diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a537fb8fd1500db843baa82d524cfc76a01108bc..708d38c40637eb36b3e359a04a5bb95f419ba76a 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -141,8 +141,27 @@ docker-bench-security:
- master
- dev-ci
+push-test:
+ stage: push
+ <<: *pull-modified-image
+ script:
+ - docker tag $REGISTRY_TEST/ci-builds/$MODIFIED_IMAGE:$CI_COMMIT_SHA $MODIFIED_IMAGE_FULL_TEST
+ - echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin
+ # MODIFIED_IMAGE_FULL_TEST already should include the registry URL
+ - docker push $MODIFIED_IMAGE_FULL_TEST
+ after_script:
+ - docker logout $REGISTRY
+ only:
+ changes:
+ - "**/Dockerfile"
+ - "**/docker-compose.yml"
+ refs:
+ - master
+ - dev-ci
+
# Push the generated image on the production registry,
# once it passed all security tests and has been successfully built
+# and run on the test virtual machine
push-prod:
stage: push
<<: *pull-modified-image
@@ -160,3 +179,5 @@ push-prod:
refs:
- master
- dev-ci
+ when:
+ - manual
diff --git a/docker_test.sh b/docker_test.sh
new file mode 100755
index 0000000000000000000000000000000000000000..9b8dab638e924620499caef909c9da028f21f2f4
--- /dev/null
+++ b/docker_test.sh
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+function usage() {
+ echo -e "usage:\t$0 DIRECTORY, e.g. $0 pica-mattermost"
+ echo -e "\tDIRECTORY : name of the directory containing docker-compose.yml\n"
+ echo "This script simulates the first launch of a service : it will recreate all existing volumes for the service"
+ echo "to be sure that it works independently of the former configuration, and then launch 'docker-compose up -d'."
+ echo "This way, you can test your Dockerfile | docker-compose on the testing VM as if it was a brand new VM."
+ echo -e "\nAlso, it will temporarily replace all occurences of 'picasoft.net' by 'test.picasoft.net' for convenience."
+ echo -e "\nThis script will also use the image uploaded on the testing registry, not the production registry."
+ echo -e "\nUSE THIS SCRIPT ONLY ON THE TESTING VM."
+ exit 1
+}
+
+if [[ $(hostname) != *"test"* ]]; then
+ echo "ERROR : DO NOT USE OUTSIDE OF A TEST MACHINE !"
+ usage
+fi
+
+if [[ $# -ne 1 ]]; then
+ echo "ERROR : wrong number of arguments"
+ usage
+fi
+
+if [[ ! -d "$1" ]]; then
+ echo "ERROR : directory does not exist ($1)"
+ usage
+fi
+
+# Go to the folder of the service which will be tested
+cd "$1"
+
+echo -e "Starting procedure for $1...\n"
+echo -e "\n==== Stop and remove existing containers ===="
+docker-compose down
+
+echo "==== Reset and pull Dockerfiles repository ===="
+echo "Using branch" $(git branch --show-current)
+git reset --hard
+git pull
+
+echo -e "\n==== Remove and re-create named external volumes ===="
+for v in $(docker-compose config --volumes); do
+ docker volume rm "$v"
+ docker volume create "$v"
+done
+
+echo -e "\n==== Pull new versions of images ===="
+docker-compose pull
+
+echo -e "\n==== Replace production URL with testing URL in all files ===="
+for f in $(grep -l -r ".picasoft.net" .); do
+ echo -e "\t*" ${f}
+ sed -i "s/.picasoft.net/.test.picasoft.net/g" ${f}
+done
+
+echo -e "\n==== Lauch $1 and restore repository ===="
+docker-compose up -d
+git reset --hard
+
+echo -e "\n==== Print logs (use Ctrl+C to stop) ===="
+docker-compose logs -f
diff --git a/get-modified-image.sh b/get-modified-image.sh
index eaadcdd4fd825d952adc03c747ade17fc8089e6f..92facd394b72b2ff46748b31f0916d19562ad110 100755
--- a/get-modified-image.sh
+++ b/get-modified-image.sh
@@ -17,6 +17,8 @@ done
echo "export MODIFIED_IMAGE=${RES}" > variables
# Image name with wanted registry and tag, fetched from Docker Compose
-RES=$(cat $RES/docker-compose.yml | grep $RES | cut -d ':' -f2- | tr -d ' ')
+RES=$(cat $RES/docker-compose.yml | grep $RES | cut -d ':' -f2- | cut -d '/' -f2- | tr -d ' ')
if [ "$RES" = "" ]; then exit 1; fi
-echo "export MODIFIED_IMAGE_FULL=${RES}" >> variables
+
+echo "export MODIFIED_IMAGE_FULL_TEST=registry.test.picasoft.net/${RES}" >> variables
+echo "export MODIFIED_IMAGE_FULL=registry.picasoft.net/${RES}" >> variables