Pour tout problème contactez-nous par mail : support@froggit.fr | La FAQ :grey_question: | Rejoignez-nous sur le Chat :speech_balloon:

Skip to content
Snippets Groups Projects
Commit f360e098 authored by Dorian Turba's avatar Dorian Turba
Browse files

Merge branch 'trunk'

parents 68870e3c 125647b5
No related branches found
No related tags found
No related merge requests found
Pipeline #38668 passed
[tool.bumpversion] [tool.bumpversion]
commit = true commit = true
current_version = "2.0.1" current_version = "2.0.2"
parse = "(?P<major>\\d+)\\.(?P<minor>\\d+)\\.(?P<patch>\\d+)" parse = "(?P<major>\\d+)\\.(?P<minor>\\d+)\\.(?P<patch>\\d+)"
replace = "{new_version}" replace = "{new_version}"
search = "{current_version}" search = "{current_version}"
......
include: include:
- remote: 'https://gitlab.com/swepy/cicd-templates/docker-build/-/raw/0.2.0/templates/docker-build.yml' - remote: 'https://gitlab.com/swepy/cicd-templates/docker-build/-/raw/0.2.0/templates/docker-build.yml'
- remote: 'https://gitlab.com/swepy/cicd-templates/release-by-changelog/-/raw/0.4.2/templates/release-by-changelog.yml'
- remote: 'https://gitlab.com/swepy/cicd-templates/pypi-to-docker-missing-version/-/raw/0.2.0/templates/pypi-to-docker-missing-version.yml' - remote: 'https://gitlab.com/swepy/cicd-templates/pypi-to-docker-missing-version/-/raw/0.2.0/templates/pypi-to-docker-missing-version.yml'
- remote: 'https://gitlab.com/swepy/cicd-templates/release-by-changelog/-/raw/0.4.2/templates/release-by-changelog.yml'
release_by_changelog: release_by_changelog:
rules: rules:
...@@ -12,8 +12,6 @@ pypi-to-docker-missing-version: ...@@ -12,8 +12,6 @@ pypi-to-docker-missing-version:
IMAGE_NAME: swepy/ruff IMAGE_NAME: swepy/ruff
PACKAGE_NAME: ruff PACKAGE_NAME: ruff
TAGS: 0.0.44 0.0.43 0.0.42 0.0.40 0.0.39 0.0.37 0.0.36 0.0.35 0.0.34 0.0.33 0.0.32 0.0.31 0.0.30 0.0.29 0.0.28 0.0.25 0.0.24 0.0.23 0.0.22 0.0.21 0.0.20 0.0.19 0.0.18 0.0.17 0.0.16 0.0.15 0.0.14 0.0.13 TAGS: 0.0.44 0.0.43 0.0.42 0.0.40 0.0.39 0.0.37 0.0.36 0.0.35 0.0.34 0.0.33 0.0.32 0.0.31 0.0.30 0.0.29 0.0.28 0.0.25 0.0.24 0.0.23 0.0.22 0.0.21 0.0.20 0.0.19 0.0.18 0.0.17 0.0.16 0.0.15 0.0.14 0.0.13
rules:
- if: $CI_PIPELINE_SOURCE == "pipeline"
docker_build: docker_build:
variables: variables:
...@@ -28,10 +26,8 @@ docker_build: ...@@ -28,10 +26,8 @@ docker_build:
- KANIKO_OPTIONS="--build-arg VERSION=$(cat version.txt)" - KANIKO_OPTIONS="--build-arg VERSION=$(cat version.txt)"
- echo "Kaniko options=$KANIKO_OPTIONS" - echo "Kaniko options=$KANIKO_OPTIONS"
needs: needs:
- job: next_version - job: pypi-to-docker-missing-version
artifacts: true artifacts: true
rules:
- if: $CI_PIPELINE_SOURCE == "pipeline"
test_ruff_image: test_ruff_image:
image: $SRC_IMAGE image: $SRC_IMAGE
...@@ -43,41 +39,6 @@ test_ruff_image: ...@@ -43,41 +39,6 @@ test_ruff_image:
- docker - docker
script: script:
- ruff --help - ruff --help
rules:
- if: $CI_PIPELINE_SOURCE == "pipeline"
trivy:
stage: test
image: docker:stable
variables:
SRC_IMAGE: $CI_REGISTRY_IMAGE:$TAG
TAG: $CI_COMMIT_SHA
TRIVY_VERSION: "latest"
services:
- name: docker:dind
entrypoint: ["env", "-u", "DOCKER_HOST"]
command: ["dockerd-entrypoint.sh"]
tags:
- docker
before_script:
- echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin lab.frogg.it:5050
- docker info
- docker pull aquasec/trivy:$TRIVY_VERSION
- wget --no-verbose https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/gitlab.tpl -P /usr/local/bin/
- docker pull $SRC_IMAGE
allow_failure: true
script:
# Build report using Trivy Docker image
- docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $CI_PROJECT_DIR:/root aquasec/trivy:$TRIVY_VERSION image --no-progress --exit-code 0 --format template --template "/usr/local/bin/gitlab.tpl" -o /root/gl-container-scanning-report.json $SRC_IMAGE
# Print report
- docker run --rm -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy:$TRIVY_VERSION image --no-progress --exit-code 0 --severity HIGH $SRC_IMAGE
# Fail on severe vulnerabilities
- docker run --rm -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy:$TRIVY_VERSION image --no-progress --exit-code 1 --severity CRITICAL $SRC_IMAGE
cache:
paths:
- .trivycache/
rules:
- if: $CI_PIPELINE_SOURCE == "pipeline"
docker_push: docker_push:
image: docker:latest image: docker:latest
......
...@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ...@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased] ## [Unreleased]
## [2.0.2] - 2024-07-03
### Fixed
* Job name preventing the pipeline to run
## [2.0.1] - 2024-06-26 ## [2.0.1] - 2024-06-26
### Fixed ### Fixed
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment