shbot/.gitlab-ci.yml

69 lines
1.9 KiB
YAML
Raw Normal View History

stages: # List of stages for jobs, and their order of execution
- build
- test
- deploy
2022-03-06 12:02:30 +01:00
docker-build-push:
# Use the official docker image.
2022-03-06 05:08:40 +01:00
image: docker:latest
stage: build
services:
- docker:dind
2022-03-06 05:08:40 +01:00
before_script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
# Default branch leaves tag empty (= latest tag)
# All other branches are tagged with the escaped branch name (commit ref slug)
2022-03-06 05:08:40 +01:00
script:
- |
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
tag=""
echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
else
tag=":$CI_COMMIT_REF_SLUG"
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
fi
- docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
- docker push "$CI_REGISTRY_IMAGE${tag}"
2022-03-09 08:16:27 +01:00
allow_failure: false
2022-03-06 11:36:37 +01:00
only:
- master
- dev
2022-03-06 12:02:30 +01:00
docker-build:
image: docker:latest
stage: build
services:
- docker:dind
2022-03-06 12:02:30 +01:00
before_script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
2022-03-06 12:02:30 +01:00
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE" .
2022-03-09 08:16:27 +01:00
allow_failure: false
2022-03-06 12:02:30 +01:00
except:
- master
- dev
2022-03-09 07:22:14 +01:00
include:
- template: Security/Container-Scanning.gitlab-ci.yml
2022-03-09 09:38:32 +01:00
- template: Security/SAST.gitlab-ci.yml
2022-03-09 06:20:26 +01:00
container_scanning:
variables:
DOCKER_IMAGE: "$CI_REGISTRY_IMAGE${tag}"
stage: test
2022-03-09 08:16:27 +01:00
allow_failure: false
2022-03-06 11:32:29 +01:00
deploy_staging:
2022-03-06 11:42:50 +01:00
stage: deploy
2022-03-09 08:00:44 +01:00
image: debian
2022-03-09 08:16:27 +01:00
before_script:
2022-03-09 08:00:44 +01:00
- apt-get update -qq
- 'which ssh-agent || ( apt-get install -qq openssh-client )'
- eval $(ssh-agent -s)
- ssh-add <(echo "$SSH_PRIVATE_KEY")
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
2022-03-09 08:16:27 +01:00
script:
- ssh $SSH_SERVER "cd /root && docker-compose pull shbot && docker-compose up -d shbot && exit"
2022-03-06 11:32:29 +01:00
only:
- master