Merge branch 'revert-13ef0b05' into 'main'
Revert "Merge branch 'set-sast-config-1' into 'main'" See merge request bacon/rss-proxy!5
This commit was merged in pull request #5.
This commit is contained in:
Slava
108
.gitlab-ci.yml
108
.gitlab-ci.yml
@@ -1,74 +1,66 @@
|
||||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/pipeline/#customization
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
workflow:
|
||||
rules:
|
||||
- changes:
|
||||
- proxy/**/*
|
||||
- Dockerfile
|
||||
- requirements.txt
|
||||
when: always
|
||||
- when: never
|
||||
- changes:
|
||||
- proxy/**/*
|
||||
- Dockerfile
|
||||
- requirements.txt
|
||||
when: always
|
||||
- when: never
|
||||
|
||||
stages:
|
||||
- build
|
||||
- pre_push
|
||||
- push
|
||||
- test
|
||||
- deploy
|
||||
- review
|
||||
- dast
|
||||
- staging
|
||||
- canary
|
||||
- production
|
||||
- incremental rollout 10%
|
||||
- incremental rollout 25%
|
||||
- incremental rollout 50%
|
||||
- incremental rollout 100%
|
||||
- performance
|
||||
- cleanup
|
||||
# - test
|
||||
- build
|
||||
- pre_push
|
||||
- push
|
||||
|
||||
# test:
|
||||
# stage: test
|
||||
# image: python:3.11-alpine
|
||||
# script:
|
||||
# - pip install -q -r requirements.txt
|
||||
# - pip install -q pytest~=8.3.5
|
||||
# - python -m unittest discover tests
|
||||
|
||||
build:
|
||||
# needs:
|
||||
# - test
|
||||
|
||||
stage: build
|
||||
script:
|
||||
- docker build -t $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG .
|
||||
- docker tag $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_SHORT_SHA
|
||||
- docker tag $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG $CI_REGISTRY/$CI_PROJECT_PATH:latest
|
||||
- docker build -t $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG .
|
||||
- docker tag $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_SHORT_SHA
|
||||
- docker tag $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG $CI_REGISTRY/$CI_PROJECT_PATH:latest
|
||||
|
||||
pre_push:
|
||||
needs:
|
||||
- build
|
||||
- build
|
||||
stage: pre_push
|
||||
before_script:
|
||||
- apk add --no-cache curl
|
||||
- apk add --no-cache curl
|
||||
script:
|
||||
- echo "Running container to test image"
|
||||
- docker run -d --rm --name test_container $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
|
||||
- CONTAINER_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}'
|
||||
test_container)
|
||||
- |
|
||||
echo "Waiting for the application to start..."
|
||||
sleep 10
|
||||
if curl --fail http://$CONTAINER_IP:5050/health; then
|
||||
echo "Healthcheck passed"
|
||||
else
|
||||
echo "Healthcheck failed, stopping push"
|
||||
exit 1
|
||||
fi
|
||||
- echo "Running container to test image"
|
||||
- docker run -d --rm --name test_container $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
|
||||
- CONTAINER_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' test_container)
|
||||
- |
|
||||
echo "Waiting for the application to start..."
|
||||
sleep 10
|
||||
if curl --fail http://$CONTAINER_IP:5050/health; then
|
||||
echo "Healthcheck passed"
|
||||
else
|
||||
echo "Healthcheck failed, stopping push"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
after_script:
|
||||
- docker rm -f test_container
|
||||
- docker rm -f test_container
|
||||
|
||||
push:
|
||||
needs:
|
||||
- pre_push
|
||||
- pre_push
|
||||
stage: push
|
||||
script:
|
||||
- echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin
|
||||
$CI_REGISTRY
|
||||
- docker push $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_SHORT_SHA
|
||||
- docker push $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
|
||||
- docker push $CI_REGISTRY/$CI_PROJECT_PATH:latest
|
||||
sast:
|
||||
stage: test
|
||||
include:
|
||||
- template: Auto-DevOps.gitlab-ci.yml
|
||||
- echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
|
||||
- docker push $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_SHORT_SHA
|
||||
- docker push $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
|
||||
- docker push $CI_REGISTRY/$CI_PROJECT_PATH:latest
|
||||
|
||||
Reference in New Issue
Block a user