# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
# container_scanning:
# variables:
# DOCKER_IMAGE: ...
# DOCKER_USER: ...
# DOCKER_PASSWORD: ...
image: docker:latest
services:
- docker:dind
before_script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
lint-dockerfile:
stage: test
image: hadolint/hadolint:latest-debian
before_script:
- mkdir ~/.config
- cp ./.hadolint.yaml ~/.config/hadolint.yaml
script:
- find . -name "Dockerfile" -execdir hadolint {} \;
lint-shell-script:
stage: test
image: koalaman/shellcheck-alpine:latest
before_script:
- shellcheck -V
script:
- find . -name "*.sh" -exec shellcheck {} \;
build-golang-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/golang:latest" ./golang/latest
- docker push "$CI_REGISTRY_IMAGE/golang:latest"
only:
- master
when: manual
build-golang-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/golang:latest-dev" ./golang/latest
- docker push "$CI_REGISTRY_IMAGE/golang:latest-dev"
except:
- master
build-debian-bullseye-build-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:bullseye" ./debian/bullseye
- docker push "$CI_REGISTRY_IMAGE/debian:bullseye"
only:
- master
when: manual
build-debian-bullseye-build-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:bullseye-dev" ./debian/bullseye
- docker push "$CI_REGISTRY_IMAGE/debian:bullseye-dev"
except:
- master
build-debian-buster-build-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:buster" ./debian/buster
- docker push "$CI_REGISTRY_IMAGE/debian:buster"
only:
- master
when: manual
build-debian-buster-build-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:buster-dev" ./debian/buster
- docker push "$CI_REGISTRY_IMAGE/debian:buster-dev"
except:
- master
build-debian-stretch-build-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:stretch" ./debian/stretch
- docker push "$CI_REGISTRY_IMAGE/debian:stretch"
only:
- master
when: manual
build-debian-stretch-build-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:stretch-dev" ./debian/stretch
- docker push "$CI_REGISTRY_IMAGE/debian:stretch-dev"
except:
- master
build-debian-jessie-build-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:jessie" ./debian/jessie
- docker push "$CI_REGISTRY_IMAGE/debian:jessie"
only:
- master
when: manual
build-debian-jessie-build-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:jessie-dev" ./debian/jessie
- docker push "$CI_REGISTRY_IMAGE/debian:jessie-dev"
except:
- master
build-debian-wp-org-deploy-build-master:
stage: deploy
variables:
GIT_SUBMODULE_STRATEGY: recursive
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:wp-org-deploy" ./debian/wp-org-deploy/context
- docker push "$CI_REGISTRY_IMAGE/debian:wp-org-deploy"
only:
- master
when: manual
build-debian-wp-org-deploy-build-dev:
stage: deploy
variables:
GIT_SUBMODULE_STRATEGY: recursive
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/debian:wp-org-deploy-dev" ./debian/wp-org-deploy/context
- docker push "$CI_REGISTRY_IMAGE/debian:wp-org-deploy-dev"
except:
- master
build-php-8.1-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:8.1" ./php/8.1
- docker push "$CI_REGISTRY_IMAGE/php:8.1"
only:
- master
when: manual
build-php-8.1-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:8.1-dev" ./php/8.1
- docker push "$CI_REGISTRY_IMAGE/php:8.1-dev"
except:
- master
build-php-8.0-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:8.0" ./php/8.0
- docker push "$CI_REGISTRY_IMAGE/php:8.0"
only:
- master
when: manual
build-php-8.0-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:8.0-dev" ./php/8.0
- docker push "$CI_REGISTRY_IMAGE/php:8.0-dev"
except:
- master
build-php-7.4-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.4" ./php/7.4
- docker push "$CI_REGISTRY_IMAGE/php:7.4"
only:
- master
when: manual
build-php-7.4-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.4-dev" ./php/7.4
- docker push "$CI_REGISTRY_IMAGE/php:7.4-dev"
except:
- master
build-php-7.3-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.3" ./php/7.3
- docker push "$CI_REGISTRY_IMAGE/php:7.3"
only:
- master
when: manual
build-php-7.3-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.3-dev" ./php/7.3
- docker push "$CI_REGISTRY_IMAGE/php:7.3-dev"
except:
- master
build-php-7.2-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.2" ./php/7.2
- docker push "$CI_REGISTRY_IMAGE/php:7.2"
only:
- master
when: manual
build-php-7.2-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.2-dev" ./php/7.2
- docker push "$CI_REGISTRY_IMAGE/php:7.2-dev"
except:
- master
build-php-7.1-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.1" ./php/7.1
- docker push "$CI_REGISTRY_IMAGE/php:7.1"
only:
- master
when: manual
build-php-7.1-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.1-dev" ./php/7.1
- docker push "$CI_REGISTRY_IMAGE/php:7.1-dev"
except:
- master
build-php-7.0-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.0" ./php/7.0
- docker push "$CI_REGISTRY_IMAGE/php:7.0"
only:
- master
when: manual
build-php-7.0-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:7.0-dev" ./php/7.0
- docker push "$CI_REGISTRY_IMAGE/php:7.0-dev"
except:
- master
build-php-5.6-master:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:5.6" ./php/5.6
- docker push "$CI_REGISTRY_IMAGE/php:5.6"
only:
- master
when: manual
build-php-5.6-dev:
stage: deploy
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE/php:5.6-dev" ./php/5.6
- docker push "$CI_REGISTRY_IMAGE/php:5.6-dev"
except:
- master
include:
- template: Security/Container-Scanning.gitlab-ci.yml