--- include: - template: Security/SAST.gitlab-ci.yml variables: PKGDEST: $CI_PROJECT_DIR/packages PACKAGER: 'Alexandre Pujol ' stages: - lint - build - preprocess # Code Linter # ----------- bash: stage: lint image: koalaman/shellcheck-alpine script: - shellcheck --shell=bash PKGBUILD debian/apparmor.d.postinst debian/apparmor.d.postrm golangci-lint: stage: lint image: golangci/golangci-lint script: - cd src && golangci-lint run goreport: stage: lint image: golang before_script: - cd /tmp - git clone https://github.com/gojp/goreportcard.git - cd goreportcard - make install - go install ./cmd/goreportcard-cli - cd $CI_PROJECT_DIR script: - goreportcard-cli -v -t 90 sast: stage: lint # Package Build # ------------- archlinux: stage: build image: registry.gitlab.com/archlex/packages/builders/arch script: - updpkgsums - sudo pacman -Syu --noconfirm --noprogressbar - makepkg -s --noconfirm --noprogressbar artifacts: expire_in: 1 day paths: - $PKGDEST/* debian: stage: build image: registry.gitlab.com/archlex/packages/builders/debian script: - VERSION="$(date +%y.%m%d)-1" - mkdir -p "$PKGDEST" - sudo apt-get update -q && sudo apt-get install -y config-package-dev rsync - dch --newversion=$VERSION --urgency=medium --distribution=stable --controlmaint "Release $VERSION" - dpkg-buildpackage -b -d --no-sign - mv ../*.deb $PKGDEST/ artifacts: expire_in: 1 day paths: - $PKGDEST/*.deb # Profile Preprocessing # --------------------- preprocess-archlinux: stage: preprocess image: archlinux dependencies: - archlinux script: - pacman -Syu --noconfirm --noprogressbar apparmor - pacman -U --noconfirm --noprogressbar --overwrite etc/apparmor.d/tunables/global --overwrite etc/apparmor.d/tunables/xdg-user-dirs $PKGDEST/* - apparmor_parser --preprocess /etc/apparmor.d 1> /dev/null preprocess-debian: stage: preprocess image: debian dependencies: - debian script: - apt-get update -q - apt-get install -y apparmor apparmor-profiles - dpkg --install $PKGDEST/* - apparmor_parser --preprocess /etc/apparmor.d 1> /dev/null