From 2e0b1aca361e6d8b1e0b6e83dc48fcd063e33f20 Mon Sep 17 00:00:00 2001 From: Phil Date: Sat, 11 Dec 2021 02:14:38 +0100 Subject: [PATCH] Added gosec CI / MR CI --- .gitlab-ci.yml | 44 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 39 insertions(+), 5 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 94f7dfd..bfbd5ed 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,3 +1,6 @@ +variables: + REPO_NAME: git.ucode.space/Phil/goshorly + stages: - test - build @@ -5,12 +8,27 @@ stages: format: image: golang:latest stage: test + before_script: + - mkdir -p $GOPATH/src/$(dirname $REPO_NAME) + - ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME + - cd $GOPATH/src/$REPO_NAME script: - go fmt $(go list ./... | grep -v /vendor/) - go vet $(go list ./... | grep -v /vendor/) - go test -race $(go list ./... | grep -v /vendor/) -docker-build: +gosec: + image: golang:latest + before_script: + - mkdir -p $GOPATH/src/$(dirname $REPO_NAME) + - ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME + - cd $GOPATH/src/$REPO_NAME + script: + - go install github.com/securego/gosec/v2/cmd/gosec@latest + - go get -v -d . + - gosec ./... + +docker-build-prod: image: docker:latest stage: build services: @@ -28,7 +46,23 @@ docker-build: fi - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" . - docker push "$CI_REGISTRY_IMAGE${tag}" - rules: - - if: $CI_COMMIT_BRANCH - exists: - - Dockerfile + except: + - merge_requests + +docker-build-MR-dry-run: + image: docker:latest + stage: build + services: + - docker:dind + script: + - | + if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then + tag="" + echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'" + else + tag=":$CI_COMMIT_REF_SLUG" + echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag" + fi + - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" . + only: + - merge_requests \ No newline at end of file