-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.gitlab-ci.yml
54 lines (47 loc) · 1.63 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
include:
- project: 'to-be-continuous/docker'
ref: '5.8.1'
file: '/templates/gitlab-ci-docker.yml'
variables:
DOCKER_REGISTRY_MIRROR: docker.snap-ci.ovh
DOCKER_REGISTRY_USER: $NEXUS_USER
DOCKER_REGISTRY_PASSWORD: $NEXUS_PASSWORD
DOCKER_SNAPSHOT_IMAGE: "$NEXUS_URL/$CI_PROJECT_NAME:$CI_COMMIT_REF_NAME"
DOCKER_RELEASE_IMAGE: "$NEXUS_URL/$CI_PROJECT_NAME:latest"
DOCKER_TRIVY_ARGS: "--ignore-unfixed --vuln-type os --debug --timeout 15m"
DOCKER_TRIVY_SECURITY_LEVEL_THRESHOLD: CRITICAL
DOCKER_HADOLINT_ARGS: --failure-threshold error
DOCKER_PROD_PUBLISH_STRATEGY: auto
docker-trivy:
allow_failure: true
docker-sbom:
allow_failure: true
# Report on Github cf https://ecp-ci.gitlab.io/docs/guides/build-status-gitlab.html
.report-status:
image: curlimages/curl
variables:
URL: "https://api.github.com/repos/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/statuses/${CI_COMMIT_SHA}"
STATUS_NAME: snap-ci
script:
# For complete details on the GitHub API please see:
# https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#create-a-commit-status
- |-
curl -X POST $URL -H "Accept: application/vnd.github+json" -H "Authorization: Bearer $GITHUB_TOKEN" -H "X-GitHub-Api-Version: 2022-11-28" -d '{"state": "'$CI_JOB_NAME'", "context": "'$STATUS_NAME'", "target_url": "'$CI_PIPELINE_URL'", "description": "Build docker image"}'
environment:
name: reporting-github
dependencies: []
retry: 2
pending:
stage: .pre
extends:
- .report-status
success:
stage: .post
extends:
- .report-status
failure:
stage: .post
extends:
- .report-status
rules:
- when: on_failure