erichardson/py-eagle-mqtt
1
0
Fork 0
Code Issues 1 Pull Requests 5 Actions Packages Projects Releases 11 Wiki Activity

Merge branch 'set-sast-config-1' into 'master'

Browse Source 
Set .gitlab-ci.yml to enable or configure SAST

See merge request erichardson/py-eagle-mqtt!1
This commit was merged in pull request #2.
This commit is contained in:
Evan Richardson
2021-04-02 21:27:26 +00:00
parent 30d300c7fd 8f25241cc8
commit 0f2098d884
1 changed files with 45 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
.gitlab-ci.yml
View File

@@ -1,45 +1,39 @@
# You can override the included template(s) by including variable overrides
# See https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#priority-of-environment-variables
stages:
- test
- build
- push_local
- push_dockerhub
.docker_base:
image: docker:18.09.7-dind image: docker:18.09.7-dind
services: services:
- docker:18.09.7-dind - docker:18.09.7-dind
variables: variables:
DOCKER_DRIVER: overlay DOCKER_DRIVER: overlay
DOCKER_HOST: tcp://localhost:2375/ DOCKER_HOST: tcp://localhost:2375/
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG IMAGE_TAG: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
FF_GITLAB_REGISTRY_HELPER_IMAGE: 1 FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
stages:
- build
- push_local
- push_dockerhub
before_script: before_script:
- docker version - docker version
- docker info - docker info
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
build: build:
extends:
- .docker_base
stage: build stage: build
# image: docker:18.09.7-dind
# services:
# - docker:18.09.7-dind
# variables:
# DOCKER_DRIVER: overlay
# DOCKER_HOST: tcp://localhost:2375/
# IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
# FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
# before_script:
# - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
script: script:
- docker build --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA ./Docker/ - docker build --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA ./Docker/
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
#- docker login registry.evanrichardsonphotography.com
#- docker build -t registry.evanrichardsonphotography.com/erichardson/py-eagle-mqtt ./Docker/
#- docker push registry.evanrichardsonphotography.com/erichardson/py-eagle-mqtt
#- ls
#- docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" ./Docker/
#- docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
push local: push local:
extends:
- .docker_base
stage: push_local stage: push_local
variables: variables:
GIT_STRATEGY: none GIT_STRATEGY: none
@@ -51,11 +45,13 @@ push local:
- docker push $CI_REGISTRY_IMAGE:latest - docker push $CI_REGISTRY_IMAGE:latest
push dockerhub: push dockerhub:
extends:
- .docker_base
stage: push_dockerhub stage: push_dockerhub
variables: variables:
GIT_STRATEGY: none GIT_STRATEGY: none
CI_DOCKERHUB_IMAGE: "index.docker.io/evanrich/py-eagle-mqtt" CI_DOCKERHUB_IMAGE: index.docker.io/evanrich/py-eagle-mqtt
CI_DOCKERHUB_REGISTRY: "docker.io" CI_DOCKERHUB_REGISTRY: docker.io
only: only:
- master - master
script: script:
@@ -63,3 +59,8 @@ push dockerhub:
- docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
- docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY - docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
- docker push $CI_DOCKERHUB_IMAGE:latest - docker push $CI_DOCKERHUB_IMAGE:latest
sast:
stage: test
include:
- template: Security/SAST.gitlab-ci.yml