Legacy Pipeline

Source code: Old Pipeline.

Stages

The pipeline executes in the following order:

1. build - Validates project structure via q2 check

2. test - Runs tests, linting, and security review

3. mirror - Mirrors to internal GitLab

4. dockerize - Builds Docker images (main/master/production only)

5. scan - Security and license scanning

6. deploy - Deploys to staging (main/master only)

Test Stage

• q2 test - Runs the project test suite

• q2 lint - Code linting (allowed to fail)

• review buddy - Security analysis on merge requests (see Security Tools)

Scan Stage

• License scanning - Checks Python and JavaScript dependencies for blocked licenses (see License Scanning)

• bandit-security-scan - Python security vulnerability scanning (see Security Tools)

• sqlfluff-scan - SQL linting with T-SQL dialect

Merge Request Jobs

Several jobs only run on merge requests: review buddy, license scans, bandit, and sqlfluff. These provide feedback before code is merged without blocking the main branch pipeline.