.gitlab-ci.yml

image: registry.gitlab.com/kolanich/fixed_python:latest

build:
  tags:
    - shared
  stage: build
  variables:
    GIT_DEPTH: "1"
    PYTHONUSERBASE: ${CI_PROJECT_DIR}/python_user_packages

  before_script:
    - export PATH="$PATH:$PYTHONUSERBASE/bin" # don't move into `variables`
  cache:
    paths:
      - /usr/local/site-packages
      - /usr/local/lib/python*/site-packages

  script:
    - pypy3 setup.py bdist_wheel
    - pip3 install --user --upgrade ./dist/*.whl
    - cd ./tests
    #- coverage run -a --source=AptSourcesList -m pytest --junitxml=./rspec.xml --forked ./test*.py
    #- coverage report -m || true
    #- coveralls || true
    #- codecov || true
    #- cd ..
    - mkdir wheels
    - mv ./dist/*.whl ./wheels/AptSourcesList-0.CI-py3-none-any.whl

  artifacts:
    paths:
      - wheels
      - $PYTHONUSERBASE
    reports:
      junit: ./rspec.xml

checks:
  stage: test
  tags:
    - shared
  image: docker:latest
  variables:
    DOCKER_DRIVER: overlay2
  allow_failure: true
  services:
    - docker:dind
  script:
    - docker run --env SAST_CONFIDENCE_LEVEL=5 --volume "$PWD:/code" --volume /var/run/docker.sock:/var/run/docker.sock "registry.gitlab.com/gitlab-org/security-products/sast:latest" /app/bin/run /code
    #- docker run --env SOURCE_CODE="$PWD" --env CODECLIMATE_VERSION="latest" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock "registry.gitlab.com/gitlab-org/security-products/codequality:latest" /code
    #- docker run --env DEP_SCAN_DISABLE_REMOTE_CHECKS="${DEP_SCAN_DISABLE_REMOTE_CHECKS:-false}" --volume "$PWD:/code" --volume /var/run/docker.sock:/var/run/docker.sock "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:latest" /code

  artifacts:
    reports:
      #codequality: gl-code-quality-report.json
      sast: gl-sast-report.json
      #dependency_scanning: gl-dependency-scanning-report.json