Skip to content
Extraits de code Groupes Projets
Valider 0c30ed00 rédigé par Rémi - Le Filament's avatar Rémi - Le Filament
Parcourir les fichiers

Configure Secret Detection in `.gitlab-ci.yml`, creating this file if it does not already exist

parent 9b95041c
Branches
Aucune étiquette associée trouvée
1 requête de fusion!1Configure Secret Detection in `.gitlab-ci.yml`, creating this file if it does not already exist
# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
image: docker:20.10.17 image: docker:20.10.17
include: include:
- template: Security/Container-Scanning.gitlab-ci.yml - template: Security/Container-Scanning.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
container_scanning: container_scanning:
variables: variables:
DOCKER_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_BRANCH DOCKER_IMAGE: "$CI_REGISTRY_IMAGE:$CI_COMMIT_BRANCH"
DOCKERFILE_PATH: $CI_COMMIT_BRANCH.Dockerfile DOCKERFILE_PATH: "$CI_COMMIT_BRANCH.Dockerfile"
docker-build-10.0: docker-build-10.0:
# Official docker image.
image: docker:20.10.17 image: docker:20.10.17
stage: build stage: build
services: services:
...@@ -19,10 +24,8 @@ docker-build-10.0: ...@@ -19,10 +24,8 @@ docker-build-10.0:
- docker build --pull -f 10.0.Dockerfile -t "$CI_REGISTRY_IMAGE:10.0" . - docker build --pull -f 10.0.Dockerfile -t "$CI_REGISTRY_IMAGE:10.0" .
- docker push "$CI_REGISTRY_IMAGE:10.0" - docker push "$CI_REGISTRY_IMAGE:10.0"
only: only:
- "10.0" - '10.0'
docker-build-12.0: docker-build-12.0:
# Official docker image.
image: docker:20.10.17 image: docker:20.10.17
stage: build stage: build
services: services:
...@@ -32,15 +35,14 @@ docker-build-12.0: ...@@ -32,15 +35,14 @@ docker-build-12.0:
script: script:
- docker build --pull -f 12.0.Dockerfile -t "$CI_REGISTRY_IMAGE:12.0" . - docker build --pull -f 12.0.Dockerfile -t "$CI_REGISTRY_IMAGE:12.0" .
- docker build --pull -f 12.0_ml.Dockerfile -t "$CI_REGISTRY_IMAGE:12.0_ml" . - docker build --pull -f 12.0_ml.Dockerfile -t "$CI_REGISTRY_IMAGE:12.0_ml" .
- docker build --pull -f 12.0_py3.6.Dockerfile -t "$CI_REGISTRY_IMAGE:12.0_py3.6" . - docker build --pull -f 12.0_py3.6.Dockerfile -t "$CI_REGISTRY_IMAGE:12.0_py3.6"
.
- docker push "$CI_REGISTRY_IMAGE:12.0" - docker push "$CI_REGISTRY_IMAGE:12.0"
- docker push "$CI_REGISTRY_IMAGE:12.0_ml" - docker push "$CI_REGISTRY_IMAGE:12.0_ml"
- docker push "$CI_REGISTRY_IMAGE:12.0_py3.6" - docker push "$CI_REGISTRY_IMAGE:12.0_py3.6"
only: only:
- "12.0" - '12.0'
docker-build-14.0: docker-build-14.0:
# Official docker image.
image: docker:20.10.17 image: docker:20.10.17
stage: build stage: build
services: services:
...@@ -51,10 +53,8 @@ docker-build-14.0: ...@@ -51,10 +53,8 @@ docker-build-14.0:
- docker build --pull -f 14.0.Dockerfile -t "$CI_REGISTRY_IMAGE:14.0" . - docker build --pull -f 14.0.Dockerfile -t "$CI_REGISTRY_IMAGE:14.0" .
- docker push "$CI_REGISTRY_IMAGE:14.0" - docker push "$CI_REGISTRY_IMAGE:14.0"
only: only:
- "14.0" - '14.0'
docker-build-16.0: docker-build-16.0:
# Official docker image.
image: docker:20.10.17 image: docker:20.10.17
stage: build stage: build
services: services:
...@@ -65,10 +65,8 @@ docker-build-16.0: ...@@ -65,10 +65,8 @@ docker-build-16.0:
- docker build --pull -f 16.0.Dockerfile -t "$CI_REGISTRY_IMAGE:16.0" . - docker build --pull -f 16.0.Dockerfile -t "$CI_REGISTRY_IMAGE:16.0" .
- docker push "$CI_REGISTRY_IMAGE:16.0" - docker push "$CI_REGISTRY_IMAGE:16.0"
only: only:
- "16.0" - '16.0'
docker-build-16.0-alpine: docker-build-16.0-alpine:
# Official docker image.
image: docker:20.10.17 image: docker:20.10.17
stage: build stage: build
services: services:
...@@ -76,7 +74,8 @@ docker-build-16.0-alpine: ...@@ -76,7 +74,8 @@ docker-build-16.0-alpine:
before_script: before_script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
script: script:
- docker build --pull -f 16.0-alpine.Dockerfile -t "$CI_REGISTRY_IMAGE:16.0-alpine" . - docker build --pull -f 16.0-alpine.Dockerfile -t "$CI_REGISTRY_IMAGE:16.0-alpine"
.
- docker push "$CI_REGISTRY_IMAGE:16.0-alpine" - docker push "$CI_REGISTRY_IMAGE:16.0-alpine"
only: only:
- "16.0" - '16.0'
0% Chargement en cours ou .
You are about to add 0 people to the discussion. Proceed with caution.
Veuillez vous inscrire ou vous pour commenter