50 lines
1.4 KiB
YAML
50 lines
1.4 KiB
YAML
|
stages: # List of stages for jobs, and their order of execution
|
||
|
- build
|
||
|
- test
|
||
|
|
||
|
docker-build-push:
|
||
|
# Use the official docker image.
|
||
|
image: docker:latest
|
||
|
stage: build
|
||
|
services:
|
||
|
- docker:dind
|
||
|
before_script:
|
||
|
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
||
|
# Default branch leaves tag empty (= latest tag)
|
||
|
# All other branches are tagged with the escaped branch name (commit ref slug)
|
||
|
script:
|
||
|
- |
|
||
|
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
|
||
|
tag=""
|
||
|
echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
|
||
|
else
|
||
|
tag=":$CI_COMMIT_REF_SLUG"
|
||
|
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
|
||
|
fi
|
||
|
- docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
|
||
|
- docker push "$CI_REGISTRY_IMAGE${tag}"
|
||
|
allow_failure: false
|
||
|
only:
|
||
|
- main
|
||
|
|
||
|
docker-build:
|
||
|
image: docker:latest
|
||
|
stage: build
|
||
|
services:
|
||
|
- docker:dind
|
||
|
before_script:
|
||
|
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
||
|
script:
|
||
|
- docker build --pull -t "$CI_REGISTRY_IMAGE" .
|
||
|
allow_failure: false
|
||
|
except:
|
||
|
- main
|
||
|
|
||
|
include:
|
||
|
- template: Security/Container-Scanning.gitlab-ci.yml
|
||
|
- template: Security/SAST.gitlab-ci.yml
|
||
|
container_scanning:
|
||
|
variables:
|
||
|
DOCKER_IMAGE: "$CI_REGISTRY_IMAGE${tag}"
|
||
|
stage: test
|
||
|
allow_failure: false
|