Update .gitlab-ci.yml file
This commit is contained in:
129
.gitlab-ci.yml
129
.gitlab-ci.yml
@@ -30,128 +30,13 @@ stages:
|
||||
#- nslookup registry.evanshome.io
|
||||
#- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
||||
|
||||
|
||||
build:
|
||||
extends:
|
||||
- .docker_base
|
||||
image: docker:20.10.16
|
||||
stage: build
|
||||
services:
|
||||
- docker:20.10.16-dind
|
||||
script:
|
||||
- nslookup registry.evanshome.io
|
||||
- echo $CI_REGISTRY_IMAGE
|
||||
#- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
||||
#- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
|
||||
#- docker pull $CI_REGISTRY_IMAGE:latest || true
|
||||
- >
|
||||
docker build
|
||||
--tag $CI_REGISTRY_IMAGE:latest
|
||||
--build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
|
||||
--build-arg VCS_REF=$CI_COMMIT_SHORT_SHA
|
||||
./Docker/
|
||||
#- docker tag $CI_REGISTRY_IMAGE:latest $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
|
||||
#- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
|
||||
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY && docker push $CI_REGISTRY_IMAGE
|
||||
#- docker push $CI_REGISTRY_IMAGE
|
||||
#- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
||||
|
||||
# push local:
|
||||
# extends:
|
||||
# - .docker_base
|
||||
# stage: push_local
|
||||
# variables:
|
||||
# GIT_STRATEGY: none
|
||||
# only:
|
||||
# - master
|
||||
# script:
|
||||
# - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
||||
# - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
|
||||
# - docker push $CI_REGISTRY_IMAGE:latest
|
||||
|
||||
# push dockerhub:
|
||||
# extends:
|
||||
# - .docker_base
|
||||
# stage: push_dockerhub
|
||||
# variables:
|
||||
# GIT_STRATEGY: none
|
||||
# CI_DOCKERHUB_IMAGE: index.docker.io/evanrich/py-eagle-mqtt
|
||||
# CI_DOCKERHUB_REGISTRY: docker.io
|
||||
# only:
|
||||
# - tags
|
||||
# script:
|
||||
# - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
||||
# - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:$CI_COMMIT_REF_NAME
|
||||
# - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
|
||||
# - docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
|
||||
# - docker push $CI_DOCKERHUB_IMAGE --all-tags
|
||||
|
||||
# release:
|
||||
# image: node:19-alpine3.15
|
||||
# stage: release
|
||||
# only:
|
||||
# refs:
|
||||
# - master
|
||||
# - alpha
|
||||
# # This matches maintenance branches
|
||||
# - /^(([0-9]+)\.)?([0-9]+)\.x/
|
||||
# # This matches pre-releases
|
||||
# - /^([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*))?(?:\+[0-9A-Za-z-]+)?$/
|
||||
# except:
|
||||
# refs:
|
||||
# - tags
|
||||
# script:
|
||||
# - touch CHANGELOG.md
|
||||
# - apk add --no-cache git
|
||||
# - npm install @semantic-release/gitlab@10.1.4 @semantic-release/changelog@6.0.2
|
||||
# @semantic-release/git@10.0.1 conventional-changelog-eslint@3.0.9
|
||||
# - npx semantic-release
|
||||
# artifacts:
|
||||
# paths:
|
||||
# - CHANGELOG.md
|
||||
|
||||
# sast:
|
||||
# stage: test
|
||||
# include:
|
||||
# - template: Security/SAST.gitlab-ci.yml
|
||||
|
||||
#sonarqube-check:
|
||||
# stage: test
|
||||
# image:
|
||||
# name: sonarsource/sonar-scanner-cli:4.7
|
||||
# entrypoint: [""]
|
||||
# variables:
|
||||
# SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
|
||||
# GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
|
||||
# cache:
|
||||
# key: "${CI_JOB_NAME}"
|
||||
# paths:
|
||||
# - .sonar/cache
|
||||
# script:
|
||||
# - sonar-scanner
|
||||
# allow_failure: true
|
||||
# only:
|
||||
# - master # or the name of your main branch
|
||||
# - branches
|
||||
|
||||
# trivy:
|
||||
# stage: test
|
||||
# extends:
|
||||
# - .docker_base
|
||||
# before_script:
|
||||
# - export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')
|
||||
# - echo $TRIVY_VERSION
|
||||
# - wget --no-verbose https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz -O - | tar -zxvf -
|
||||
# allow_failure: true
|
||||
# script:
|
||||
# # Build image
|
||||
# - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA ./Docker/
|
||||
# # Build report
|
||||
# - ./trivy --cache-dir .trivycache/ image --exit-code 0 --no-progress --format template --template "@contrib/gitlab.tpl" -o gl-container-scanning-report.json $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
||||
# # Print report
|
||||
# - ./trivy --cache-dir .trivycache/ image --exit-code 0 --no-progress --severity HIGH $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
||||
# # Fail on severe vulnerabilities
|
||||
# - ./trivy --cache-dir .trivycache/ image --exit-code 1 --severity CRITICAL --no-progress $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
||||
# cache:
|
||||
# paths:
|
||||
# - .trivycache/
|
||||
# # Enables https://docs.gitlab.com/ee/user/application_security/container_scanning/ (Container Scanning report is available on GitLab EE Ultimate or GitLab.com Gold)
|
||||
# artifacts:
|
||||
# reports:
|
||||
# container_scanning: gl-container-scanning-report.json
|
||||
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
||||
- docker build -t $CI_REGISTRY/group/project/image:latest ./Docker/
|
||||
- docker push $CI_REGISTRY/group/project/image:latest
|
||||
|
||||
Reference in New Issue
Block a user