2021-12-11 01:14:38 +00:00
|
|
|
variables:
|
|
|
|
REPO_NAME: git.ucode.space/Phil/goshorly
|
2022-01-06 16:49:09 +00:00
|
|
|
DOCKER_BUILDKIT: 1
|
2022-01-08 15:55:09 +00:00
|
|
|
|
2021-12-07 21:23:41 +00:00
|
|
|
stages:
|
2022-01-07 19:25:28 +00:00
|
|
|
- test
|
|
|
|
- build
|
2022-01-08 15:55:09 +00:00
|
|
|
|
2022-01-08 16:14:51 +00:00
|
|
|
check-format:
|
2021-12-07 21:23:41 +00:00
|
|
|
image: golang:latest
|
|
|
|
stage: test
|
2021-12-11 01:14:38 +00:00
|
|
|
before_script:
|
2022-01-07 19:25:28 +00:00
|
|
|
- mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
|
|
|
|
- ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
|
|
|
|
- cd $GOPATH/src/$REPO_NAME
|
2021-12-07 21:23:41 +00:00
|
|
|
script:
|
2022-01-07 19:25:28 +00:00
|
|
|
- go fmt $(go list ./... | grep -v /vendor/)
|
|
|
|
- go vet $(go list ./... | grep -v /vendor/)
|
|
|
|
- go test -race $(go list ./... | grep -v /vendor/)
|
2022-01-08 16:14:51 +00:00
|
|
|
only:
|
|
|
|
- merge_requests
|
2022-01-08 15:55:09 +00:00
|
|
|
|
2022-01-08 16:14:51 +00:00
|
|
|
check-gosec:
|
2021-12-11 01:14:38 +00:00
|
|
|
image: golang:latest
|
|
|
|
before_script:
|
2022-01-07 19:25:28 +00:00
|
|
|
- mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
|
|
|
|
- ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
|
|
|
|
- cd $GOPATH/src/$REPO_NAME
|
2021-12-11 01:14:38 +00:00
|
|
|
script:
|
2022-01-07 19:25:28 +00:00
|
|
|
- go install github.com/securego/gosec/v2/cmd/gosec@latest
|
|
|
|
- go get -v -d .
|
|
|
|
- gosec ./...
|
2022-01-08 16:14:51 +00:00
|
|
|
only:
|
|
|
|
- merge_requests
|
2022-01-08 15:55:09 +00:00
|
|
|
|
2022-01-06 17:00:14 +00:00
|
|
|
docker-build-prod-latest:
|
2022-01-09 15:15:28 +00:00
|
|
|
image: moby/buildkit:rootless
|
2021-12-07 17:13:02 +00:00
|
|
|
stage: build
|
|
|
|
services:
|
2022-01-07 19:25:28 +00:00
|
|
|
- docker:dind
|
2021-12-07 17:13:02 +00:00
|
|
|
before_script:
|
2022-01-07 19:25:28 +00:00
|
|
|
- docker buildx create --use
|
|
|
|
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
2021-12-07 17:13:02 +00:00
|
|
|
script:
|
2022-01-07 19:25:28 +00:00
|
|
|
- |
|
|
|
|
docker buildx build \
|
|
|
|
--platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 \
|
2022-01-09 14:14:19 +00:00
|
|
|
--build-arg CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH \
|
|
|
|
--build-arg CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA \
|
2022-01-07 19:25:28 +00:00
|
|
|
--push \
|
|
|
|
--tag $CI_REGISTRY_IMAGE:latest \
|
|
|
|
.
|
2022-01-06 17:00:14 +00:00
|
|
|
only:
|
2022-01-07 19:25:28 +00:00
|
|
|
- main
|
2022-01-08 15:55:09 +00:00
|
|
|
|
|
|
|
docker-build-dry-run:
|
2021-12-11 01:14:38 +00:00
|
|
|
image: docker:latest
|
|
|
|
stage: build
|
|
|
|
services:
|
2022-01-07 19:25:28 +00:00
|
|
|
- docker:dind
|
2021-12-11 01:14:38 +00:00
|
|
|
script:
|
2022-01-07 19:25:28 +00:00
|
|
|
- |
|
|
|
|
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
|
|
|
|
tag=""
|
|
|
|
echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
|
|
|
|
else
|
|
|
|
tag=":$CI_COMMIT_REF_SLUG"
|
|
|
|
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
|
|
|
|
fi
|
|
|
|
- docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
|
2021-12-11 01:14:38 +00:00
|
|
|
only:
|
2022-01-07 19:25:28 +00:00
|
|
|
- merge_requests
|
2022-01-08 15:55:09 +00:00
|
|
|
|
2022-01-07 19:25:28 +00:00
|
|
|
include:
|
|
|
|
- template: Security/SAST.gitlab-ci.yml
|
2022-01-07 19:33:16 +00:00
|
|
|
- template: Security/SAST-IaC.latest.gitlab-ci.yml
|