Newer
Older
- dev_pulling_repo
- dev_secrets_in_repo
- dev_linting_code
- dev_linting_docker
variables:
GITLAB_API: "https://labs.etsi.org/api/v4"
CI_JOB_TOKEN: $CI_JOB_TOKEN
CI_REGISTRY_USER: $CI_REGISTRY_USER
CI_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD
CI_REGISTRY: $CI_REGISTRY
#dev_pulling_repo:
# stage: dev_pulling_repo
# script:
# - git clone https://oauth2:${CI_JOB_TOKEN}@labs.etsi.org/rep/ocf/capif.git
# <<: *dev_common
- |
pip install trufflehog
trufflehog capif --exclude_paths capif/cicd/exclusions --max_depth=5
# needs: ["dev_pulling_repo"]
# define the process to do linting code: Sonarque, ruff?
- |
echo "###ruff checks###"
pip install ruff
# Download hadolint binary
wget https://github.com/hadolint/hadolint/releases/download/v2.8.0/hadolint-Linux-x86_64 -O hadolint
# Make it executable
chmod +x hadolint
# Move it to your binaries folder
#find . -name 'services/Dockerfile*' -exec hadolint --no-fail -f gitlab_codeclimate {} + > docker-lint.json
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
../hadolint services/vault/Dockerfile || true
echo "### nginx ###"
../hadolint services/nginx/Dockerfile || true
echo "### register ###"
../hadolint services/register/Dockerfile || true
echo "### TS29222_CAPIF_Access_Control_Policy_API ###"
../hadolint services/TS29222_CAPIF_Access_Control_Policy_API/Dockerfile || true
echo "### TS29222_CAPIF_API_Invoker_Management_API ###"
../hadolint services/TS29222_CAPIF_API_Invoker_Management_API/Dockerfile || true
echo "### TS29222_CAPIF_API_Provider_Management_API ###"
../hadolint services/TS29222_CAPIF_API_Provider_Management_API/Dockerfile || true
echo "### TS29222_CAPIF_Auditing_API ###"
../hadolint services/TS29222_CAPIF_Auditing_API/Dockerfile || true
echo "### TS29222_CAPIF_Discover_Service_API ###"
../hadolint services/TS29222_CAPIF_Discover_Service_API/Dockerfile || true
echo "### TS29222_CAPIF_Events_API ###"
../hadolint services/TS29222_CAPIF_Events_API/Dockerfile || true
echo "### TS29222_CAPIF_Logging_API_Invocation_API ###"
../hadolint services/TS29222_CAPIF_Logging_API_Invocation_API/Dockerfile || true
echo "### TS29222_CAPIF_Publish_Service_API ###"
../hadolint services/TS29222_CAPIF_Publish_Service_API/Dockerfile || true
echo "### TS29222_CAPIF_Routing_Info_API ###"
../hadolint services/TS29222_CAPIF_Routing_Info_API/Dockerfile || true
echo "### TS29222_CAPIF_Security_API ###"
../hadolint services/TS29222_CAPIF_Security_API/Dockerfile || true
# artifacts:
# name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
# when: always
# reports:
# codequality:
# - docker-lint.json
# interruptible: true
- echo "### build and push capif-client image ###"
- docker login --username $CI_REGISTRY_USER --password $CAPIF_DOCKER_REGISTRY $CI_REGISTRY
- docker build -t $CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/capif-client:$CI_COMMIT_REF_SLUG .
- docker push $CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/capif-client:$CI_COMMIT_REF_SLUG
- echo "----------------------------------------------------"
# - echo "### build and push nginx image ###"
# - cd services/nginx/
# - docker build -t $CI_REGISTRY/ocf/capif/nginx:$CI_COMMIT_REF_SLUG .
# - docker push $CI_REGISTRY/ocf/capif/nginx:$CI_COMMIT_REF_SLUG
# - echo "----------------------------------------------------"
# - echo "### build and push register image ###"
# - cd services/register/
# - docker build -t $CI_REGISTRY/ocf/capif/register:$CI_COMMIT_REF_SLUG .
# - docker push $CI_REGISTRY/ocf/capif/register:$CI_COMMIT_REF_SLUG
# - echo "----------------------------------------------------"
# - echo "### build and push TS29222_CAPIF_Access_Control_Policy_API image ###"
# - cd services/TS29222_CAPIF_Access_Control_Policy_API/
# - docker build -t $CI_REGISTRY/ocf/capif/ocf-access-control-policy:$CI_COMMIT_REF_SLUG .
# - docker push $CI_REGISTRY/ocf/capif/register:$CI_COMMIT_REF_SLUG
# - echo "----------------------------------------------------"
# - docker logout $CI_REGISTRY
<<: *dev_common