Update file Dockerfile

- /update.py
- /.gitlab-ci.yml

.gitlab-ci.yml

@@ -1,45 +1,34 @@
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 stages:
-  - generate
+- release
-  - build
+- test
-
 variables:
-  #CI_DEBUG_TRACE: "true"
+  CI_APPLICATION_REPOSITORY: "$CI_REGISTRY_IMAGE"
-  CACHE_TTL: 2190h0m0s
+release-image:
-
+  image: docker:24.0.6
-generate:
+  stage: release
-  stage: generate
+  rules:
-  image: python:3.11-alpine
+  - if: "$CI_APPLICATION_TAG"
-  script:
-    - pip install -r requirements.txt
-    - ./update.py > tags.txt
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - tags.txt
-
-
-build:
-  needs:
-    - job: generate
-      artifacts: true
-  image: docker:latest
-  stage: build
-  services:
-    - docker:dind
-  variables:
-    DOCKER_HOST: tcp://docker:2376
-    DOCKER_TLS_CERTDIR: "/certs"
-    DOCKER_TLS_VERIFY: 1
-    DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
   before_script:
-    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
-    - docker info
   script:
-    - |
+  - |-
-      for tag in $(cat tags.txt); do
+    export IMAGE_TAG=$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG
-        export IMAGE_TAG=$CI_REGISTRY_IMAGE:$tag
+    echo $IMAGE_TAG
-        echo $IMAGE_TAG
+    sed "s/latest/$CI_APPLICATION_TAG/g" Dockerfile > Dockerfile.tmp
-        sed "s/latest/$tag/g" Dockerfile > Dockerfile.tmp
+    docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
-        docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
+    docker push $IMAGE_TAG
-        docker push $IMAGE_TAG
+container_scanning:
-      done
+  rules:
+  - if: "$CI_APPLICATION_TAG"
+  needs:
+  - release-image
+include:
+- template: Jobs/Container-Scanning.gitlab-ci.yml
+- template: Security/Secret-Detection.gitlab-ci.yml

Dockerfile

@@ -1,4 +1,4 @@
-FROM dockerproxy.com/mattermost/mattermost-enterprise-edition:latest as base
+FROM mattermost/mattermost-enterprise-edition:latest as base
 
 FROM python:3.10-alpine3.14 as replacer
 

update.py

@@ -1,24 +0,0 @@
-#!/usr/bin/env python3
-import re
-from dxf import DXF
-from os import environ
-
-REPO = 'mattermost/mattermost-enterprise-edition'
-
-dxf = DXF('registry-1.docker.io', REPO)
-dxf.authenticate(actions=["pull"])
-tags = dxf.list_aliases()
-tags = [tag for tag in tags if re.match(
-    r"^\d+\.\d+\.\d+$", tag) and int(tags.split('.')[0]) > 5]
-
-try:
-    local_dxf = DXF(environ['CI_REGISTRY'], environ['CI_PROJECT_PATH'])
-    local_dxf.authenticate(
-        environ['CI_REGISTRY_USER'], environ['CI_REGISTRY_PASSWORD'], actions=["pull"])
-    local_tags = local_dxf.list_aliases()
-except:
-    local_tags = []
-
-update_tags = set(tags) - set(local_tags)
-
-print(' '.join(update_tags))