GitLab CI
The same three setups as the GitHub Actions guide, written for .gitlab-ci.yml.
1. Simplest: run
Install Gooze and run the whole suite. No registry, no caching.
# .gitlab-ci.yml
image: golang:1.26 # official Go image: go is already installed
mutation-testing:
script:
- go install gooze.dev/pkg/gooze@latest
- gooze run ./...3. Sharded + cached baseline
Each shard pulls the :main baseline for the cache (incremental execution), then hands its reports to the merge job as an artifact — shards never push to the registry. The merge job combines them and, only on main, publishes the single merged baseline back to :main.
image: golang:1.26
stages: [test, merge]
variables:
REPORTS_REF: "$CI_REGISTRY_IMAGE/gooze-reports:main"
# CI_JOB_TOKEN can read/write this project's container registry.
GOOZE_REGISTRY_USERNAME: "gitlab-ci-token"
GOOZE_REGISTRY_PASSWORD: "$CI_JOB_TOKEN"
test:
stage: test
parallel: 3
script:
- go install gooze.dev/pkg/gooze@latest
# Reuse the main baseline so unchanged files are skipped (the cache).
- gooze report pull "$REPORTS_REF" || echo "no baseline yet"
- gooze run -s "$((CI_NODE_INDEX - 1))/$CI_NODE_TOTAL" ./...
artifacts:
paths:
- .gooze-reports/ # handed to the merge job; no registry push here
merge:
stage: merge
dependencies: [test]
script:
- go install gooze.dev/pkg/gooze@latest
- gooze report merge
# Only main publishes the merged baseline back to the registry.
- |
if [ "$CI_COMMIT_BRANCH" = "main" ]; then
gooze report push "$REPORTS_REF"
fiAuthentication
- For the project's own container registry, use
gitlab-ci-tokenwith$CI_JOB_TOKEN(shown above), or$CI_REGISTRY_USER/$CI_REGISTRY_PASSWORD. - For another registry, set
GOOZE_REGISTRY_USERNAME/GOOZE_REGISTRY_PASSWORD(the password may be a token/PAT), or rely on the Docker credential store. - For a non-TLS or self-signed registry add
--plain-httpor--insecureto push/pull.