Skip to content
Snippets Groups Projects
C

common-ci-tasks

Project ID: 7091227
Select Git revision
  • renovate-mise-install
  • main default protected
  • renovate/python-3.x
  • renovate/python-cpython-3.x
  • renovate/checkov-patch
  • renovate/jdx-mise-2025.x
  • renovate/nodejs-node-20.x
  • renovate/nodejs-node-22.x
  • mattmi/use-system-ruby-on-3
  • mhoidt
  • rocketgirl/test-new-container
  • fix/golangci-lint-versions
  • tmillhouse/bump-renovate-image-version
  • mattmi/allow-running-cookbook-publisher-as-a-bundled-gem
  • mattmi/fix-cookbook-publish-on-ruby-3
  • ktchernov-main-patch-deda
  • mattmi/move-chef-jobs-out-of-templates
  • an/2024-11-06-conversely-pleasant-wasp
  • bvl/use-our-containers-when-possible
  • diagnosing-dev-env-issues
  • v2
  • v2.62
  • v2.62.0
  • v2.61
  • v2.61.1
  • v2.61.0
  • v2.60
  • v2.60.0
  • v2.59
  • v2.59.0
  • v2.58
  • v2.58.1
  • v2.58.0
  • v2.57
  • v2.57.5
  • v2.57.4
  • v2.57.3
  • v2.57.2
  • v2.57.1
  • v2.57.0
40 results
  • Clone with SSH
  • Clone with HTTPS
  • user avatar
    renovate-bot authored
    chore(deps): update pre-commit hook gitlab-com/gl-infra/common-ci-tasks to v2.62
    
    See merge request gitlab-com/gl-infra/common-ci-tasks!931
    539a6b6e
    History
    Name Last commit Last update
    docs
    internal
    scripts
    src/pre_commit
    templates
    test
    .copier-answers.yml
    .editorconfig
    .gitignore
    .gitlab-ci-asdf-versions.yml
    .gitlab-ci-default-asdf-versions.yml
    .gitlab-ci-other-versions.yml
    .gitlab-ci.yml
    .gitleaks.toml
    .mise.toml
    .pre-commit-config.yaml
    .pre-commit-hooks.yaml
    .releaserc.json
    .tool-versions
    .yamllint.yaml
    CODEOWNERS
    Dockerfile.asdf
    Dockerfile.mise
    Dockerfile.renovate
    LICENSE
    README.md
    appsec-container-scan.md
    appsec-container-scan.yml
    asdf-tool-versions.md
    asdf-tool-versions.yml
    autolabels.md
    autolabels.yml
    checkov.md
    checkov.yml
    container-diff.md
    container-diff.yml
    danger.md
    danger.yml
    docker.md
    docker.yml
    editorconfig-check.md
    editorconfig-check.yml
    gitlab-scanners.md
    gitlab-scanners.yml
    gitleaks.md
    gitleaks.yml
    gitlint.md
    gitlint.yml
    go-mod-tidy.md
    go-mod-tidy.yml
    go-unittests.md
    go-unittests.yml
    go.mod
    golangci-lint.md
    golangci-lint.yml
    goreleaser.md
    goreleaser.yml
    hclfmt.md
    hclfmt.yml
    jsonfmt.md
    jsonfmt.yml
    kaniko.md
    kaniko.yml
    mirroring.md
    mirroring.yml
    oidc.md
    oidc.yml
    poetry.lock
    promlint.md
    promlint.yml
    pyproject.toml
    renovate-automerge.json
    renovate-bot.md
    renovate-bot.yml
    renovate-common.json
    renovate-no-truncated-versions.json
    renovate-truncated-versions.json
    renovate-versions-dedicated.json
    renovate-versions-gitlab-com.json
    renovate.json
    semantic-release.md
    semantic-release.yml
    shellcheck.md
    shellcheck.yml
    shfmt.md
    shfmt.yml
    terraform-format.md
    terraform-format.yml
    terraform-module-publish.md
    terraform-module-publish.yml
    terraform-validate.md
    terraform-validate.yml
    tflint.md
    tflint.yml
    vendir.md
    vendir.yml
    yamlfmt.md
    yamlfmt.yml
    yamllint.md
    yamllint.yml

    common-ci-tasks

    This project includes reuseable GitLab-CI jobs for the GitLab SaaS Platforms team.

    Setting up a new project? Use the project template.

    Developer Setup

    Looking to setup your workstation? Follow the documentation at: docs/developer-setup.md.

    Warning about Refs

    It is possible to use these templates without a ref tag when including them in your project, but this is not recommended as it may break your build process and make it non-repeatable. For example, if you revert a change, the templates will still reference the latest template which may no longer be compatible. For this reason, it's recommended you always use refs for your templates.

    Dockerhub image override

    All templates that use an upstream image from dockerhub (e.g anything without a hostname as part of the image path) by default are prefixed with docker.io. This can be changed (for example to use GitLab's dependency proxy or GCR pull through cache) when you include the templates by providing an input value for docker_hub_host like so (this example uses dependency proxy):

      - project: "gitlab-com/gl-infra/common-ci-tasks"
        ref: v2.8.0
        file: templates/standard.yml
        inputs:
          docker_hub_host: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}

    Templates

    It is preferable to use templates over individual CI jobs as it reduces clutter, increases standardization and improves consistency across projects. Additionally, new functionality can be added to projects with only an upgrade to the ref.

    Template Include Description
    templates/standard.yml This template should be included in all Infrastructure projects. It includes standard checks, gitlab-scanners, validations and release processes common to all projects using this template library.
    templates/golang.yml This template should be used for Golang projects.
    templates/terraform.yml This template should be used for Terraform projects. It performs standard validity checks against the Terraform files in the project.

    CI Jobs

    Alternatively to using the templates above, you can include the following individual jobs.

    Include Description
    gitlab-scanners.yml This adds various GitLab SAST, Dependency Scanner, Secret Detection, Licence Scanning, Container Scanning and IAC Scanner tools.
    asdf-tool-versions Checks that the .tool-versions file is synced with .gitlab-ci-asdf-versions.yml, that all the plugins are declared in ./scripts/install-asdf-plugins.sh and that ASDF is generally working.
    editorconfig-check.yml This job ensures that the repository adheres to the EditorConfig rules for the project.
    go-mod-tidy.yml Ensures that go mod tidy is up-to-date and go.mod and go.sum are tidy.
    go-unittests.yml Runs unit tests to ensure and emits a JUnit XML report for GitLab.
    golangci-lint.yml Runs golangci-lint on the project.
    goreleaser.yml Including this template will build a binary release of the project using GoReleaser.
    renovate-bot.yml Runs renovatebot against the project to automatically upgrade dependencies.
    semantic-release.yml This job will run semantic-release on your repository. This allows the repository to be automatically tagged based on conventional commit messages.
    shellcheck.yml Performs linting for shell scripts using Shellcheck.
    shfmt.yml Validates that shell-scripts use a canonical formatting.
    terraform-format.yml Runs terraform fmt to ensure that all Terraform files are correctly formatted.
    terraform-validate.yml Runs terraform validate to ensure that all Terraform files are valid.
    tflint.yml Runs tflint across all directories that contain *.tf files.

    Project Template

    common-ci-tasks favours convention-over-configuration, and expects configuration files and some directories to be configured in a certain way. The quickest way to get going on a new project is to use the common-template-copier project template to generate a new project based on the conventions expected by these CI tasks.

    More information on using project templates can be found in the project templates documentation..

    Developing Templates

    Testing

    The project https://gitlab.com/gitlab-com/gl-infra/common-ci-task-tests is a test-bed for the tasks in this project. When a template is changed, a downstream CI/CD pipeline will be initiated in the common-ci-task-tests project, running the current branch of common-ci-task-tests.

    This provides some basic testing of functionality. Over time, these unit tests should be expanded to include more edge-cases and more templates.