Skip to content
Snippets Groups Projects
Commit aac4c10c authored by Mick Veldhuis's avatar Mick Veldhuis
Browse files

Merge branch 'add-cicd-pipeline' into 'main'

Add basic CI/CD functionality

See merge request !6
parents 147c0546 05c320e7
No related branches found
No related tags found
1 merge request!6Add basic CI/CD functionality
Pipeline #99571 passed
default:
image:
name: $CI_REGISTRY_IMAGE/ci-build-runner:$CI_COMMIT_REF_SLUG
pull_policy: [always]
workflow:
rules:
# Do not create (detached) pipelines on merge request events
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
when: never
- when: always
stages:
- prepare
- test
include:
- template: Security/SAST.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
# Prepare image to run ci on
trigger_prepare:
stage: prepare
trigger:
strategy: depend
include: .prepare.gitlab-ci.yml
sast:
variables:
SAST_EXCLUDED_ANALYZERS: brakeman, kubesec, nodejs-scan, phpcs-security-audit,
pmd-apex, sobelow, spotbugs
stage: test
# Validate the top-level workflow(s) and their input(s)
validate:
stage: test
needs: ["trigger_prepare"]
script:
- cwltool --validate workflows/pipeline.cwl tests/pipeline_input.json
stages:
- build
build_ci_runner_image:
stage: build
image: docker
tags:
- dind
script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- |
if docker pull $CI_REGISTRY_IMAGE/ci-build-runner:$CI_COMMIT_REF_SLUG; then
docker build --cache-from $CI_REGISTRY_IMAGE/ci-build-runner:$CI_COMMIT_REF_SLUG --tag $CI_REGISTRY_IMAGE/ci-build-runner:$CI_COMMIT_REF_SLUG docker/ci-runner
else
docker pull $CI_REGISTRY_IMAGE/ci-build-runner:latest || true
docker build --cache-from $CI_REGISTRY_IMAGE/ci-build-runner:latest --tag $CI_REGISTRY_IMAGE/ci-build-runner:$CI_COMMIT_REF_SLUG docker/ci-runner
fi
- docker push $CI_REGISTRY_IMAGE/ci-build-runner:$CI_COMMIT_REF_SLUG # push the image
- |
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
docker image tag $CI_REGISTRY_IMAGE/ci-build-runner:$CI_COMMIT_REF_SLUG $CI_REGISTRY_IMAGE/ci-build-runner:latest
docker push $CI_REGISTRY_IMAGE/ci-build-runner:latest
fi
FROM ubuntu:22.04
# This Docker image contains the bare necessities to
# validate the project's CWL scripts.
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y \
wget \
python3 \
&& \
rm -rf /var/lib/apt/lists/*
RUN wget -q https://bootstrap.pypa.io/get-pip.py && \
python3 get-pip.py
RUN python3 -m pip install --no-cache-dir --upgrade \
nodejs-wheel \
cwltool
RUN node --version
RUN cwltool --version
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment