.gitlab-ci.yml

image: docker:latest

services:
  - docker:dind

variables:
  POSTGRES_ENABLED: "false"
  DOCKER_DRIVER: overlay2
  DOCKER_TLS_CERTDIR: ""  # https://gitlab.com/gitlab-org/gitlab-runner/issues/4501
  ROLLOUT_RESOURCE_TYPE: deployment

stages:
  - build
  - test
  - cfuzz
  - review
  - staging
  - canary
  - production
  - dast
  - fuzz
  - incremental rollout 10%
  - incremental rollout 25%
  - incremental rollout 50%
  - incremental rollout 100%
  - cleanup


include:  
  - template: Jobs/Build.gitlab-ci.yml
  - template: Jobs/Code-Quality.gitlab-ci.yml
  - template: Jobs/Deploy.gitlab-ci.yml
  - template: Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml
  - template: Security/DAST.gitlab-ci.yml
  - template: Security/Container-Scanning.gitlab-ci.yml
  - template: Security/Dependency-Scanning.gitlab-ci.yml
  - template: Security/License-Scanning.gitlab-ci.yml
  - template: Security/SAST.gitlab-ci.yml
  - template: Security/Secret-Detection.gitlab-ci.yml


build:
  stage: build
  variables:
    IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
  script:
    - docker info
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - docker build -t $IMAGE .
    - docker push $IMAGE

unit:
  image: python:3
  stage: test
  script:
    - apt update -y
    - apt install libmariadb3 libmariadb-dev sqlite3 libsqlite3-dev -y
    - pip3 install -r requirements.txt
    - python -m unittest tests/test_db.py

# ensuring that our image is updated before running dependency scanning
gemnasium-python-dependency_scanning:
  before_script:
    - apt update
    - apt install libmariadb3 libmariadb-dev sqlite3 libsqlite3-dev -y