Update 2 files
- /update.py - /.gitlab-ci.yml
This commit is contained in:
@@ -1,41 +1,32 @@
|
|||||||
|
# You can override the included template(s) by including variable overrides
|
||||||
|
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||||
|
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||||
|
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||||
|
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
|
||||||
|
# Note that environment variables can be set in several places
|
||||||
|
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||||
stages:
|
stages:
|
||||||
- generate
|
|
||||||
- release
|
- release
|
||||||
|
- test
|
||||||
generate:
|
|
||||||
stage: generate
|
|
||||||
image: python:3.11-alpine
|
|
||||||
script:
|
|
||||||
- pip install -r requirements.txt
|
|
||||||
- ./update.py > tags.txt
|
|
||||||
artifacts:
|
|
||||||
expire_in: 1 hour
|
|
||||||
paths:
|
|
||||||
- tags.txt
|
|
||||||
|
|
||||||
|
|
||||||
release-image:
|
|
||||||
needs:
|
|
||||||
- job: generate
|
|
||||||
artifacts: true
|
|
||||||
image: docker:latest
|
|
||||||
stage: release
|
|
||||||
services:
|
|
||||||
- docker:dind
|
|
||||||
variables:
|
variables:
|
||||||
DOCKER_HOST: tcp://docker:2376
|
CI_APPLICATION_REPOSITORY: "$CI_REGISTRY_IMAGE"
|
||||||
DOCKER_TLS_CERTDIR: "/certs"
|
release-image:
|
||||||
DOCKER_TLS_VERIFY: 1
|
image: docker:24.0.6
|
||||||
DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
|
stage: release
|
||||||
|
rules:
|
||||||
|
- if: "$CI_APPLICATION_TAG"
|
||||||
before_script:
|
before_script:
|
||||||
- until docker info; do sleep 1; done
|
|
||||||
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
||||||
script:
|
script:
|
||||||
- |
|
- |-
|
||||||
for tag in $(cat tags.txt); do
|
export IMAGE_TAG=$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG
|
||||||
export IMAGE_TAG=$CI_REGISTRY_IMAGE:$tag
|
|
||||||
echo $IMAGE_TAG
|
echo $IMAGE_TAG
|
||||||
sed "s/latest/$tag/g" Dockerfile > Dockerfile.tmp
|
sed "s/latest/$CI_APPLICATION_TAG/g" Dockerfile > Dockerfile.tmp
|
||||||
docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
|
docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
|
||||||
docker push $IMAGE_TAG
|
docker push $IMAGE_TAG
|
||||||
done
|
container_scanning:
|
||||||
|
needs:
|
||||||
|
- release-image
|
||||||
|
include:
|
||||||
|
- template: Jobs/Container-Scanning.gitlab-ci.yml
|
||||||
|
- template: Security/Secret-Detection.gitlab-ci.yml
|
||||||
|
|||||||
25
update.py
25
update.py
@@ -1,25 +0,0 @@
|
|||||||
#!/usr/bin/env python3
|
|
||||||
import re
|
|
||||||
from dxf import DXF
|
|
||||||
from os import environ
|
|
||||||
|
|
||||||
REPO = 'mattermost/mattermost-enterprise-edition'
|
|
||||||
|
|
||||||
dxf = DXF('registry-1.docker.io', REPO)
|
|
||||||
dxf.authenticate(actions=["pull"])
|
|
||||||
tags = dxf.list_aliases()
|
|
||||||
tags = [tag for tag in tags if re.match(
|
|
||||||
r"^\d+\.\d+\.\d+$", tag) and int(tag.split('.')[0]) >= 8]
|
|
||||||
|
|
||||||
try:
|
|
||||||
local_dxf = DXF(environ['CI_REGISTRY'], environ['CI_PROJECT_PATH'])
|
|
||||||
local_dxf.authenticate(
|
|
||||||
environ['CI_REGISTRY_USER'], environ['CI_REGISTRY_PASSWORD'], actions=["pull"])
|
|
||||||
local_tags = local_dxf.list_aliases()
|
|
||||||
except:
|
|
||||||
local_tags = []
|
|
||||||
|
|
||||||
update_tags = set(tags) - set(local_tags)
|
|
||||||
update_tags.add('latest')
|
|
||||||
|
|
||||||
print(' '.join(update_tags))
|
|
||||||
Reference in New Issue
Block a user