Skip to content
Snippets Groups Projects
Verified Commit 9767e2c2 authored by Igor Witz's avatar Igor Witz
Browse files

fix: handle simultaneous pipelines

parent 7182cd89
No related branches found
No related tags found
1 merge request!39Correction d'un bug en cas de pipelines concurrentes
Pipeline #41763 failed
Hide whitespace changes
Inline Side-by-side
.gitlab-ci.yml
+ 7
7
View file @ 9767e2c2
...@@ -15,8 +15,8 @@ metabuild: ...@@ -15,8 +15,8 @@ metabuild:
before_script: before_script:
- echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin - echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin
script: script:
- docker build -f pica-ci/Dockerfile . -t $REGISTRY/pica-ci - docker build -f pica-ci/Dockerfile . -t $REGISTRY/pica-ci:$CI_COMMIT_SHA
- docker push $REGISTRY/pica-ci:latest - docker push $REGISTRY/pica-ci:$CI_COMMIT_SHA
after_script: after_script:
- docker logout $REGISTRY - docker logout $REGISTRY
tags: [build] tags: [build]
...@@ -34,7 +34,7 @@ metabuild: ...@@ -34,7 +34,7 @@ metabuild:
# build the container that was modified # build the container that was modified
build: build:
stage: build stage: build
image: $REGISTRY/pica-ci:latest image: $REGISTRY/pica-ci:$CI_COMMIT_SHA
before_script: before_script:
- echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin - echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin
- source /etc/profile.d/ci-variables - source /etc/profile.d/ci-variables
...@@ -58,7 +58,7 @@ build: ...@@ -58,7 +58,7 @@ build:
# run CoreOS' Clair and make the CI failed if a critical vulnerability isn't in the whitelist # run CoreOS' Clair and make the CI failed if a critical vulnerability isn't in the whitelist
clair: clair:
stage: static_tests stage: static_tests
image: $REGISTRY/pica-ci:latest image: $REGISTRY/pica-ci:$CI_COMMIT_SHA
before_script: before_script:
- echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin - echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin
- docker pull $REGISTRY/ci-builds/$CI_COMMIT_SHA:latest - docker pull $REGISTRY/ci-builds/$CI_COMMIT_SHA:latest
...@@ -91,7 +91,7 @@ clair: ...@@ -91,7 +91,7 @@ clair:
# run docker-bench-security and upload the results # run docker-bench-security and upload the results
docker-bench-security: docker-bench-security:
stage: dynamic_tests stage: dynamic_tests
image: $REGISTRY/pica-ci:latest image: $REGISTRY/pica-ci:$CI_COMMIT_SHA
before_script: before_script:
- echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin - echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USERNAME --password-stdin
- docker pull $REGISTRY/ci-builds/$CI_COMMIT_SHA:latest - docker pull $REGISTRY/ci-builds/$CI_COMMIT_SHA:latest
...@@ -129,7 +129,7 @@ docker-bench-security: ...@@ -129,7 +129,7 @@ docker-bench-security:
# automatically deploy the container on pica01-test # automatically deploy the container on pica01-test
deployment-test: deployment-test:
stage: deployment stage: deployment
image: $REGISTRY/pica-ci:latest image: $REGISTRY/pica-ci:$CI_COMMIT_SHA
variables: variables:
PICA_ENVIRONMENT: "TEST" PICA_ENVIRONMENT: "TEST"
before_script: before_script:
...@@ -171,7 +171,7 @@ deployment-test: ...@@ -171,7 +171,7 @@ deployment-test:
# this will only happen after manually triggering the deployment # this will only happen after manually triggering the deployment
deployment-prod: deployment-prod:
stage: deployment stage: deployment
image: $REGISTRY/pica-ci:latest image: $REGISTRY/pica-ci:$CI_COMMIT_SHA
variables: variables:
PICA_ENVIRONMENT: "PRODUCTION" PICA_ENVIRONMENT: "PRODUCTION"
before_script: before_script:
......
pica-dokuwiki/clair-whitelist.yml
+ 1
1
View file @ 9767e2c2
...@@ -8,4 +8,4 @@ generalwhitelist: ...@@ -8,4 +8,4 @@ generalwhitelist:
CVE-2017-12424: shadow -> Pas de contre-mesure CVE-2017-12424: shadow -> Pas de contre-mesure
CVE-2016-2779: util-linux -> Pas de contre-mesure CVE-2016-2779: util-linux -> Pas de contre-mesure
CVE-2017-14062: libidn11 -> dépendance directe de wget et indirecte de curl, un des 2 est nécessaire pour le HEALTHCHECK et le téléchargement de Dokuwiki -> Pas de contre-mesure CVE-2017-14062: libidn11 -> dépendance directe de wget et indirecte de curl, un des 2 est nécessaire pour le HEALTHCHECK et le téléchargement de Dokuwiki -> Pas de contre-mesure
CVE-2019-11068: libxslt -> dépendance de PHP, pas de contre-mesure CVE-2019-11068: libxslt -> dépendance de PHP, pas de contre-mesure
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment