goshorly/.gitlab-ci.yml
2022-01-09 17:12:25 +01:00

76 lines
1.8 KiB
YAML

variables:
REPO_NAME: git.ucode.space/Phil/goshorly
DOCKER_BUILDKIT: 1
stages:
- test
- build
check-format:
image: golang:latest
stage: test
before_script:
- mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
- ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
- cd $GOPATH/src/$REPO_NAME
script:
- go fmt $(go list ./... | grep -v /vendor/)
- go vet $(go list ./... | grep -v /vendor/)
- go test -race $(go list ./... | grep -v /vendor/)
only:
- merge_requests
check-gosec:
image: golang:latest
before_script:
- mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
- ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
- cd $GOPATH/src/$REPO_NAME
script:
- go install github.com/securego/gosec/v2/cmd/gosec@latest
- go get -v -d .
- gosec ./...
only:
- merge_requests
docker-build-prod-latest:
image: moby/buildkit
stage: build
services:
- docker:dind
before_script:
- docker buildx create --use
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
script:
- |
docker buildx build \
--platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 \
--build-arg CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH \
--build-arg CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA \
--push \
--tag $CI_REGISTRY_IMAGE:latest \
.
only:
- main
docker-build-dry-run:
image: docker:latest
stage: build
services:
- docker:dind
script:
- |
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
tag=""
echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
else
tag=":$CI_COMMIT_REF_SLUG"
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
fi
- docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
only:
- merge_requests
include:
- template: Security/SAST.gitlab-ci.yml
- template: Security/SAST-IaC.latest.gitlab-ci.yml