Update .gitlab-ci.yml file

2023-12-03 01:28:37 +00:00
parent 64806b5c57
commit e2e01ab72a
1 changed files with 7 additions and 122 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -30,128 +30,13 @@ stages:
    #- nslookup registry.evanshome.io
    #- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
 build:
-  extends:
+  image: docker:20.10.16
    - .docker_base
  stage: build
  services:
    - docker:20.10.16-dind
  script:
-  - nslookup registry.evanshome.io
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-  - echo $CI_REGISTRY_IMAGE
+    - docker build -t $CI_REGISTRY/group/project/image:latest ./Docker/
-  #- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - docker push $CI_REGISTRY/group/project/image:latest
  #- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
  #- docker pull $CI_REGISTRY_IMAGE:latest || true
  - >
    docker build
    --tag $CI_REGISTRY_IMAGE:latest
    --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
    --build-arg VCS_REF=$CI_COMMIT_SHORT_SHA
    ./Docker/
  #- docker tag $CI_REGISTRY_IMAGE:latest $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
  #- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
  - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY && docker push $CI_REGISTRY_IMAGE
  #- docker push $CI_REGISTRY_IMAGE
  #- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
 # push local:
 #   extends:
 #     - .docker_base
 #   stage: push_local
 #   variables:
 #     GIT_STRATEGY: none
 #   only:
 #   - master
 #   script:
 #   - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
 #   - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
 #   - docker push $CI_REGISTRY_IMAGE:latest
 # push dockerhub:
 #   extends:
 #     - .docker_base
 #   stage: push_dockerhub
 #   variables:
 #     GIT_STRATEGY: none
 #     CI_DOCKERHUB_IMAGE: index.docker.io/evanrich/py-eagle-mqtt
 #     CI_DOCKERHUB_REGISTRY: docker.io
 #   only:
 #   - tags
 #   script:
 #   - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
 #   - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:$CI_COMMIT_REF_NAME 
 #   - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
 #   - docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
 #   - docker push $CI_DOCKERHUB_IMAGE --all-tags
 # release:
 #   image: node:19-alpine3.15
 #   stage: release
 #   only:
 #     refs:
 #     - master
 #     - alpha
 #     # This matches maintenance branches
 #     - /^(([0-9]+)\.)?([0-9]+)\.x/
 #     # This matches pre-releases
 #     - /^([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*))?(?:\+[0-9A-Za-z-]+)?$/ 
 #   except:
 #     refs:
 #       - tags
 #   script:
 #     - touch CHANGELOG.md
 #     - apk add --no-cache git
 #     - npm install @semantic-release/gitlab@10.1.4 @semantic-release/changelog@6.0.2
 #       @semantic-release/git@10.0.1 conventional-changelog-eslint@3.0.9
 #     - npx semantic-release
 #   artifacts:
 #     paths:
 #     - CHANGELOG.md
 # sast:
 #   stage: test
 # include:
 # - template: Security/SAST.gitlab-ci.yml
 #sonarqube-check:
 #  stage: test
 #  image: 
 #    name: sonarsource/sonar-scanner-cli:4.7
 #    entrypoint: [""]
 #  variables:
 #    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 #    GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 #  cache:
 #    key: "${CI_JOB_NAME}"
 #    paths:
 #      - .sonar/cache
 #  script: 
 #    - sonar-scanner
 #  allow_failure: true
 #  only:
 #    - master # or the name of your main branch
 #    - branches
 # trivy:
 #   stage: test
 #   extends:
 #     - .docker_base
 #   before_script:
 #     - export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')
 #     - echo $TRIVY_VERSION
 #     - wget --no-verbose https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz -O - | tar -zxvf -
 #   allow_failure: true
 #   script:
 #     # Build image
 #     - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA ./Docker/
 #     # Build report
 #     - ./trivy --cache-dir .trivycache/ image --exit-code 0 --no-progress --format template --template "@contrib/gitlab.tpl" -o gl-container-scanning-report.json $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
 #     # Print report
 #     - ./trivy --cache-dir .trivycache/ image --exit-code 0 --no-progress --severity HIGH $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
 #     # Fail on severe vulnerabilities
 #     - ./trivy --cache-dir .trivycache/ image --exit-code 1 --severity CRITICAL --no-progress $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
 #   cache:
 #     paths:
 #       - .trivycache/
 #   # Enables https://docs.gitlab.com/ee/user/application_security/container_scanning/ (Container Scanning report is available on GitLab EE Ultimate or GitLab.com Gold)
 #   artifacts:
 #     reports:
 #       container_scanning: gl-container-scanning-report.json