From 0ef008d5c51cc689bccf1b006a4f72097c082075 Mon Sep 17 00:00:00 2001
From: librelois <c@elo.tf>
Date: Thu, 25 Feb 2021 04:22:55 +0100
Subject: [PATCH] ci: create gitlab ci

---
 .gitlab-ci.yml            | 46 +++++++++++++++++++++++++++++++++++
 deny.toml                 | 50 +++++++++++++++++++++++++++++++++++++++
 native/dubp_rs/Cargo.toml |  1 +
 3 files changed, 97 insertions(+)
 create mode 100644 .gitlab-ci.yml
 create mode 100644 deny.toml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..e5e87ec
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,46 @@
+stages:
+  - format
+  - build_and_test
+  - quality
+
+.env:
+  image: axiomteam/gecko-ci:v0.0.5
+  tags:
+    - redshift
+  before_script:
+    - rustup show
+    - rustc --version && cargo --version
+
+format:
+  extends: .env
+  stage: format
+  script:
+    - cargo fmt -- --version
+    - cargo fmt -- --check
+    - flutter format --set-exit-if-changed lib packages/dubp_rs/lib/dubp.dart
+        
+build_and_test:
+  extends: .env
+  stage: build_and_test
+  tags:
+    - redshift
+  script: 
+    - RUSTFLAGS="-D warnings" cargo make
+    - cd packages/dubp_rs && flutter pub get && cd ../..
+    - flutter analyze
+    - cargo test
+    # - flutter test
+
+lint:
+  extends: .env
+  stage: quality
+  script:
+    - cargo clippy -- -V
+    - cargo clippy --all --tests -- -D warnings --verbose
+    
+audit_dependencies:
+  extends: .env
+  stage: quality
+  script:
+    - cargo deny -V
+    - cargo deny check
diff --git a/deny.toml b/deny.toml
new file mode 100644
index 0000000..7ea098a
--- /dev/null
+++ b/deny.toml
@@ -0,0 +1,50 @@
+[bans]
+multiple-versions = "warn"
+deny = [
+    # color-backtrace is nice but brings in too many dependencies and that are often outdated, so not worth it for us.
+    { name = "color-backtrace" },
+
+    # deprecated
+    { name = "quickersort" },
+
+    # term is not fully maintained, and termcolor is replacing it
+    { name = "term" },
+]
+skip-tree = [ 
+    { name = "winapi", version = "<= 0.3" },
+]
+
+[licenses]
+unlicensed = "deny"
+# We want really high confidence when inferring licenses from text
+confidence-threshold = 0.92
+allow = [
+    "AGPL-3.0",
+    "Apache-2.0",
+    "BSD-2-Clause",
+    "BSD-3-Clause",
+    "CC0-1.0",
+    "ISC",
+    "MIT",
+    "MPL-2.0",
+    "OpenSSL",
+    "Zlib"
+]
+
+[[licenses.clarify]]
+name = "ring"
+# SPDX considers OpenSSL to encompass both the OpenSSL and SSLeay licenses
+# https://spdx.org/licenses/OpenSSL.html
+# ISC - Both BoringSSL and ring use this for their new files
+# MIT - "Files in third_party/ have their own licenses, as described therein. The MIT
+# license, for third_party/fiat, which, unlike other third_party directories, is
+# compiled into non-test libraries, is included below."
+# OpenSSL - Obviously
+expression = "ISC AND MIT AND OpenSSL"
+license-files = [
+    { path = "LICENSE", hash = 0xbd0eed23 },
+]
+
+[sources]
+unknown-registry = "deny"
+unknown-git = "deny"
diff --git a/native/dubp_rs/Cargo.toml b/native/dubp_rs/Cargo.toml
index 5747628..8d19598 100644
--- a/native/dubp_rs/Cargo.toml
+++ b/native/dubp_rs/Cargo.toml
@@ -2,6 +2,7 @@
 name = "dubp_rs"
 version = "0.1.0"
 authors = ["Éloïs SANCHEZ <elois@duniter.org>"]
+license = "AGPL-3.0"
 edition = "2018"
 
 [lib]