.gitlab-ci.yml

include:
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
- template: Code-Quality.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml

stages:
- lint
- test
- cleanup

variables:
  POSTGRES_USER: scram
  POSTGRES_PASSWORD: ''
  POSTGRES_DB: test_scram
  POSTGRES_HOST_AUTH_METHOD: trust

flake8:
  stage: lint
  image: python:3.8-alpine
  before_script:
  - pip install -q flake8
  script:
  - flake8

pytest:
  stage: test
  image: docker:24.0.6-dind
  services:
  - docker:dind
  before_script:
  - apk add make
  - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
  - export COMPOSE_PROJECT_NAME=$CI_PIPELINE_ID
  - ".ci-scripts/pull_images.sh"
  - make build
  - ".ci-scripts/push_images.sh"
  - make migrate
  - make run
  script:
  - make coverage.xml
  artifacts:
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml

gemnasium-dependency_scanning:
  variables:
    PIP_REQUIREMENTS_FILE: requirements/base.txt

code_quality_html:
  extends: code_quality
  variables:
    REPORT_FORMAT: html
  artifacts:
    paths:
    - gl-code-quality-report.html

sast:
  stage: test

final_clean:
  image: docker:24.0.6-dind
  services:
  - docker:dind
  before_script:
  - apk add make
  - export COMPOSE_PROJECT_NAME=$CI_PIPELINE_ID
  stage: cleanup
  rules:
    - when: always # run even if something failed
  script:
    - make stop
    - make clean