Skip to content
Snippets Groups Projects
Select Git revision
  • master default
  • pica-form
  • tests-de-emma
  • vmalert
  • codimd-fixpdf
  • gchange
  • errors_dynamic
  • traefik-errors
  • DBBackup/simplifications
  • v1.0.1
  • v1.0.0
  • MTA-SASL-poc
  • pica-mail-auth_plaintext
13 results
Blame Permalink
.gitlab-ci.yml 6.28 KiB 
#########################################################################################################################################################
### WARNING : Manual jobs defined with rules key ARE BLOCKING as long as this issue is unresolved : https://gitlab.com/gitlab-org/gitlab/issues/34077 ###
#########################################################################################################################################################

image: docker:19.03.0

# Disable TLS just for the docker daemon running locally, TLS is still used to deploy built images!
variables:
  DOCKER_TLS_CERTDIR: ""
  DOCKER_DRIVER: overlay2

services:
    - docker:19.03.0-dind

# The file variables will be kept accross jobs : it contains useful informations about modified
# Dockerfile / docker-compose in the last commit
cache:
 paths:
  - variables

stages:
  - ci-base
  - build
  - security-tests
  - push

# Hidden key meant to be included in other jobs, for factorization
.pull-modified-image: &pull-modified-image
  image: $REGISTRY_PROD/pica-ci-base
  tags: [build]
  before_script:
    - echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin
    - source variables
    - docker pull $MODIFIED_IMAGE_FULL_TEST

# Build the base image used for all further steps : this is done only when pica-ci's Dockerfile is modified
pica-ci-base:
  stage: ci-base
  tags: [build]
  before_script:
    - echo $REGISTRY_PROD_PASSWORD | docker login $REGISTRY_PROD -u $REGISTRY_PROD_USERNAME --password-stdin
  script:
    - docker build -f pica-ci-base/Dockerfile . -t $REGISTRY_PROD/pica-ci-base:latest
    - docker push $REGISTRY_PROD/pica-ci-base:latest
  after_script:
    - docker logout $REGISTRY_PROD
  only:
    changes:
      - "pica-ci-base/**"
    refs:
      - master
      - dev-ci

# Create a file a few environment variables added (which Dockerfile has been modified, the complete name of the image...)
# The file will be an artifact shared with further steps
set-variables:
  stage: ci-base
  tags: [build]
  image: $REGISTRY_PROD/pica-ci-base
  script:
    - chmod +x ./get-modified-image.sh
    - ./get-modified-image.sh
  # If the Dockerfile is changed, force the build.
  # Otherwise, may be triggered manually.
  only:
    changes:
      - "pica-*/**"

# Build the image that was modified
build: