--- include: - template: Security/SAST.gitlab-ci.yml variables: PKGDEST: $CI_PROJECT_DIR/packages PACKAGER: 'Alexandre Pujol ' stages: - lint - test - build - preprocess # Code Linter # ----------- bash: stage: lint image: koalaman/shellcheck-alpine script: - shellcheck --shell=bash PKGBUILD configure pick debian/apparmor.d.postinst debian/apparmor.d.postrm golangci-lint: stage: lint image: golangci/golangci-lint script: - golangci-lint run sast: stage: lint # Code test # --------- tests: stage: test image: golang script: - echo '#!/usr/bin/env bash\nexit 0' > /usr/bin/journalctl - go test ./cmd/aa-log -v -cover # Package Build # ------------- archlinux: stage: build image: registry.gitlab.com/archlex/packages/builders/archlinux script: - sudo pacman -Syu --noconfirm --noprogressbar lsb-release - makepkg -s --noconfirm --noprogressbar artifacts: expire_in: 1 day paths: - $PKGDEST/* debian: stage: build image: registry.gitlab.com/archlex/packages/builders/debian script: - VERSION="$(date +%y.%m%d)-1" - mkdir -p "$PKGDEST" - sudo apt-get update -q && sudo apt-get install -y golang-go lsb-release config-package-dev rsync - dch --newversion=$VERSION --urgency=medium --distribution=stable --controlmaint "Release $VERSION" - dpkg-buildpackage -b -d --no-sign - mv ../*.deb $PKGDEST/ artifacts: expire_in: 1 day paths: - $PKGDEST/*.deb # Profile Preprocessing # --------------------- preprocess-archlinux: stage: preprocess image: archlinux dependencies: - archlinux script: - pacman -Syu --noconfirm --noprogressbar apparmor - pacman -U --noconfirm --noprogressbar --overwrite etc/apparmor.d/tunables/global --overwrite etc/apparmor.d/tunables/xdg-user-dirs $PKGDEST/* - apparmor_parser --preprocess /etc/apparmor.d 1> /dev/null preprocess-debian: stage: preprocess image: debian dependencies: - debian script: - apt-get update -q - apt-get install -y apparmor apparmor-profiles - dpkg --install $PKGDEST/* - apparmor_parser --preprocess /etc/apparmor.d 1> /dev/null