#image: maven:latest image: maven:3.6.3-jdk-11 variables: LC_ALL: "en_US.UTF-8" LANG: "en_US.UTF-8" LANGUAGE: "en_US" LIB_NAME: "eaaf-components" MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true --settings ${CI_PROJECT_DIR}/.cisettings.xml" MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=${CI_PROJECT_DIR}/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true" GIT_SUBMODULE_STRATEGY: recursive GIT_DEPTH: "2" SECURE_LOG_LEVEL: "debug" JACOCO_CSV_LOCATION: 'build_reporting/target/site/jacoco-aggregate-ut/jacoco.csv' include: - template: Dependency-Scanning.gitlab-ci.yml - template: Security/SAST.gitlab-ci.yml - template: Secret-Detection.gitlab-ci.yml ## skip jUnit tests in Test jobs to speed-up build time dependency_scanning: variables: MAVEN_CLI_OPTS: "-DskipTests --settings ${CI_PROJECT_DIR}/.cisettings.xml" DS_JAVA_VERSION: 11 spotbugs-sast: variables: MAVEN_CLI_OPTS: "-DskipTests --settings ${CI_PROJECT_DIR}/.cisettings.xml" SAST_JAVA_VERSION: 11 default: tags: - docker stages: - assemble - test - package - release cache: paths: - ".m2/repository" assemble: stage: assemble except: - tags tags: - docker script: | mvn $MAVEN_CLI_OPTS compile test artifacts: when: always reports: junit: "**/target/surefire-reports/TEST-*.xml" paths: - build_reporting/target/site/jacoco-aggregate-ut/jacoco.xml - build_reporting/target/site/jacoco-aggregate-ut/jacoco.csv coverage: stage: test image: haynes/jacoco2cobertura:1.0.4 tags: - docker script: - mkdir -p target/site # convert report from jacoco to cobertura - 'python /opt/cover2cover.py build_reporting/target/site/jacoco-aggregate-ut/jacoco.xml eaaf_core_api/src/main/java eaaf_core_utils/src/main/java eaaf_core/src/main/java eaaf_modules/eaaf_module_auth_sl20/src/main/java eaaf_modules/eaaf_module_moa-sig/src/main/java eaaf_modules/eaaf_module_pvp2_core/src/main/java eaaf_modules/eaaf_module_pvp2_idp/src/main/java eaaf_modules/eaaf_module_pvp2_sp/src/main/java > target/site/cobertura.xml' # read the <source></source> tag and prepend the path to every filename attribute #- 'python /opt/source2filename.py target/site/cobertura.xml' - awk -F"," '{ instructions += $4 + $5; covered += $5 } END { print covered, "/", instructions, " instructions covered"; print 100*covered/instructions, "% covered" }' $JACOCO_CSV_LOCATION needs: - job: assemble dependencies: - assemble artifacts: reports: coverage_report: coverage_format: cobertura path: target/site/cobertura.xml publishToGitlab: stage: package tags: - docker except: - tags - /^feature/.*$/i before_script: - mkdir -p ~/.ssh - ssh-keyscan apps.egiz.gv.at >> ~/.ssh/known_hosts - chmod 644 ~/.ssh/known_hosts script: | export VERSION=$(mvn -B help:evaluate -Dexpression=project.version -B | grep -v "\[INFO\]" | grep -Po "\d+\.\d+\.\d+((-\w*)+)?") echo "Publishing version $VERSION for $LIB_NAME to public EGIZ maven" mvn $MAVEN_CLI_OPTS deploy -s .cisettings.xml -P jenkinsDeploy -DskipTests echo "VERSION=$VERSION" >> variables.env artifacts: when: always reports: dotenv: variables.env release: stage: release image: registry.gitlab.com/gitlab-org/release-cli:latest tags: - docker needs: - job: publishToGitlab artifacts: true when: manual only: - master script: | echo "Releasing version $VERSION of $LIB_NAME" echo "Publishing version $VERSION to public EGIZ maven" mvn $MAVEN_CLI_OPTS deploy -s .cisettings.xml release: name: "$VERSION" tag_name: "v$VERSION" description: "$(cat README.md)"