Merge branch 'set-container-scanning-config-1' into 'main'

在 `.gitlab-ci.yml` 中配置容器扫描，如果该文件不存在则创建该文件 See merge request crack/n8n!1
2023-11-16 09:25:00 +00:00
parent 948ca15fe3 999f91cbfa
commit 4cd8b02891
1 changed files with 27 additions and 15 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,23 +1,35 @@
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
+
+# container_scanning:
+#   variables:
+#     DOCKER_IMAGE: ...
+#     DOCKER_USER: ...
+#     DOCKER_PASSWORD: ...
 stages:
-  - release
-
+- release
+- test
 variables:
-  TAGS: ""
-
+  CI_APPLICATION_REPOSITORY: $CI_REGISTRY_IMAGE
+  CI_APPLICATION_TAG: ai-beta
 release-image:
  image: docker:24.0.6
  stage: release
  rules:
-    - if: '$TAGS'
+  - if: "$CI_APPLICATION_TAG"
  before_script:
-    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
  script:
-    - if [ -z "$TAGS" ]; then export TAGS=$(cat tags.txt); fi
-    - |
-      for tag in $TAGS; do
-        export IMAGE_TAG=$CI_REGISTRY_IMAGE:$tag
-        echo $IMAGE_TAG
-        sed "s/latest/$tag/g" Dockerfile > Dockerfile.tmp
-        docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
-        docker push $IMAGE_TAG
-      done
+  - |-
+    export IMAGE_TAG=$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG
+    echo $IMAGE_TAG
+    sed "s/latest/$CI_APPLICATION_TAG/g" Dockerfile > Dockerfile.tmp
+    docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
+    docker push $IMAGE_TAG
+include:
+- template: Jobs/Container-Scanning.gitlab-ci.yml