Q2Developer Pipeline

The Q2Developer pipeline runs on code.q2developer.com and provides CI/CD for SDK projects. It is defined in sdk/deploy/gitlab-ci/.gitlab-shared-ci.yml.

Overview

The pipeline automates building, testing, scanning, and deploying SDK projects. It enforces code quality standards, security checks, and license compliance before code reaches production.

Pipeline Stages

The pipeline executes in the following order:

  1. build - Validates project structure via q2 check

  2. test - Runs tests, linting, and security review

  3. mirror - Mirrors to internal GitLab

  4. dockerize - Builds Docker images (main/master/production only)

  5. scan - Security and license scanning

  6. deploy - Deploys to staging (main/master only)

Test Stage

  • q2 test - Runs the project test suite

  • q2 lint - Code linting (allowed to fail)

  • review buddy - Security analysis on merge requests (see Security Tools)

Scan Stage

  • License scanning - Checks Python and JavaScript dependencies for blocked licenses (see License Scanning)

  • bandit-security-scan - Python security vulnerability scanning (see Security Tools)

  • sqlfluff-scan - SQL linting with T-SQL dialect

Merge Request Jobs

Several jobs only run on merge requests: review buddy, license scans, bandit, and sqlfluff. These provide feedback before code is merged without blocking the main branch pipeline.