-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.gitlab-ci.yml
68 lines (61 loc) · 3.33 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
image: cr.agilicus.com/corp-tools/docker-compose
variables:
DOCKER_DRIVER: overlay2
PORT: 2375
DOCKER_HOST: tcp://localhost:2375
CONTAINER_IMAGE: $CI_REGISTRY/$CI_PROJECT_PATH
TAIGA_CONTAINER_REGISTRY: $CI_REGISTRY/$CI_PROJECT_PATH/
stages:
- build
- scan
- test
before_script:
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY
services:
- name: docker:dind
build:
stage: build
script:
- echo Start build
- touch environment
- echo Build with TAIGA_CONTAINER_REGISTRY=$TAIGA_CONTAINER_REGISTRY
- docker-compose build
- docker tag $CI_REGISTRY/$CI_PROJECT_PATH/taiga_backend:latest $CI_REGISTRY/$CI_PROJECT_PATH/taiga_backend:$CI_BUILD_REF_NAME
- docker tag $CI_REGISTRY/$CI_PROJECT_PATH/taiga_events:latest $CI_REGISTRY/$CI_PROJECT_PATH/taiga_events:$CI_BUILD_REF_NAME
- docker tag $CI_REGISTRY/$CI_PROJECT_PATH/taiga_frontend:latest $CI_REGISTRY/$CI_PROJECT_PATH/taiga_frontend:$CI_BUILD_REF_NAME
- docker tag $CI_REGISTRY/$CI_PROJECT_PATH/taiga_celeryworker:latest $CI_REGISTRY/$CI_PROJECT_PATH/taiga_celeryworker:$CI_BUILD_REF_NAME
- docker images
- docker-compose push
- docker push $CI_REGISTRY/$CI_PROJECT_PATH/taiga_backend:$CI_BUILD_REF_NAME
- docker push $CI_REGISTRY/$CI_PROJECT_PATH/taiga_events:$CI_BUILD_REF_NAME
- docker push $CI_REGISTRY/$CI_PROJECT_PATH/taiga_frontend:$CI_BUILD_REF_NAME
- docker push $CI_REGISTRY/$CI_PROJECT_PATH/taiga_celeryworker:$CI_BUILD_REF_NAME
scan:
stage: scan
artifacts:
name: "$CI_PROJECT_PATH-$CI_COMMIT_REF_NAME"
paths:
- reports/
script:
- echo Analyse $CI_REGISTRY/$CI_PROJECT_PATH/taiga_backend:$CI_BUILD_REF_NAME for vulnerability
- clairctl analyze --log-level debug $CI_REGISTRY/$CI_PROJECT_PATH/taiga_backend:$CI_BUILD_REF_NAME || true
- echo Analyse $CI_REGISTRY/$CI_PROJECT_PATH/taiga_frontend:$CI_BUILD_REF_NAME for vulnerability
- clairctl analyze --log-level debug $CI_REGISTRY/$CI_PROJECT_PATH/taiga_frontend:$CI_BUILD_REF_NAME || true
- echo Analyse $CI_REGISTRY/$CI_PROJECT_PATH/taiga_events:$CI_BUILD_REF_NAME for vulnerability
- clairctl analyze --log-level debug $CI_REGISTRY/$CI_PROJECT_PATH/taiga_events:$CI_BUILD_REF_NAME || true
- echo Analyse $CI_REGISTRY/$CI_PROJECT_PATH/taiga_celeryworker:$CI_BUILD_REF_NAME for vulnerability
- clairctl analyze --log-level debug $CI_REGISTRY/$CI_PROJECT_PATH/taiga_celeryworker:$CI_BUILD_REF_NAME || true
- echo Generate JSON report
- clairctl report -f json $CI_REGISTRY/$CI_PROJECT_PATH/taiga_backend:$CI_BUILD_REF_NAME || true
- clairctl report -f json $CI_REGISTRY/$CI_PROJECT_PATH/taiga_frontend:$CI_BUILD_REF_NAME || true
- clairctl report -f json $CI_REGISTRY/$CI_PROJECT_PATH/taiga_events:$CI_BUILD_REF_NAME || true
- clairctl report -f json $CI_REGISTRY/$CI_PROJECT_PATH/taiga_celeryworker:$CI_BUILD_REF_NAME || true
- echo Generate HTML report
- clairctl report -f html $CI_REGISTRY/$CI_PROJECT_PATH/taiga_backend:$CI_BUILD_REF_NAME || true
- clairctl report -f html $CI_REGISTRY/$CI_PROJECT_PATH/taiga_frontend:$CI_BUILD_REF_NAME || true
- clairctl report -f html $CI_REGISTRY/$CI_PROJECT_PATH/taiga_events:$CI_BUILD_REF_NAME || true
- clairctl report -f html $CI_REGISTRY/$CI_PROJECT_PATH/taiga_celeryworker:$CI_BUILD_REF_NAME || true
test:
stage: test
script:
- echo Start unit-test