Upgrade to GitLab CI 13.0 by removing only/except

Only/except statements are replaced by rules statements in the new GitLab CI yaml.

.gitlab-ci.yml

@@ -42,11 +42,6 @@ stages:
     #      - build/
     #      - generated/
     policy: pull-push
-  only:
-    - master
-    - development
-    - merge_requests
-    - pushes
 
 .gitlab_reporter:
   stage: gitlab reports
@@ -58,12 +53,12 @@ stages:
 gradle_build:
   extends: .build_cached
   stage: build 1
-  only:
-    - master
-    - development
-    - merge_requests
-    - pushes
-    - triggers
+  rules:
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID ||
+        $CI_PIPELINE_SOURCE == "push" ||
+        $CI_PIPELINE_SOURCE == "trigger"
   cache:
     policy: pull-push
   artifacts:
@@ -79,12 +74,13 @@ gradle_build:
 generate_pom:
   extends: .build_cached
   stage: build 2
-  only:
-    - master
-    - development
-    - merge_requests
-  except:
-    - triggers
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger" ||
+        $CI_MERGE_REQUEST_EVENT_TYPE == "merge_train"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID
   needs:
     - gradle_build
   artifacts:
@@ -103,18 +99,34 @@ gradle_test:
   stage: test
   needs:
     - gradle_build
-  except:
-    - triggers
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID ||
+        $CI_PIPELINE_SOURCE == "push"
   cache:
     policy: pull-push
+  coverage: '/Code coverage: \d+\.\d+/'
   artifacts:
-    name: build
+    name: Coverage report
     expire_in: 6 hours
     paths:
-      - build/
+      - codecov/
+    reports:
+      junit: build/test-results/test/TEST-*.xml
+      cobertura: build/reports/jacoco/test/jacocoTestReport.xml
   script:
     - ./gradlew test
+  after_script:
+    # Rerun with none of the dependent tasks to ensure creation of the report
+    # without having to recheck whether the code has compiled (it has in build cache).
+    - ./gradlew jacocoTestReport -x processResources -x compileJava -x classes --rerun-tasks
 
+    # Print out the coverage percentage from the test report.
+    - awk -F"," '{ instructions += $4 + $5; covered += $5 } END { print covered, "/", instructions, " instructions covered"; print "Code coverage:", 100*covered/instructions }' build/reports/jacoco/test/jacocoTestReport.csv || true
+    - cp -r build/reports codecov
 
 
 # Run spotless
@@ -122,8 +134,13 @@ gradle_spotless:
   extends: .build_cached
   needs:
     - gradle_build
-  except:
-    - triggers
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID ||
+        $CI_PIPELINE_SOURCE == "push"
   artifacts:
     name: spotless
     expose_as: Spotless Diagnosis
@@ -142,67 +159,28 @@ gradle_licenses:
   extends: .build_cached
   needs:
     - gradle_build
-  except:
-    - triggers
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID ||
+        $CI_PIPELINE_SOURCE == "push"
   stage: review
   script:
     - ./gradlew licenseMain
     - ./gradlew licenseTest
 
-
-
-# Publish jacoco test report
-publish_jacoco_report:
-  extends: .build_cached
-  needs:
-    - gradle_test
-  except:
-    - triggers
-  stage: publish
-  coverage: '/Code coverage: \d+\.\d+/'
-  artifacts:
-    name: codecov
-    expose_as: Code coverage report
-    expire_in: 7 days
-    paths:
-      - codecov/
-  script:
-    # Rerun with none of the dependent tasks to ensure creation of the report
-    # without having to recheck whether the code has compiled (it has in build cache).
-    - ./gradlew jacocoTestReport -x processResources -x compileJava -x classes --rerun-tasks
-  after_script:
-    # Print out the coverage percentage from the test report.
-    - awk -F"," '{ instructions += $4 + $5; covered += $5 } END { print covered, "/", instructions, " instructions covered"; print "Code coverage:", 100*covered/instructions }' build/reports/jacoco/test/jacocoTestReport.csv
-    - cp -r build/reports codecov
-
-
-
-# Publish the test failure/pass report
-publish_test_report:
-  extends: .build_cached
-  needs:
-    - gradle_test
-  except:
-    - triggers
-  stage: publish
-  artifacts:
-    reports:
-      junit: TEST-*.xml
-  allow_failure: true
-  script:
-    - cp build/test-results/test/TEST-*.xml ./
-
-
-# Publish the JAR for Labracore
+# Publish the JAR for Librador
 publish_jar:
   extends: .build_cached
   stage: publish
-  only:
-    - master
-    - development
-    - merge_requests
-    - pushes
-    - triggers
+  rules:
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID ||
+        $CI_PIPELINE_SOURCE == "push" ||
+        $CI_PIPELINE_SOURCE == "trigger"
   needs:
     - gradle_build
   artifacts:
@@ -219,10 +197,10 @@ publish_jar:
 publish_maven:
   extends: .build_cached
   stage: publish
-  only:
-    - master
-  except:
-    - triggers
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master"
   needs:
     - gradle_build
   script:
@@ -231,7 +209,6 @@ publish_maven:
 
 # Include templates for security scans and code quality reports
 include:
-  - template: Jobs/Code-Quality.gitlab-ci.yml
   - template: Security/DAST.gitlab-ci.yml
   - template: Security/Container-Scanning.gitlab-ci.yml
   - template: Security/Dependency-Scanning.gitlab-ci.yml
@@ -243,13 +220,29 @@ code_quality:
   extends:
     - .build_cached
     - .gitlab_reporter
-  only:
-    - master
-    - development
-    - merge_requests
-  except:
-    - triggers
-  stage: gitlab reports
+  image: docker:stable
+  services:
+    - docker:stable-dind
+  allow_failure: true
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger" ||
+        $CI_MERGE_REQUEST_EVENT_TYPE == "merge_train"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID
+  script:
+    - rm -r build/ out/ target/ .idea/ .gradle/ || true
+    - docker run
+      --env SOURCE_CODE="$PWD"
+      --env CODECLIMATE_DEBUG="1"
+      --volume "$PWD":/code
+      --volume /var/run/docker.sock:/var/run/docker.sock
+      "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.9" /code
+  artifacts:
+    reports:
+      codequality: gl-code-quality-report.json
+    expire_in: 1 week
 
 # Runs the SAST reporter manually
 # (there was a problem with running this from the template with Java 11,
@@ -259,22 +252,22 @@ sast:
     - .build_cached
     - .gitlab_reporter
   image: docker:stable
-  only:
-    - master
-    - development
-    - merge_requests
-  except:
-    - triggers
+  services:
+    - docker:stable-dind
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger" ||
+        $CI_MERGE_REQUEST_EVENT_TYPE == "merge_train"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID
   needs:
     - generate_pom
   dependencies:
     - generate_pom
   before_script:
     - rm build.gradle* gradlew gradlew.bat
-    - cat pom.xml
   allow_failure: true
-  services:
-    - docker:stable-dind
   script:
     - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
     - docker run
@@ -295,14 +288,13 @@ dast:
   extends:
     - .build_cached
     - .gitlab_reporter
-  only:
-    - master
-    - development
-    - merge_requests
-  except:
-    - triggers
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger" ||
+        $CI_MERGE_REQUEST_EVENT_TYPE == "merge_train"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master"
+      when: manual
   stage: gitlab reports
-  when: manual
   variables:
     DAST_VERSION: latest
 
@@ -313,14 +305,14 @@ container_scanning:
   extends:
     - .build_cached
     - .gitlab_reporter
-  only:
-    - master
-    - development
-    - merge_requests
-  except:
-    - triggers
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger" ||
+        $CI_MERGE_REQUEST_EVENT_TYPE == "merge_train"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development"
+      when: manual
   stage: gitlab reports
-  when: manual
   before_script:
     - export DOCKER_USER=$CI_REGISTRY_USER
     - export DOCKER_PASSWORD=$CI_REGISTRY_PASSWORD
@@ -330,12 +322,13 @@ dependency_scanning:
   extends:
     - .build_cached
     - .gitlab_reporter
-  only:
-    - master
-    - development
-    - merge_requests
-  except:
-    - triggers
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger" ||
+        $CI_MERGE_REQUEST_EVENT_TYPE == "merge_train"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID
   needs:
     - generate_pom
   dependencies:
@@ -352,16 +345,17 @@ license_scanning:
   extends:
     - .build_cached
     - .gitlab_reporter
-  only:
-    - master
-    - development
-    - merge_requests
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "trigger" ||
+        $CI_MERGE_REQUEST_EVENT_TYPE == "merge_train"
+      when: never
+    - if: $CI_COMMIT_BRANCH == "master" ||
+        $CI_COMMIT_BRANCH == "development" ||
+        $CI_MERGE_REQUEST_ID
   needs:
     - generate_pom
   dependencies:
     - generate_pom
-  except:
-    - triggers
   stage: gitlab reports
   before_script:
     - rm build.gradle* gradlew gradlew.bat