Skip to content
Snippets Groups Projects
.gitlab-ci.yml 7.44 KiB
## Stage names in the pipeline.
stages:
  - build
  - test
  - staging
  - smoketest
  - deploy

variables:
  ## Name for the generated image. Change this if you wish, but watch out
  ## for special characters and spaces!
  DOCKER_IMAGE_NAME: ${DOCKER_REGISTRY}/tjts5901
  DOCKER_TAG: ${CI_COMMIT_REF_SLUG}

  ## (Optional) More verbose output from pipeline. Enabling it might reveal secrets.
  #CI_DEBUG_TRACE: "true"

include:
  - template: Jobs/SAST.gitlab-ci.yml

## Use buildkit to build the container.
## Buildkit: https://github.com/moby/buildkit
## Example gitlab-ci buildkit template: https://gitlab.com/txlab/ci-templates
build:
  stage: build
  image:
    name: moby/buildkit:v0.10.6-rootless
    entrypoint: [ "sh", "-c" ]
  variables:
    BUILDKITD_FLAGS: --oci-worker-no-process-sandbox

  before_script:
    ## Make some checks that Docker credentials are configured.
    - test -z "${DOCKER_REGISTRY}" && (echo "Missing required variable DOCKER_REGISTRY. See 'Pipeline setup.md'"; exit 1)
    - test -z "${DOCKER_AUTH_CONFIG}" && (echo "Missing required variable DOCKER_AUTH_CONFIG. See 'Pipeline setup.md'"; exit 1)
    - test -z "${DOCKER_IMAGE_NAME}" && (echo "Missing image name variable."; exit 1)
    ## Save docker login credentials from gitlab into a place where buildkit is looking for them.
    - mkdir -p ${HOME}/.docker && echo "${DOCKER_AUTH_CONFIG}" > "${HOME}/.docker/config.json"
    ## Simple check that the registry exists in login information
    - grep "\\b${DOCKER_REGISTRY}\\b" "${HOME}/.docker/config.json" || (echo "Could not find docker registry in docker login information. Check DOCKER_AUTH_CONFIG"; exit 1)

  script:
    # Build the image, and push it to registry.
    - |
      buildctl-daemonless.sh build  --progress=plain \
          --frontend=dockerfile.v0 \
          --local context=. \
          --local dockerfile=. \
          --opt build-arg:CI_COMMIT_SHA=${CI_COMMIT_SHA} \
          --output type=image,name=${DOCKER_IMAGE_NAME}:${DOCKER_TAG},push=true


sast:
    ## Static Application Security Test
    ## You can override the included template(s) by including variable overrides
    ## SAST customization:
    ##   https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
    stage: test


## Run the tests. If any of the tests fails, pipeline is rejected.
test:
  ## Optional: include stage and environment name
  stage: test
  image: ${DOCKER_IMAGE_NAME}:${DOCKER_TAG}
  variables:
    ## Setup variable pointin to mongo service
    ## Notice: the `mongo` address might not work.
    MONGO_URL: mongodb://mongo/tjts5901-test