113 lines
3.0 KiB
YAML
113 lines
3.0 KiB
YAML
# You can override the included template(s) by including variable overrides
|
|
# See https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
|
# Note that environment variables can be set in several places
|
|
# See https://docs.gitlab.com/ee/ci/variables/#priority-of-environment-variables
|
|
|
|
stages:
|
|
- test
|
|
- build
|
|
- push_local
|
|
- release
|
|
- push_dockerhub
|
|
|
|
.docker_base:
|
|
image: docker:18.09.7-dind
|
|
services:
|
|
- docker:18.09.7-dind
|
|
variables:
|
|
DOCKER_DRIVER: overlay
|
|
DOCKER_HOST: tcp://localhost:2375/
|
|
IMAGE_TAG: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
|
|
FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
|
|
before_script:
|
|
- docker version
|
|
- docker info
|
|
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
|
|
|
build:
|
|
extends:
|
|
- .docker_base
|
|
stage: build
|
|
script:
|
|
- docker pull $CI_REGISTRY_IMAGE:latest || true
|
|
- >
|
|
docker build
|
|
--pull
|
|
--cache-from $CI_REGISTRY_IMAGE:latest
|
|
--tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
|
--build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
|
|
--build-arg VCS_REF=$CI_COMMIT_SHORT_SHA
|
|
./Docker/
|
|
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
|
|
|
push local:
|
|
extends:
|
|
- .docker_base
|
|
stage: push_local
|
|
variables:
|
|
GIT_STRATEGY: none
|
|
only:
|
|
- master
|
|
script:
|
|
- docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
|
- docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
|
|
- docker push $CI_REGISTRY_IMAGE:latest
|
|
|
|
push dockerhub:
|
|
extends:
|
|
- .docker_base
|
|
stage: push_dockerhub
|
|
variables:
|
|
GIT_STRATEGY: none
|
|
CI_DOCKERHUB_IMAGE: index.docker.io/evanrich/py-eagle-mqtt
|
|
CI_DOCKERHUB_REGISTRY: docker.io
|
|
only:
|
|
- tags
|
|
script:
|
|
- docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
|
- docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:$CI_COMMIT_REF_NAME
|
|
- docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
|
|
- docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
|
|
- docker push $CI_DOCKERHUB_IMAGE
|
|
|
|
release:
|
|
image: node:13
|
|
stage: release
|
|
only:
|
|
refs:
|
|
- master
|
|
- alpha
|
|
# This matches maintenance branches
|
|
- /^(([0-9]+)\.)?([0-9]+)\.x/
|
|
# This matches pre-releases
|
|
- /^([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*))?(?:\+[0-9A-Za-z-]+)?$/
|
|
script:
|
|
- touch CHANGELOG.md
|
|
- npm install @semantic-release/gitlab @semantic-release/changelog @semantic-release/git
|
|
- npx semantic-release
|
|
artifacts:
|
|
paths:
|
|
- CHANGELOG.md
|
|
|
|
sast:
|
|
stage: test
|
|
include:
|
|
- template: Security/SAST.gitlab-ci.yml
|
|
|
|
sonarqube-check:
|
|
image:
|
|
name: sonarsource/sonar-scanner-cli:latest
|
|
entrypoint: [""]
|
|
variables:
|
|
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
|
|
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
|
|
cache:
|
|
key: "${CI_JOB_NAME}"
|
|
paths:
|
|
- .sonar/cache
|
|
script:
|
|
- sonar-scanner
|
|
allow_failure: true
|
|
only:
|
|
- master # or the name of your main branch
|