Loading deployment-service/_docker-deploy.yml +8 −0 Original line number Diff line number Diff line Loading @@ -54,6 +54,10 @@ include: OLD_COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME} DD_PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME} VOL_ADDR: ${DEV_VOL_ADDR} DD_VOL_ADDR: ${DEV_VOL_ADDR} VOL_DEVICE_PREFIX: ${DEV_VOL_DEVICE_PREFIX} DD_VOL_DEVICE_PREFIX: ${DEV_VOL_DEVICE_PREFIX} environment: name: dev Loading @@ -67,5 +71,9 @@ include: OLD_COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME} DD_PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME} VOL_ADDR: ${PRO_VOL_ADDR} DD_VOL_ADDR: ${PRO_VOL_ADDR} VOL_DEVICE_PREFIX: ${PRO_VOL_DEVICE_PREFIX} DD_VOL_DEVICE_PREFIX: ${PRO_VOL_DEVICE_PREFIX} environment: name: pro scanning/container-scanning.yml +27 −3 Original line number Diff line number Diff line Loading @@ -4,11 +4,35 @@ include: container_scanning: stage: post-package variables: GIT_STRATEGY: fetch DOCKERFILE_NAME: Dockerfile before_script: - echo "Find Dockerfile in depth automatically by file name .." - > if [ ! -z "${CS_DOCKERFILE_PATH}" ] && [ -f "${CS_DOCKERFILE_PATH}" ]; then echo "CS_DOCKERFILE_PATH is defined and file exists, omitting automatic lookup"; else dockerfilePath=$(find -name "${DOCKERFILE_NAME}"); if [ -f "${dockerfilePath}" ]; then echo "Detected '${dockerfilePath}' Dockerfile, nice!"; export CS_DOCKERFILE_PATH="${dockerfilePath}"; else echo "CS_DOCKERFILE_PATH is undefined and Dockerfile with name '${DOCKERFILE_NAME}' not found in project!"; fi; fi; rules: - if: $CONTAINER_SCANNING_DISABLED || $CI_MERGE_REQUEST_ID || - if: $CONTAINER_SCANNING_DISABLED == 'true' || $CONTAINER_SCANNING_DISABLED == '1' when: never - if: $CI_MERGE_REQUEST_ID || $CI_COMMIT_TAG || $CI_PIPELINE_SOURCE == "schedule" when: never - if: $CI_COMMIT_BRANCH && $GITLAB_FEATURES =~ /\bcontainer_scanning\b/ $CI_GITLAB_FIPS_MODE == "true" && $CS_ANALYZER_IMAGE !~ /-(fips|ubi)\z/ variables: CS_IMAGE_SUFFIX: -fips - if: $CI_COMMIT_BRANCH Loading
deployment-service/_docker-deploy.yml +8 −0 Original line number Diff line number Diff line Loading @@ -54,6 +54,10 @@ include: OLD_COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME} DD_PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME} VOL_ADDR: ${DEV_VOL_ADDR} DD_VOL_ADDR: ${DEV_VOL_ADDR} VOL_DEVICE_PREFIX: ${DEV_VOL_DEVICE_PREFIX} DD_VOL_DEVICE_PREFIX: ${DEV_VOL_DEVICE_PREFIX} environment: name: dev Loading @@ -67,5 +71,9 @@ include: OLD_COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME} DD_PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME} VOL_ADDR: ${PRO_VOL_ADDR} DD_VOL_ADDR: ${PRO_VOL_ADDR} VOL_DEVICE_PREFIX: ${PRO_VOL_DEVICE_PREFIX} DD_VOL_DEVICE_PREFIX: ${PRO_VOL_DEVICE_PREFIX} environment: name: pro
scanning/container-scanning.yml +27 −3 Original line number Diff line number Diff line Loading @@ -4,11 +4,35 @@ include: container_scanning: stage: post-package variables: GIT_STRATEGY: fetch DOCKERFILE_NAME: Dockerfile before_script: - echo "Find Dockerfile in depth automatically by file name .." - > if [ ! -z "${CS_DOCKERFILE_PATH}" ] && [ -f "${CS_DOCKERFILE_PATH}" ]; then echo "CS_DOCKERFILE_PATH is defined and file exists, omitting automatic lookup"; else dockerfilePath=$(find -name "${DOCKERFILE_NAME}"); if [ -f "${dockerfilePath}" ]; then echo "Detected '${dockerfilePath}' Dockerfile, nice!"; export CS_DOCKERFILE_PATH="${dockerfilePath}"; else echo "CS_DOCKERFILE_PATH is undefined and Dockerfile with name '${DOCKERFILE_NAME}' not found in project!"; fi; fi; rules: - if: $CONTAINER_SCANNING_DISABLED || $CI_MERGE_REQUEST_ID || - if: $CONTAINER_SCANNING_DISABLED == 'true' || $CONTAINER_SCANNING_DISABLED == '1' when: never - if: $CI_MERGE_REQUEST_ID || $CI_COMMIT_TAG || $CI_PIPELINE_SOURCE == "schedule" when: never - if: $CI_COMMIT_BRANCH && $GITLAB_FEATURES =~ /\bcontainer_scanning\b/ $CI_GITLAB_FIPS_MODE == "true" && $CS_ANALYZER_IMAGE !~ /-(fips|ubi)\z/ variables: CS_IMAGE_SUFFIX: -fips - if: $CI_COMMIT_BRANCH
