124 lines
3.8 KiB
YAML
124 lines
3.8 KiB
YAML
variables:
|
|
GIT_SUBMODULE_STRATEGY: recursive
|
|
GIT_SUBMODULE_UPDATE_FLAGS: --jobs 4
|
|
# https://hub.docker.com/r/alpine/git/tags
|
|
GIT_VERSION: v2.36.2
|
|
|
|
stages:
|
|
- test
|
|
- update
|
|
- build
|
|
|
|
# Description
|
|
# This script allows to store the artefacts of a step into the current
|
|
# repository, to improve the efficiency of the next build process.
|
|
|
|
# Set up this script
|
|
# 1. Create a new personal access token (https://gitlab.com/-/profile/personal_access_tokens)
|
|
# with the following scopes:
|
|
# - read_repository
|
|
# - write_repository
|
|
# 2. Inside Settings -> CI / CD -> Variables, create the following variables:
|
|
#
|
|
# GITLAB_TOKEN Personal access token previously created.
|
|
# (masked)
|
|
# GITLAB_USERNAME Username associated with the personal access token.
|
|
# COMMIT_MESSAGE Commit message
|
|
|
|
# Other variables used by this script
|
|
# The following variables are defined automatically by GitLab CI. Thus, you
|
|
# don't need to override them.
|
|
#
|
|
# CI_COMMIT_SHA Commit SHA, to use a unique directory name.
|
|
# CI_DEFAULT_BRANCH Default branch.
|
|
# CI_PROJECT_PATH Current project path.
|
|
# CI_SERVER_HOST Hostname of the current GitLab instance.
|
|
# GITLAB_USER_EMAIL Email of the user used to commit the changes to the
|
|
# secondary repository.
|
|
# GITLAB_USER_NAME User name of the user used to commit the changes to
|
|
# the secondary repository.
|
|
|
|
.git:push:
|
|
after_script:
|
|
# Go to the new directory
|
|
- cd "${CI_COMMIT_SHA}"
|
|
|
|
# Add all generated files to Git
|
|
- git add .
|
|
|
|
- |-
|
|
# Check if we have modifications to commit
|
|
CHANGES=$(git status --porcelain | wc -l)
|
|
|
|
if [ "$CHANGES" -gt "0" ]; then
|
|
# Show the status of files that are about to be created, updated or deleted
|
|
git status
|
|
|
|
# Commit all changes
|
|
git commit -m "${COMMIT_MESSAGE}"
|
|
|
|
# Update the repository and make sure to skip the pipeline create for this commit
|
|
git push origin "${CI_DEFAULT_BRANCH}" -o ci.skip
|
|
fi
|
|
before_script:
|
|
# Clone the repository via HTTPS inside a new directory
|
|
- git clone "https://${GITLAB_USERNAME}:${GITLAB_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git" "${CI_COMMIT_SHA}"
|
|
|
|
# Set the displayed user with the commits that are about to be made
|
|
- git config --global user.email "${GIT_USER_EMAIL:-$GITLAB_USER_EMAIL}"
|
|
- git config --global user.name "${GIT_USER_NAME:-$GITLAB_USER_NAME}"
|
|
image:
|
|
entrypoint: ['']
|
|
name: alpine/git:${GIT_VERSION}
|
|
|
|
sast:
|
|
stage: test
|
|
include:
|
|
- template: Security/SAST.gitlab-ci.yml
|
|
|
|
update-gitmodules:
|
|
extends: .git:push
|
|
stage: update
|
|
|
|
script:
|
|
- cd "${CI_COMMIT_SHA}"
|
|
- git submodule update --init --recursive
|
|
- git submodule update --remote
|
|
only:
|
|
- schedules
|
|
- manual
|
|
except:
|
|
- main
|
|
needs: []
|
|
|
|
build-docker:
|
|
stage: build
|
|
image:
|
|
name: gcr.io/kaniko-project/executor:debug
|
|
entrypoint: [""]
|
|
|
|
script:
|
|
- mkdir -p /kaniko/.docker
|
|
- echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
|
|
- >-
|
|
/kaniko/executor --force
|
|
--context "${CI_PROJECT_DIR}"
|
|
--dockerfile "${CI_PROJECT_DIR}/Dockerfile"
|
|
--destination "${CI_REGISTRY}/mediawiki/miki:${CI_COMMIT_SHORT_SHA}"
|
|
--cache=true
|
|
--cache-repo="${CI_REGISTRY}/mediawiki/miki-cache"
|
|
- >-
|
|
/kaniko/executor --force
|
|
--context "${CI_PROJECT_DIR}"
|
|
--dockerfile "${CI_PROJECT_DIR}/Dockerfile"
|
|
--destination "${CI_REGISTRY}/mediawiki/miki:latest"
|
|
--cache=true
|
|
--cache-repo="${CI_REGISTRY}/mediawiki/miki-cache"
|
|
only:
|
|
- main
|
|
except:
|
|
- schedules
|
|
needs:
|
|
- job: update-gitmodules
|
|
optional: true
|