-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci-dso.yml
78 lines (69 loc) · 1.85 KB
/
.gitlab-ci-dso.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# This file is an example on how to use CI on Gitlab DSO platform, it is not yet functionnal with environnment
# references for includes are at https://github.com/cloud-pi-native/gitlab-ci-catalog
stages:
- read-secret
- sonarqube-check
- build-push
include:
- project: $CATALOG_PATH
file: vault-ci.yml
ref: main
- project: $CATALOG_PATH
file: kaniko-ci.yml
ref: main
vault:read_secret:
stage: read-secret
extends: .vault:read_secret
.build-push-branches:
only:
refs:
- branches
extends: .kaniko:build-push
stage: build-push
variables:
WORKING_DIR: .
.build-push-tags:
only:
refs:
- tags
extends: .kaniko:build-push
stage: build-push
variables:
WORKING_DIR: .
build-push-server-tag:
extends: .build-push-tags
variables:
IMAGES_NAMES: server:$CI_COMMIT_TAG server:latest
DOCKERFILE: apps/server/Dockerfile
build-push-client-tag:
extends: .build-push-tags
variables:
IMAGES_NAMES: client:$CI_COMMIT_TAG client:latest
DOCKERFILE: apps/client/Dockerfile
build-push-server-branch:
extends: .build-push-branches
variables:
IMAGES_NAMES: server:$CI_COMMIT_BRANCH
DOCKERFILE: apps/server/Dockerfile
build-push-client-branch:
extends: .build-push-branches
variables:
IMAGES_NAMES: client:$CI_COMMIT_BRANCH
DOCKERFILE: apps/client/Dockerfile
sonarqube-check:
stage: sonarqube-check
image:
name: sonarsource/sonar-scanner-cli:5.0
entrypoint: [""]
before_script:
- cp $SONAR_PROJECT_PROPERTIES ./sonar-project.properties
variables:
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
cache:
key: "${CI_JOB_NAME}"
paths:
- .sonar/cache
script:
- sonar-scanner
allow_failure: true