Samir Boulahtit
56bd302361
Onboarding fixes: - Add missing background task trigger for order sync (step 4) - Import process_historical_import task in onboarding API GitLab migration: - Update audit rules to support both GitHub and GitLab paths - Add .gitlab-ci.yml with lint, test, security, build stages - Add merge request template (.gitlab/merge_request_templates/default.md) - Update validate_audit.py to check for GitLab equivalents 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
113 lines
2.3 KiB
YAML
113 lines
2.3 KiB
YAML
# GitLab CI/CD Configuration
|
|
# =========================
|
|
|
|
stages:
|
|
- lint
|
|
- test
|
|
- security
|
|
- build
|
|
|
|
variables:
|
|
PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
|
|
PYTHON_VERSION: "3.11"
|
|
|
|
# Cache dependencies between jobs
|
|
cache:
|
|
paths:
|
|
- .cache/pip
|
|
- .venv/
|
|
|
|
# Lint Stage
|
|
# ----------
|
|
|
|
ruff:
|
|
stage: lint
|
|
image: python:${PYTHON_VERSION}
|
|
before_script:
|
|
- pip install uv
|
|
- uv sync --frozen
|
|
script:
|
|
- .venv/bin/ruff check .
|
|
rules:
|
|
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
|
|
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
|
|
|
# Test Stage
|
|
# ----------
|
|
|
|
pytest:
|
|
stage: test
|
|
image: python:${PYTHON_VERSION}
|
|
before_script:
|
|
- pip install uv
|
|
- uv sync --frozen
|
|
script:
|
|
- .venv/bin/python -m pytest tests/ -v --tb=short
|
|
coverage: '/TOTAL.*\s+(\d+%)/'
|
|
artifacts:
|
|
reports:
|
|
junit: report.xml
|
|
coverage_report:
|
|
coverage_format: cobertura
|
|
path: coverage.xml
|
|
rules:
|
|
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
|
|
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
|
|
|
architecture:
|
|
stage: test
|
|
image: python:${PYTHON_VERSION}
|
|
before_script:
|
|
- pip install uv
|
|
- uv sync --frozen
|
|
script:
|
|
- .venv/bin/python scripts/validate_architecture.py
|
|
rules:
|
|
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
|
|
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
|
|
|
# Security Stage
|
|
# --------------
|
|
|
|
dependency_scanning:
|
|
stage: security
|
|
image: python:${PYTHON_VERSION}
|
|
before_script:
|
|
- pip install pip-audit
|
|
script:
|
|
- pip-audit --requirement requirements.txt || true
|
|
allow_failure: true
|
|
rules:
|
|
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
|
|
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
|
|
|
audit:
|
|
stage: security
|
|
image: python:${PYTHON_VERSION}
|
|
before_script:
|
|
- pip install uv
|
|
- uv sync --frozen
|
|
script:
|
|
- .venv/bin/python scripts/validate_audit.py
|
|
allow_failure: true
|
|
rules:
|
|
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
|
|
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
|
|
|
# Build Stage
|
|
# -----------
|
|
|
|
docs:
|
|
stage: build
|
|
image: python:${PYTHON_VERSION}
|
|
before_script:
|
|
- pip install uv
|
|
- uv sync --frozen
|
|
script:
|
|
- .venv/bin/mkdocs build
|
|
artifacts:
|
|
paths:
|
|
- site/
|
|
rules:
|
|
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|