version}","advanced":true},{"name":"SEMREL_REQUIRED_PLUGINS_FILE","description":"Full path to `semrel-required-plugins.txt` file _(relative to `$CI_PROJECT_DIR`)_","default":"semrel-required-plugins.txt","advanced":true}],"features":[{"id":"semantic-release","name":"semantic-release","description":"Performs a semantic release.","disable_with":"SEMREL_RELEASE_DISABLED","variables":[{"name":"SEMREL_CHANGELOG_ENABLED","description":"Add the [@semantic-release/changelog](https://github.com/semantic-release/changelog) plugin which will commit a changelog file in the repository.","type":"boolean"},{"name":"SEMREL_CHANGELOG_FILE","description":"[changelogFile @semantic-release/changelog option](https://github.com/semantic-release/changelog#options).","default":"CHANGELOG.md","advanced":true},{"name":"SEMREL_CHANGELOG_TITLE","description":"[changelogTitle @semantic-release/changelog option](https://github.com/semantic-release/changelog#options). You might want to use markdown format (for example `# MyApp Changelog`).","advanced":true},{"name":"SEMREL_DRY_RUN","description":"For generated `.releaserc` file only. Activate the [dryRun semantic-release option](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#dryrun) if present.","type":"boolean","advanced":true},{"name":"SEMREL_AUTO_RELEASE_ENABLED","description":"When set the job start automatically. When not set (default), the job is manual.","type":"boolean"},{"name":"SEMREL_BRANCHES_REF","description":"Regular expression pattern matching branches from which releases should happen (should match your [semantic-release configuration](https://semantic-release.gitbook.io/semantic-release/usage/configuration#branches))","default":"/^(master|main)$/","advanced":true},{"name":"SEMREL_HOOKS_DIR","description":"Hook scripts folder.","default":".","advanced":true},{"name":"SEMREL_GPG_SIGNKEY","description":"Path to the GPG signkey exported with `gpg --armor --export-secret-key`.","secret":true,"advanced":true},{"name":"SEMREL_COMMIT_MESSAGE","description":"[message @semantic-release/git option](https://github.com/semantic-release/git#message)","advanced":true},{"name":"SEMREL_COMMIT_SPEC","description":"Commit specification `preset` (possible values: `angular`, `atom`, `codemirror`, `ember`, `eslint`, `express`, `jquery`, `jshint`, `conventionalcommits`). The default is `angular`.","values":["angular","codemirror","conventionalcommits","ember","eslint","express","jquery","jshint"],"default":"angular","advanced":true}]},{"id":"semantic-release-info","name":"semantic-release-info","description":"Run `semantic-release` dry run to save next release version information as dotenv artifact and make them available in next pipeline stages","variables":[{"name":"SEMREL_INFO_ON","description":"Define on which branch(es) the job shall be run","type":"enum","values":["","prod","branches-ref","protected","all"],"mandatory":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-semrel-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"3.11.5","tags":["3.11.5","3.11.4","3.11.3","3.11.2","3.11.1","3.11.0","3.11","3.10.3","3.10.2","3.10.1","3.10.0","3.10","3.9.1","3.9.0","3.9","3.8.3","3.8.2","3.8.1","3.8.0","3.8","3.7.1","3.7.0","3.7","3.6.0","3.6","3.5.2","3.5.1","3.5.0","3.5","3.4.2","3.4.1","3.4.0","3.4","3.3.1","3.3.0","3.3","3.2.2","3.2.1","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.3.1","2.3.0","2.3","2.2.6","2.2.5","2.2.4","2.2.3","2.2.2","2.2.1","2.2.0","2.1.0","2.0.5","2.0.4","2.0.3","2.0.2","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.1","1.0.0"],"name":"semantic-release","path":"to-be-continuous/semantic-release","web_url":"https://gitlab.com/to-be-continuous/semantic-release","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454254/logo.png"}},{"name":"SonarQube","description":"Continuously inspect your codebase with [SonarQube](https://www.sonarqube.org/)","template_path":"templates/gitlab-ci-sonar.yml","kind":"analyse","prefix":"sonar","is_component":true,"variables":[{"name":"SONAR_SCANNER_IMAGE","description":"The Docker image used to run [sonar-scanner](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/)","default":"registry.hub.docker.com/sonarsource/sonar-scanner-cli:latest"},{"name":"SONAR_HOST_URL","type":"url","description":"SonarQube server url","mandatory":true},{"name":"SONAR_PROJECT_KEY","description":"SonarQube Project Key (might also be set in the `sonar-project.properties` file)","advanced":true},{"name":"SONAR_PROJECT_NAME","description":"SonarQube Project Name (might also be set in the `sonar-project.properties` file)","advanced":true},{"name":"SONAR_TOKEN","description":"SonarQube authentication token (depends on your authentication method)","secret":true},{"name":"SONAR_LOGIN","description":"SonarQube login (depends on your authentication method)","secret":true},{"name":"SONAR_PASSWORD","description":"SonarQube password (depends on your authentication method)","secret":true},{"name":"SONAR_BASE_ARGS","description":"SonarQube [analysis arguments](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/analysis-parameters/)","default":"-Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues","advanced":true},{"name":"SONAR_QUALITY_GATE_ENABLED","description":"Enables SonarQube [Quality Gate](https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/quality-gates/) verification.\n\n_Uses `sonar.qualitygate.wait` parameter ([see doc](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/ci-integration/overview/#quality-gate-fails))._","type":"boolean"}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-sonar-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url"},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]}],"extension_id":null,"project":{"tag":"4.2.4","tags":["4.2.4","4.2.3","4.2.2","4.2.1","4.2.0","4.2","4.1.1","4.1.0","4.1","4.0.1","4.0.0","4.0","4","3.3.0","3.3","3.2.0","3.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.3.2","1.3.1","1.3.0","1.2.0","1.1.0","1.0.0"],"name":"sonar","path":"to-be-continuous/sonar","web_url":"https://gitlab.com/to-be-continuous/sonar","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454259/logo.png"}},{"name":"Spectral","description":"[Spectral](https://docs.stoplight.io/docs/spectral) is a JSON/YAML Linter with custom rulesets, out of the box support for OpenAPI and AsyncAPI","template_path":"templates/gitlab-ci-spectral.yml","kind":"analyse","prefix":"spectral","is_component":true,"variables":[{"name":"SPECTRAL_IMAGE","description":"The Docker image used to run `spectral`","default":"registry.hub.docker.com/stoplight/spectral:latest"},{"name":"SPECTRAL_DOCUMENTS","description":"Location of JSON/YAML documents to be linted. Can be either a file, a glob or fetchable resource(s) on the web","default":"{,api/,src/main/resources/}*{openapi,oas,swagger,async}*.{json,yml,yaml}"},{"name":"SPECTRAL_EXTRA_ARGS","description":"Extra Spectral CLI [options](https://docs.stoplight.io/docs/spectral/docs/guides/2-cli.md)","advanced":true},{"name":"SPECTRAL_DISABLED","description":"Set to `true` to disable this job","type":"boolean","advanced":true}],"extension_id":null,"project":{"tag":"1.1.2","tags":["1.1.2","1.1.1","1.1.0","1.1","1.0.0","1.0","1"],"name":"spectral","path":"to-be-continuous/spectral","web_url":"https://gitlab.com/to-be-continuous/spectral","avatar":"https://gitlab.com/uploads/-/system/project/avatar/52371414/logo.png"}},{"name":"Sphinx","description":"Build your documentation with [Sphinx](https://www.sphinx-doc.org/)","template_path":"templates/gitlab-ci-sphinx.yml","kind":"build","prefix":"sphinx","is_component":true,"variables":[{"name":"SPHINX_IMAGE","description":"The Docker image used to run Sphinx","default":"ghcr.io/sphinx-doc/sphinx:latest"},{"name":"SPHINX_BUILD_ARGS","description":"[`sphinx-build` options](https://www.sphinx-doc.org/en/master/man/sphinx-build.html)) to be used","default":"-M html"},{"name":"SPHINX_PROJECT_DIR","description":"Sphinx project root directory","default":"."},{"name":"SPHINX_SOURCE_DIR","description":"Sphinx source directory (relative to `$SPHINX_PROJECT_DIR`) containing the Sphinx `conf.py` file","default":"source","advanced":true},{"name":"SPHINX_BUILD_DIR","description":"Sphinx build output directory (relative to `$SPHINX_PROJECT_DIR`)","default":"build","advanced":true},{"name":"SPHINX_REQUIREMENTS_FILE","description":"Requirements file (relative to `$SPHINX_PROJECT_DIR`). If the file is not found in the repository, requirements are read from the `SPHINX_REQUIREMENTS` variable","default":"requirements.txt","advanced":true},{"name":"SPHINX_REQUIREMENTS","description":"Space separated requirements (ignored if a requirement file is found)","advanced":true},{"name":"SPHINX_PREBUILD_SCRIPT","description":"Pre-build hook script (relative to `$SPHINX_PROJECT_DIR`)","default":"sphinx-pre-build.sh","advanced":true},{"name":"PIP_OPTS","description":"pip extra [options](https://pip.pypa.io/en/stable/cli/pip/#general-options)","advanced":true}],"features":[{"id":"lychee","name":"lychee","description":"Checks broken links and emails with [lychee](https://github.com/lycheeverse/lychee)","enable_with":"SPHINX_LYCHEE_ENABLED","variables":[{"name":"SPHINX_LYCHEE_IMAGE","description":"The Docker image used to run [lychee](https://github.com/lycheeverse/lychee)","default":"registry.hub.docker.com/lycheeverse/lychee:latest","advanced":true},{"name":"SPHINX_LYCHEE_ARGS","description":"[lychee arguments](https://github.com/lycheeverse/lychee#commandline-parameters) to execute","default":"--exclude-loopback $SPHINX_SOURCE_DIR/**/*.rst"}]}],"variants":[{"id":"pages","name":"GitLab Pages","description":"Adds a job to publish the generated documentation to GitLab pages","template_path":"templates/gitlab-ci-sphinx-pages.yml"}],"extension_id":null,"project":{"tag":"1.2.0","tags":["1.2.0","1.2","1.1.1","1.1.0","1.1","1.0.0","1.0","1"],"name":"sphinx","path":"to-be-continuous/sphinx","web_url":"https://gitlab.com/to-be-continuous/sphinx","avatar":"https://gitlab.com/uploads/-/system/project/avatar/53144593/logo.png"}},{"name":"SQLFluff lint","description":"Lint your SQL files (whichever your dialect) with [SQLFluff](https://docs.sqlfluff.com)","template_path":"templates/gitlab-ci-sqlfluff.yml","kind":"analyse","prefix":"sqlfluff","is_component":true,"variables":[{"name":"SQLFLUFF_IMAGE","description":"The Docker image used to run SQLFluff","default":"registry.hub.docker.com/sqlfluff/sqlfluff:latest"},{"name":"SQLFLUFF_WORKING_DIR","description":"Sqlfluff working directory, scope of configuration and sql files used","default":".","advanced":true},{"name":"SQLFLUFF_LINT_ARGS","description":"Lint [options and arguments](https://docs.sqlfluff.com/en/stable/reference/cli.html#sqlfluff-lint)","advanced":true}],"extension_id":null,"project":{"tag":"1.3.1","tags":["1.3.1","1.3.0","1.3","1.2.0","1.2","1.1.2","1.1.1","1.1.0","1.1","1.0.2","1.0.1","1.0.0","1.0","1"],"name":"sqlfluff","path":"to-be-continuous/sqlfluff","web_url":"https://gitlab.com/to-be-continuous/sqlfluff","avatar":"https://gitlab.com/uploads/-/system/project/avatar/38513375/logo.png"}},{"name":"Terraform","description":"Manage your infrastructure with [Terraform](https://www.terraform.io)","template_path":"templates/gitlab-ci-terraform.yml","kind":"infrastructure","prefix":"tf","is_component":true,"variables":[{"name":"TF_IMAGE","description":"the Docker image used to run Terraform CLI commands - **set the version required by your project**","default":"registry.hub.docker.com/hashicorp/terraform:latest"},{"name":"TF_GITLAB_BACKEND_DISABLED","type":"boolean","description":"Set to disable [GitLab managed Terraform State](https://docs.gitlab.com/user/infrastructure/iac/terraform_state.html)","advanced":true},{"name":"TF_PROJECT_DIR","description":"Terraform project root directory","default":".","advanced":true},{"name":"TF_SCRIPTS_DIR","description":"Terraform (hook) scripts base directory (relative to `$TF_PROJECT_DIR`)","default":".","advanced":true},{"name":"TF_OUTPUT_DIR","description":"Terraform output directory (relative to `$TF_PROJECT_DIR`).\n\n_Everything generated in this directory will be kept as job artifacts._","default":"tf-output","advanced":true},{"name":"TF_EXTRA_OPTS","description":"Default Terraform extra options (applies to all Terraform commands)","advanced":true},{"name":"TF_INIT_OPTS","description":"Default Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init)","advanced":true},{"name":"TF_WORKSPACE","description":"Default Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces)","advanced":true},{"name":"TF_PLAN_OPTS","description":"Default Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan)","advanced":true},{"name":"TF_APPLY_OPTS","description":"Default Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply)","advanced":true},{"name":"TF_DESTROY_OPTS","description":"Default Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy)","advanced":true}],"features":[{"id":"tfsec","name":"tfsec","description":"Detect security issues with [tfsec](https://github.com/tfsec/tfsec)","enable_with":"TF_TFSEC_ENABLED","variables":[{"name":"TF_TFSEC_IMAGE","description":"tfsec docker image","default":"registry.hub.docker.com/aquasec/tfsec-ci","advanced":true},{"name":"TF_TFSEC_ARGS","description":"tfsec [options and args](https://aquasecurity.github.io/tfsec/latest/guides/usage/)","default":"."}]},{"id":"trivy","name":"trivy","description":"Detect security issues with [trivy config](https://aquasecurity.github.io/trivy/latest/docs/scanner/misconfiguration/)","disable_with":"TF_TRIVY_DISABLED","variables":[{"name":"TF_TRIVY_IMAGE","description":"trivy docker image","default":"registry.hub.docker.com/aquasec/trivy","advanced":true},{"name":"TF_TRIVY_ARGS","description":"trivy config [options and args](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_config/)","default":"."}]},{"id":"checkov","name":"checkov","description":"Static code analysis tool for infrastructure-as-code","enable_with":"TF_CHECKOV_ENABLED","variables":[{"name":"TF_CHECKOV_IMAGE","description":"checkov docker image","default":"registry.hub.docker.com/bridgecrew/checkov","advanced":true},{"name":"TF_CHECKOV_ARGS","description":"checkov [options and args](https://www.checkov.io/2.Basics/CLI%20Command%20Reference.html)","default":"--framework terraform","advanced":true}]},{"id":"tf-infracost","name":"tf-infracost","description":"Shows cloud cost estimates for infrastructure-as-code projects","enable_with":"TF_INFRACOST_ENABLED","variables":[{"name":"TF_INFRACOST_IMAGE","description":"Infracost docker image","default":"registry.hub.docker.com/infracost/infracost","advanced":true},{"name":"TF_INFRACOST_ARGS","description":"infracost [CLI options and args](https://www.infracost.io/docs/#usage)","default":"breakdown"},{"name":"TF_INFACOST_USAGE_FILE","description":"infracost [usage file](https://www.infracost.io/docs/usage_based_resources/#infracost-usage-file)","default":"infracost-usage.yml"},{"name":"INFRACOST_API_KEY","description":"the infracost API key","secret":true}]},{"id":"tf-tflint","name":"tf-tflint","description":"Analyse your Terraform code with [tflint](https://github.com/terraform-linters/tflint)","disable_with":"TF_TFLINT_DISABLED","variables":[{"name":"TF_TFLINT_IMAGE","description":"Tflint docker image","default":"ghcr.io/terraform-linters/tflint-bundle:latest","advanced":true},{"name":"TF_TFLINT_ARGS","description":"tflint extra [options and args](https://github.com/terraform-linters/tflint/#usage)","default":"--enable-plugin=google --enable-plugin=azurerm --enable-plugin=aws --recursive"}]},{"id":"tf-fmt","name":"tf-fmt","description":"Check your Terraform code with [tffmt](https://developer.hashicorp.com/terraform/cli/commands/fmt#usage)","enable_with":"TF_FMT_ENABLED","variables":[{"name":"TF_FMT_ARGS","description":"terraform fmt extra [options](https://developer.hashicorp.com/terraform/cli/commands/fmt#usage)","default":"-diff -recursive"}]},{"id":"tf-validate","name":"tf-validate","description":"Check your Terraform code with [tfvalidate](https://developer.hashicorp.com/terraform/cli/commands/validate#usage)","enable_with":"TF_VALIDATE_ENABLED","variables":[]},{"id":"tfdocs","name":"terraform docs","description":"Build Terraform documentation based on [terraform docs](https://terraform-docs.io/)","enable_with":"TF_DOCS_ENABLED","variables":[{"name":"TF_DOCS_IMAGE","description":"[terraform docs](https://terraform-docs.io/) container image","default":"quay.io/terraform-docs/terraform-docs:edge","advanced":true},{"name":"TF_DOCS_EXTRA_OPTS","description":"Extra [terraform docs options](https://terraform-docs.io/reference/terraform-docs/)","advanced":true},{"name":"TF_DOCS_CONFIG","description":"terraform docs [configuration file](https://terraform-docs.io/user-guide/configuration/) (relative to `$TF_PROJECT_DIR`)","default":".terraform-docs.yml","advanced":true},{"name":"TF_DOCS_OUTPUT_DIR","description":"terraform docs output directory (relative to `$TF_PROJECT_DIR`)","default":"docs","advanced":true}]},{"id":"tfpublish","name":"publish module","description":"Publish a Terraform module to GitLab's [Terraform Module Registry](https://docs.gitlab.com/user/packages/terraform_module_registry/)","enable_with":"TF_PUBLISH_ENABLED","variables":[{"name":"TF_PUBLISH_IMAGE","description":"container image used to publish module","default":"registry.hub.docker.com/curlimages/curl:latest","advanced":true},{"name":"TF_MODULE_NAME","description":"The module name. May not contain any spaces or underscores.","default":"$CI_PROJECT_NAME","advanced":true},{"name":"TF_MODULE_SYSTEM","description":"The module system or provider (example: `local`, `aws`, `google`)","default":"local"},{"name":"TF_MODULE_VERSION","description":"The module version. It must be valid according to the [semantic versioning](https://semver.org/) specification.","default":"$CI_COMMIT_TAG","advanced":true},{"name":"TF_MODULE_FILES","description":"Glob patterns matching files to include into the Terraform module (:warning: does not support double star)","default":"*.tf *.tpl *.md"}]},{"id":"review","name":"Review","description":"Dynamic review environments for your topic branches (see GitLab [Review Apps](https://docs.gitlab.com/ci/review_apps/))","enable_with":"TF_REVIEW_ENABLED","variables":[{"name":"TF_REVIEW_EXTRA_OPTS","description":"Terraform extra options for `review` env (applies to all Terraform commands) (only define to override default)","advanced":true},{"name":"TF_REVIEW_INIT_OPTS","description":"Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_WORKSPACE","description":"Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_PLAN_ENABLED","description":"Set to enable separate Terraform plan job for `review` env.","type":"boolean","advanced":true},{"name":"TF_REVIEW_PLAN_OPTS","description":"Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_APPLY_OPTS","description":"Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_DESTROY_OPTS","description":"Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy) for `review` env (only define to override default)","advanced":true},{"name":"TF_REVIEW_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop `review` environments","default":"4 hours"}]},{"id":"integration","name":"Integration","description":"A continuous-integration environment associated to your integration branch (`develop` by default)","enable_with":"TF_INTEG_ENABLED","variables":[{"name":"TF_INTEG_EXTRA_OPTS","description":"Terraform extra options for `integration` env (applies to all Terraform commands) (only define to override default)","advanced":true},{"name":"TF_INTEG_INIT_OPTS","description":"Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_WORKSPACE","description":"Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_PLAN_ENABLED","description":"Set to enable separate Terraform plan job for `integration` env.","type":"boolean","advanced":true},{"name":"TF_INTEG_PLAN_OPTS","description":"Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_APPLY_OPTS","description":"Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_DESTROY_OPTS","description":"Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy) for `integration` env (only define to override default)","advanced":true},{"name":"TF_INTEG_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `integration` env","default":"never"}]},{"id":"staging","name":"Staging","description":"An iso-prod environment meant for testing and validation purpose on your production branch (`main` or `master` by default)","enable_with":"TF_STAGING_ENABLED","variables":[{"name":"TF_STAGING_EXTRA_OPTS","description":"Terraform extra options for `staging` env (applies to all Terraform commands) (only define to override default)","advanced":true},{"name":"TF_STAGING_INIT_OPTS","description":"Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_WORKSPACE","description":"Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_PLAN_ENABLED","description":"Set to enable separate Terraform plan job for `staging` env.","type":"boolean","advanced":true},{"name":"TF_STAGING_PLAN_OPTS","description":"Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_APPLY_OPTS","description":"Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_DESTROY_OPTS","description":"Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy) for `staging` env (only define to override default)","advanced":true},{"name":"TF_STAGING_AUTOSTOP_DURATION","description":"The amount of time before GitLab will automatically stop the `staging` env","default":"never"}]},{"id":"prod","name":"Production","description":"The production environment","enable_with":"TF_PROD_ENABLED","variables":[{"name":"TF_PROD_EXTRA_OPTS","description":"Terraform extra options for `production` env (applies to all Terraform commands) (only define to override default)","advanced":true},{"name":"TF_PROD_INIT_OPTS","description":"Terraform extra [init options](https://developer.hashicorp.com/terraform/cli/commands/init) for `production` env (only define to override default)","advanced":true},{"name":"TF_PROD_WORKSPACE","description":"Terraform project [workspace](https://developer.hashicorp.com/terraform/language/state/workspaces) for `production` env (only define to override default)","advanced":true},{"name":"TF_PROD_PLAN_ENABLED","description":"Set to enable separate Terraform plan job for `production` env.","type":"boolean","default":"true","advanced":true},{"name":"TF_PROD_PLAN_OPTS","description":"Terraform extra [plan options](https://developer.hashicorp.com/terraform/cli/commands/plan) for `production` env (only define to override default)","advanced":true},{"name":"TF_PROD_APPLY_OPTS","description":"Terraform extra [apply options](https://developer.hashicorp.com/terraform/cli/commands/apply) for `production` env (only define to override default)","advanced":true},{"name":"TF_PROD_DESTROY_OPTS","description":"Terraform extra [destroy options](https://developer.hashicorp.com/terraform/cli/commands/destroy) for `production` env (only define to override default)","advanced":true}]}],"variants":[{"id":"vault","name":"Vault","description":"Retrieve secrets from a [Vault](https://www.vaultproject.io/) server","template_path":"templates/gitlab-ci-terraform-vault.yml","variables":[{"name":"TBC_VAULT_IMAGE","description":"The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use","default":"registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest","advanced":true},{"name":"VAULT_BASE_URL","description":"The Vault server base API url","mandatory":true},{"name":"VAULT_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"VAULT_ROLE_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID","mandatory":true,"secret":true},{"name":"VAULT_SECRET_ID","description":"The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID","mandatory":true,"secret":true}]},{"id":"gcp-auth-provider","name":"Google Cloud","description":"Retrieves an [OAuth access token](https://developers.google.com/identity/protocols/oauth2) for the [Google Cloud Platform Provider for Terraform](https://registry.terraform.io/providers/hashicorp/google/latest/docs)","template_path":"templates/gitlab-ci-terraform-gcp.yml","variables":[{"name":"GCP_OIDC_AUD","description":"The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_","default":"$CI_SERVER_URL","advanced":true},{"name":"GCP_OIDC_ACCOUNT","description":"Default Service Account to which impersonate with OpenID Connect authentication"},{"name":"GCP_OIDC_PROVIDER","description":"Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/)"},{"name":"GCP_REVIEW_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `review` environment","advanced":true},{"name":"GCP_REVIEW_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `review` environment","advanced":true},{"name":"GCP_INTEG_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `integration` environment","advanced":true},{"name":"GCP_INTEG_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `integration` environment","advanced":true},{"name":"GCP_STAGING_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `staging` environment","advanced":true},{"name":"GCP_STAGING_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `staging` environment","advanced":true},{"name":"GCP_PROD_OIDC_ACCOUNT","description":"Service Account to which impersonate with OpenID Connect authentication on `production` environment","advanced":true},{"name":"GCP_PROD_OIDC_PROVIDER","description":"Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ci/cloud_services/google_cloud/) on `production` environment","advanced":true}]},{"id":"aws","name":"AWS","description":"Sets the appropriate Assume Role with Web Identity configuration for the [AWS Provider for Terraform](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#assume-role-with-web-identity-configuration-reference)","template_path":"templates/gitlab-ci-terraform-aws.yml","variables":[{"name":"AWS_OIDC_AUD","description":"The `aud` claim for the JWT","default":"$CI_SERVER_URL"},{"name":"AWS_OIDC_ROLE_ARN","description":"Default IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/)","advanced":true},{"name":"AWS_REVIEW_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/) on `review` env _(only define to override default)_","advanced":true},{"name":"AWS_INTEG_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/) on `integration` env _(only define to override default)_","advanced":true},{"name":"AWS_STAGING_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/) on `staging` env _(only define to override default)_","advanced":true},{"name":"AWS_PROD_OIDC_ROLE_ARN","description":"IAM Role ARN associated with GitLab to [authenticate using OpenID Connect](https://docs.gitlab.com/ci/cloud_services/aws/) on `production` env _(only define to override default)_","advanced":true}]}],"extension_id":null,"project":{"tag":"5.5.6","tags":["5.5.6","5.5.5","5.5.4","5.5.3","5.5.2","5.5.1","5.5.0","5.5","5.4.14","5.4.13","5.4.12","5.4.11","5.4.10","5.4.9","5.4.8","5.4.7","5.4.6","5.4.5","5.4.4","5.4.3","5.4.2","5.4.1","5.4.0","5.4","5.3.0","5.3","5.2.0","5.2","5.1.0","5.1","5.0.2","5.0.1","5.0.0","5.0","5","4.0.3","4.0.2","4.0.1","4.0.0","4.0","4","3.12.3","3.12.2","3.12.1","3.12.0","3.12","3.11.0","3.11","3.10.0","3.10","3.9.1","3.9.0","3.9","3.8.0","3.8","3.7.0","3.7","3.6.3","3.6.2","3.6.1","3.6.0","3.6","3.5.1","3.5.0","3.5","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.0","3.1","3.0.0","3.0","3","2.8.0","2.8","2.7.1","2.7.0","2.7","2.6.0","2.6","2.5.0","2.5","2.4.3","2.4.2","2.4.1","2.4.0","2.3.2","2.3.1","2.3.0","2.2.4","2.2.3","2.2.2","2.2.1","2.2.0","2.1.1","2"],"name":"terraform","path":"to-be-continuous/terraform","web_url":"https://gitlab.com/to-be-continuous/terraform","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454262/logo.png"}},{"name":"Test SSL","description":"Test your TLS/SSL servers compliance with [Test SSL](https://testssl.sh/)","template_path":"templates/gitlab-ci-testssl.yml","kind":"acceptance","prefix":"testssl","is_component":true,"variables":[{"name":"TESTSSL_IMAGE","description":"The Docker image used to run [Test SSL](https://testssl.sh/)","default":"registry.hub.docker.com/drwetter/testssl.sh:latest"},{"name":"TESTSSL_ARGS","description":"Test SSL [command-line options](https://testssl.sh/#usage)","default":"--severity MEDIUM","advanced":true},{"name":"TESTSSL_URL","description":"Server url to test TLS/SSL against\n\n_Leave unset if you're using deployment templates_"},{"name":"REVIEW_ENABLED","description":"Set to enable Test SSL tests on review environments (dynamic environments instantiated on development branches)","type":"boolean"}],"extension_id":null,"project":{"tag":"3.6.0","tags":["3.6.0","3.6","3.5.0","3.5","3.4.1","3.4.0","3.4","3.3.0","3.3","3.2.1","3.2.0","3.2","3.1.2","3.1.1","3.1.0","3.1","3.0.0","3.0","3","2.1.0","2.1","2.0.1","2.0.0","2","1.2.0","1.1.0","1.0.0"],"name":"testssl","path":"to-be-continuous/testssl","web_url":"https://gitlab.com/to-be-continuous/testssl","avatar":"https://gitlab.com/uploads/-/system/project/avatar/26454277/logo.png"}}]}