From f489e4a1cb9fda4ff8a9026ca4ab63672c680fd0 Mon Sep 17 00:00:00 2001 From: Dantali0n <info@dantalion.nl> Date: Wed, 25 Oct 2023 16:14:57 +0200 Subject: [PATCH] Address review comments --- .gitlab-ci.yml | 15 +++++++- README.md | 2 +- docker/ci-runner/Dockerfile | 35 +++++++++---------- {{cookiecutter.project_slug}}/.gitlab-ci.yml | 14 +------- .../docker/ci-runner/Dockerfile | 31 ++++++++-------- 5 files changed, 48 insertions(+), 49 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 01f853b..3dfce5f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -14,11 +14,24 @@ default: - cd my_awesome_app - git init -# Override semgrep-sast before script sast: + # override before_script from default: definition above, inherited job image otherwise + # won't have Python available before_script: - python --version # For debugging +dependency_scanning: + # override before_script from default: definition above, inherited job image otherwise + # won't have Python available + before_script: + - uname + +secret_detection: + # override before_script from default: definition above, inherited job image otherwise + # won't have Python available + before_script: + - uname + # Override format artifact paths format: artifacts: diff --git a/README.md b/README.md index aa949d3..9973445 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ If you find some missing functionality with regards to CI/CD, testing, linting o ## How to apply this template -This templates uses `cookiecutter` which can be +This templates uses `cookiecutter` which can be easily installed: ```bash pip install --user cookiecutter diff --git a/docker/ci-runner/Dockerfile b/docker/ci-runner/Dockerfile index 3a31e04..d84ec71 100644 --- a/docker/ci-runner/Dockerfile +++ b/docker/ci-runner/Dockerfile @@ -7,24 +7,23 @@ FROM ubuntu:22.04 RUN export DEBIAN_FRONTEND=noninteractive && \ apt-get update && \ apt-get install -y \ - abi-compliance-checker \ - abi-dumper \ - build-essential \ - clang-format \ - clang-tidy \ - cmake \ - cmake-format \ - curl \ - doxygen \ - gcovr \ - git \ - graphviz \ - libboost-test-dev \ - ninja-build \ - python3-breathe \ - python3-pip \ - && \ + abi-compliance-checker \ + abi-dumper \ + build-essential \ + clang-format \ + clang-tidy \ + cmake \ + cmake-format \ + curl \ + doxygen \ + gcovr \ + git \ + graphviz \ + libboost-test-dev \ + ninja-build \ + python3-breathe \ + python3-pip && \ rm -rf /var/lib/apt/lists/* RUN python3 -m pip install --upgrade pip -RUN pip install --upgrade cookiecutter tox twine \ No newline at end of file +RUN pip install --upgrade cookiecutter tox twine --no-cache-dir \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.gitlab-ci.yml b/{{cookiecutter.project_slug}}/.gitlab-ci.yml index 0b00254..1fbc214 100644 --- a/{{cookiecutter.project_slug}}/.gitlab-ci.yml +++ b/{{cookiecutter.project_slug}}/.gitlab-ci.yml @@ -40,9 +40,7 @@ format: script: - scripts/format-cpp.sh - scripts/format-cmake.sh - - git diff > format.patch - # Fail when the patch is not empy (note ! can't be used directly.) - - (! grep -q '^--- a' format.patch) + - git diff --exit-code 1 artifacts: when: on_failure paths: @@ -63,16 +61,6 @@ sast: pmd-apex, sobelow, spotbugs stage: test -dependency_scanning: - # override default before_script, job won't have Python available - before_script: - - uname - -secret_detection: - # override default before_script, job won't have Python available - before_script: - - uname - test: stage: test needs: ["trigger_prepare"] diff --git a/{{cookiecutter.project_slug}}/docker/ci-runner/Dockerfile b/{{cookiecutter.project_slug}}/docker/ci-runner/Dockerfile index d0e1562..bde6bb2 100644 --- a/{{cookiecutter.project_slug}}/docker/ci-runner/Dockerfile +++ b/{{cookiecutter.project_slug}}/docker/ci-runner/Dockerfile @@ -7,20 +7,19 @@ FROM ubuntu:22.04 RUN export DEBIAN_FRONTEND=noninteractive && \ apt-get update && \ apt-get install -y \ - abi-compliance-checker \ - abi-dumper \ - build-essential \ - clang-format \ - clang-tidy \ - cmake \ - cmake-format \ - curl \ - doxygen \ - gcovr \ - git \ - graphviz \ - libboost-test-dev \ - ninja-build \ - python3-breathe \ - && \ + abi-compliance-checker \ + abi-dumper \ + build-essential \ + clang-format \ + clang-tidy \ + cmake \ + cmake-format \ + curl \ + doxygen \ + gcovr \ + git \ + graphviz \ + libboost-test-dev \ + ninja-build \ + python3-breathe && \ rm -rf /var/lib/apt/lists/* -- GitLab