在 .gitlab-ci.yml 中配置容器扫描,如果该文件不存在则创建该文件
This commit is contained in:
@@ -1,19 +1,30 @@
|
||||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
|
||||
# container_scanning:
|
||||
# variables:
|
||||
# DOCKER_IMAGE: ...
|
||||
# DOCKER_USER: ...
|
||||
# DOCKER_PASSWORD: ...
|
||||
stages:
|
||||
- release
|
||||
|
||||
- release
|
||||
variables:
|
||||
TAGS: ""
|
||||
|
||||
TAGS: ''
|
||||
release-image:
|
||||
image: docker:24.0.6
|
||||
stage: release
|
||||
rules:
|
||||
- if: '$TAGS'
|
||||
- if: "$TAGS"
|
||||
before_script:
|
||||
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
||||
script:
|
||||
- if [ -z "$TAGS" ]; then export TAGS=$(cat tags.txt); fi
|
||||
- |
|
||||
- |-
|
||||
for tag in $TAGS; do
|
||||
export IMAGE_TAG=$CI_REGISTRY_IMAGE:$tag
|
||||
echo $IMAGE_TAG
|
||||
@@ -21,3 +32,5 @@ release-image:
|
||||
docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
|
||||
docker push $IMAGE_TAG
|
||||
done
|
||||
include:
|
||||
- template: Jobs/Container-Scanning.gitlab-ci.yml
|
||||
|
||||
Reference in New Issue
Block a user