java-sorting-algorithms/.gitlab-ci.yml at master · maciek1839/java-sorting-algorithms · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
default:
  image: amazoncorretto:21
  before_script:
    - chmod +x mvnw
    - export MAVEN_OPTS="-Dmaven.repo.local=${CI_PROJECT_DIR}/.m2/"
    # required by Maven Wrapper
    # ./mvnw: line 253: tar: command not found
    - yum install -y tar gzip

# Static Application Security Testing (SAST) is a frequently used Application Security (AppSec) tool,
# which scans an application’s source, binary, or byte code.
# https://www.microfocus.com/en-us/what-is/sast
include:
  - template: Security/SAST.gitlab-ci.yml

semgrep-sast:
  before_script:
    - chmod +x mvnw
    - export MAVEN_OPTS="-Dmaven.repo.local=${CI_PROJECT_DIR}/.m2/"

spotbugs-sast:
  before_script:
    - chmod +x mvnw
    - export MAVEN_OPTS="-Dmaven.repo.local=${CI_PROJECT_DIR}/.m2/"
  variables:
    SAST_ANALYZER_IMAGE_TAG: "6"
    SAST_JAVA_VERSION: "21"

variables:
  SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
  GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task

stages:
  - test
  - build
  - analysis
  - deploy

test:
  stage: test
  script:
    - ./mvnw verify $MAVEN_OPTS
    - cat target/site/jacoco/index.html | grep -o '<tfoot>.*</tfoot>'
  coverage: '/Total.*?([0-9]{1,3})%/'
  artifacts:
    paths:
      - target/site/jacoco/*
    reports:
      junit:
        - "**/target/surefire-reports/TEST-*.xml"
        - "**/target/failsafe-reports/TEST-*.xml"
    expire_in: 1 hour

mutation-test:
  stage: test
  script:
    - ./mvnw test-compile org.pitest:pitest-maven:mutationCoverage $MAVEN_OPTS
  artifacts:
    paths:
      - target/pit-reports/*
    expire_in: 1 hour

build:
  stage: build
  script:
    - ./mvnw clean package -DskipTests $MAVEN_OPTS
  artifacts:
    paths:
      - target/*.jar
    expire_in: 1 hour

sonarcloud-check:
  stage: analysis
  when: manual
  cache:
    key: "${CI_JOB_NAME}"
    paths:
      - .sonar/cache
  script:
    - ./mvnw verify sonar:sonar -Dsonar.projectKey=ShowMeYourCodeYouTube_java-sorting-algorithms
  allow_failure: true
  only:
    - merge_requests
    - master

jmh-benchmark:
  stage: analysis
  script:
    - cp target/*-jar-with-dependencies.jar target/jmh-benchmark.jar
    - java -cp target/jmh-benchmark.jar com.showmeyourcode.projects.algorithms.launcher.AlgorithmsMicrobenchmark

pages:
  stage: deploy
  script:
    - echo 'Cleaning old pages'
    - rm -rf public
    - ls -la
    - mkdir -p public/test-report && cp -r target/site/jacoco/* public/test-report
    - mkdir -p public/pitest-report && cp -r target/pit-reports/* public/pitest-report
    - ls -la ./public
  artifacts:
    paths:
      - public
    expire_in: 1 hour
  only:
    - master