74 lines
1.6 KiB
YAML
74 lines
1.6 KiB
YAML
include:
|
|
- template: Security/Dependency-Scanning.gitlab-ci.yml
|
|
- template: Security/SAST.gitlab-ci.yml
|
|
- template: Security/Secret-Detection.gitlab-ci.yml
|
|
- template: Security/Container-Scanning.gitlab-ci.yml
|
|
|
|
variables:
|
|
# Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled
|
|
DOCKER_HOST: tcp://docker:2376
|
|
DOCKER_TLS_CERTDIR: "/certs"
|
|
CONTAINER_TEST_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
|
|
CONTAINER_RELEASE_IMAGE: $CI_REGISTRY_IMAGE:latest
|
|
|
|
container_scanning:
|
|
variables:
|
|
CS_DEFAULT_BRANCH_IMAGE: $CI_REGISTRY_IMAGE/$CI_DEFAULT_BRANCH:$CI_COMMIT_SHA
|
|
|
|
image: golang:latest
|
|
|
|
stages:
|
|
- test
|
|
- build
|
|
- release
|
|
|
|
format:
|
|
stage: test
|
|
script:
|
|
- go fmt $(go list ./...)
|
|
|
|
vet:
|
|
stage: test
|
|
script:
|
|
- go vet $(go list ./...)
|
|
|
|
test:
|
|
stage: test
|
|
script:
|
|
- go test -race $(go list ./...)
|
|
|
|
sast:
|
|
stage: test
|
|
|
|
compile:
|
|
stage: build
|
|
script:
|
|
- mkdir -p bin
|
|
- go build -v -o bin ./...
|
|
artifacts:
|
|
paths:
|
|
- bin
|
|
|
|
build:
|
|
stage: build
|
|
image: docker:stable
|
|
services:
|
|
- docker:stable-dind
|
|
script:
|
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
- docker build --pull -t $CONTAINER_TEST_IMAGE .
|
|
- docker push $CONTAINER_TEST_IMAGE
|
|
|
|
release:
|
|
stage: release
|
|
image: docker:stable
|
|
services:
|
|
- docker:stable-dind
|
|
script:
|
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
- docker pull $CONTAINER_TEST_IMAGE
|
|
- docker tag $CONTAINER_TEST_IMAGE $CONTAINER_RELEASE_IMAGE
|
|
- docker push $CONTAINER_RELEASE_IMAGE
|
|
only:
|
|
- main
|