-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy path.gitlab-ci.yml
144 lines (127 loc) · 4.11 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
.go-cache:
variables:
GOPATH: $CI_PROJECT_DIR/.go
cache:
paths:
- .go/pkg/mod/
stages: # List of stages for jobs, and their order of execution
- lint
- build
- test
- docker
- release
# - deploy
lint:
image: golangci/golangci-lint:latest
stage: lint
extends: .go-cache
allow_failure: false
script:
- golangci-lint run --timeout 5m -v
rules:
- if: '$CI_COMMIT_REF_NAME != "master" && $CI_PIPELINE_SOURCE == "push" || $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_TAG'
build-job: # This job runs in the build stage, which runs first.
image: golang:latest
stage: build
script:
- go install github.com/swaggo/swag/cmd/swag@latest
- make build
rules:
- if: '$CI_COMMIT_REF_NAME != "master" && $CI_PIPELINE_SOURCE == "push" || $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_TAG'
cross-compile:
image: golang:latest
stage: build
artifacts:
name: "$CI_COMMIT_REF_NAME"
paths:
- bin/
expire_in: 2 hrs
script:
- go install github.com/swaggo/swag/cmd/swag@latest
- go install github.com/CycloneDX/cyclonedx-gomod/cmd/cyclonedx-gomod@latest
- make compile
- make sbom
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_REF_NAME == "master" || $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_TAG'
unit-test-job: # This job runs in the test stage.
image: golang:latest
stage: test # It only starts when the job in the build stage completes successfully.
script:
- apt update
- apt install openssh-server -y
- useradd sshtest
- echo "sshtest:pdKY77qNxpI5MAizirtjCVOcm0KFKIs" | chpasswd
- service ssh start
- make test
rules:
- when: always
docker-build: # This job will build the soarca docker image on merge request
image: docker
services:
- docker:dind
before_script:
- docker info
dependencies:
- cross-compile
variables:
# Tell docker CLI how to talk to Docker daemon; see
# https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker-executor
DOCKER_HOST: tcp://docker:2375/
# Use the overlayfs driver for improved performance:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
stage: docker
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_REF_NAME == "master" || $CI_PIPELINE_SOURCE == "merge_request_event"'
script:
- echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin
- apk add git
- ls bin
- export VERSION=$(git describe --tags --dirty)
- echo $VERSION
- docker build --build-arg VERSION -t $CI_REGISTRY_IMAGE:$VERSION .
release-docker:
stage: release
only:
- tags
image: docker
services:
- docker:dind
before_script:
- docker info
variables:
# Tell docker CLI how to talk to Docker daemon; see
# https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker-executor
DOCKER_HOST: tcp://docker:2375/
# Use the overlayfs driver for improved performance:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
script:
- echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin
- apk add git
- export VERSION=$(git describe --tags --dirty)
- echo $VERSION
- docker build --build-arg VERSION -t $CI_REGISTRY_IMAGE:$VERSION .
- docker push $CI_REGISTRY_IMAGE:$VERSION
- docker tag $CI_REGISTRY_IMAGE:$VERSION $CI_REGISTRY_IMAGE:latest
- docker push $CI_REGISTRY_IMAGE:latest
release-bin:
stage: release
only:
- tags
image: golang:latest
artifacts:
name: "$CI_COMMIT_TAG"
paths:
- bin/
script:
- go install github.com/swaggo/swag/cmd/swag@latest
- go install github.com/CycloneDX/cyclonedx-gomod/cmd/cyclonedx-gomod@latest
- make compile
- make sbom
# deploy-job: # This job runs in the deploy stage.
# stage: deploy # It only runs when *both* jobs in the test stage complete successfully.
# environment: production
# script:
# - echo "Deploying application..."
# - echo "Application successfully deployed."