Skip to content
Snippets Groups Projects
Commit 8c0357a3 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

chore: use workflow rules

parent 2a0229fe
No related branches found
No related tags found
No related merge requests found
...@@ -13,6 +13,14 @@ ...@@ -13,6 +13,14 @@
# program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth # program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
# Floor, Boston, MA 02110-1301, USA. # Floor, Boston, MA 02110-1301, USA.
# ========================================================================================= # =========================================================================================
# default workflow rules
workflow:
rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
- when: always
variables: variables:
# variabilized tracking image # variabilized tracking image
TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master" TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master"
...@@ -57,7 +65,6 @@ variables: ...@@ -57,7 +65,6 @@ variables:
PYTHON_REPOSITORY_USERNAME: 'gitlab-ci-token' PYTHON_REPOSITORY_USERNAME: 'gitlab-ci-token'
PYTHON_REPOSITORY_PASSWORD: $CI_JOB_TOKEN PYTHON_REPOSITORY_PASSWORD: $CI_JOB_TOKEN
.python-scripts: &python-scripts | .python-scripts: &python-scripts |
# BEGSCRIPT # BEGSCRIPT
set -e set -e
...@@ -572,9 +579,6 @@ py-package: ...@@ -572,9 +579,6 @@ py-package:
paths: paths:
- $PYTHON_PROJECT_DIR/dist/* - $PYTHON_PROJECT_DIR/dist/*
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
- if: '$PYTHON_PACKAGE_ENABLED == "true"' - if: '$PYTHON_PACKAGE_ENABLED == "true"'
py-lint: py-lint:
...@@ -604,16 +608,15 @@ py-lint: ...@@ -604,16 +608,15 @@ py-lint:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests # exclude if $PYLINT_ENABLED not set
- if: $CI_MERGE_REQUEST_ID - if: '$PYLINT_ENABLED != "true"'
when: never when: never
# on production branch(es): if $PYLINT_ENABLED is set # on non-production, non-integration branches: manual & non-blocking
- if: '$PYLINT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
# on integration branch(es): if $PYLINT_ENABLED is set when: manual
- if: '$PYLINT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# on non-production, non-integration branches, with $PYLINT_ENABLED set: auto & non-blocking
- if: '$PYLINT_ENABLED == "true"'
allow_failure: true allow_failure: true
# else: manual & non-blocking
- when: always
py-compile: py-compile:
extends: .python-base extends: .python-base
...@@ -622,9 +625,6 @@ py-compile: ...@@ -622,9 +625,6 @@ py-compile:
- install_requirements - install_requirements
- _python -m compileall $PYTHON_COMPILE_ARGS - _python -m compileall $PYTHON_COMPILE_ARGS
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on any branch: only when none of supported unit test framework is enabled # on any branch: only when none of supported unit test framework is enabled
- if: '$UNITTEST_ENABLED != "true" && $PYTEST_ENABLED != "true" && $NOSETESTS_ENABLED != "true"' - if: '$UNITTEST_ENABLED != "true" && $PYTEST_ENABLED != "true" && $NOSETESTS_ENABLED != "true"'
...@@ -657,9 +657,6 @@ py-unittest: ...@@ -657,9 +657,6 @@ py-unittest:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on any branch: when $UNITTEST_ENABLED is set # on any branch: when $UNITTEST_ENABLED is set
- if: '$UNITTEST_ENABLED == "true"' - if: '$UNITTEST_ENABLED == "true"'
...@@ -684,9 +681,6 @@ py-pytest: ...@@ -684,9 +681,6 @@ py-pytest:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on any branch: when $PYTEST_ENABLED is set # on any branch: when $PYTEST_ENABLED is set
- if: '$PYTEST_ENABLED == "true"' - if: '$PYTEST_ENABLED == "true"'
...@@ -710,9 +704,6 @@ py-nosetests: ...@@ -710,9 +704,6 @@ py-nosetests:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on any branch: when $NOSETESTS_ENABLED is set # on any branch: when $NOSETESTS_ENABLED is set
- if: '$NOSETESTS_ENABLED == "true"' - if: '$NOSETESTS_ENABLED == "true"'
...@@ -741,17 +732,15 @@ py-bandit: ...@@ -741,17 +732,15 @@ py-bandit:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests # exclude if $BANDIT_ENABLED not set
- if: $CI_MERGE_REQUEST_ID - if: '$BANDIT_ENABLED != "true"'
when: never when: never
# on production branch(es): if $BANDIT_ENABLED is set # on non-production, non-integration branches: manual & non-blocking
- if: '$BANDIT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
# on integration branch(es): if $BANDIT_ENABLED is set
- if: '$BANDIT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# on non-production, non-integration branches, with $BANDIT_ENABLED set: manual & non-blocking
- if: '$BANDIT_ENABLED == "true"'
when: manual when: manual
allow_failure: true allow_failure: true
# else: manual & non-blocking
- when: always
# Safety (dependency check) # Safety (dependency check)
py-safety: py-safety:
...@@ -779,17 +768,15 @@ py-safety: ...@@ -779,17 +768,15 @@ py-safety:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests # exclude if $SAFETY_ENABLED not set
- if: $CI_MERGE_REQUEST_ID - if: '$SAFETY_ENABLED != "true"'
when: never when: never
# on production branch(es): if $SAFETY_ENABLED is set # on non-production, non-integration branches: manual & non-blocking
- if: '$SAFETY_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
# on integration branch(es): if $SAFETY_ENABLED is set
- if: '$SAFETY_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# on non-production, non-integration branches, with $SAFETY_ENABLED set: manual & non-blocking
- if: '$SAFETY_ENABLED == "true"'
when: manual when: manual
allow_failure: true allow_failure: true
# else: manual & non-blocking
- when: always
# Trivy (dependency check) # Trivy (dependency check)
py-trivy: py-trivy:
...@@ -840,19 +827,15 @@ py-trivy: ...@@ -840,19 +827,15 @@ py-trivy:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on production branch(es): if $TRIVY_ENABLED is set
# exclude if $PYTHON_TRIVY_ENABLED not set # exclude if $PYTHON_TRIVY_ENABLED not set
- if: '$PYTHON_TRIVY_ENABLED != "true"' - if: '$PYTHON_TRIVY_ENABLED != "true"'
when: never when: never
# on production or integration branches: auto
- if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# on non-production, non-integration branches: manual & non-blocking # on non-production, non-integration branches: manual & non-blocking
- if: '$PYTHON_TRIVY_ENABLED == "true"' # useless but prevents GitLab warning - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
when: manual when: manual
allow_failure: true allow_failure: true
# else: manual & non-blocking
- when: always
# (manual from master branch): triggers a release (tag creation) # (manual from master branch): triggers a release (tag creation)
py-release: py-release:
...@@ -868,16 +851,10 @@ py-release: ...@@ -868,16 +851,10 @@ py-release:
paths: paths:
- $PYTHON_PROJECT_DIR/dist/* - $PYTHON_PROJECT_DIR/dist/*
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# exclude if $PYTHON_RELEASE_ENABLED not set # exclude if $PYTHON_RELEASE_ENABLED not set
- if: '$PYTHON_RELEASE_ENABLED != "true"' - if: '$PYTHON_RELEASE_ENABLED != "true"'
when: never when: never
# exclude on non-prod, non-integ branches # on production or integration branch: manual, non blocking
- if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'
when: never
# else: manual
- if: '$PYTHON_RELEASE_ENABLED == "true"' # useless but prevents GitLab warning
when: manual when: manual
allow_failure: true allow_failure: true
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment