/
.gitlab-ci.yml
49 lines (45 loc) · 1.42 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
stages:
- Image Copy
# - Build
# - Image Scan
# - Application Scan
Copy Images:
stage: Image Copy
tags:
- qed-stg-runner
when: manual
image:
name: gcr.io/go-containerregistry/crane:debug
entrypoint: [ "" ]
script:
- crane auth login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
- crane copy "ghcr.io/quanted/qed-nginx:epa" "$CI_REGISTRY_IMAGE/qed-nginx:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA"
# Build Image:
# stage: Build
# tags:
# - devsecops-instance
# image:
# name: gcr.io/kaniko-project/executor:debug
# entrypoint: [""]
# script:
# - mkdir -p /kaniko/.docker
# - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
# - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --build-arg config=nginx_epa_aws_kube.conf --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
# Prisma:
# stage: Image Scan
# tags:
# - devsecops-instance
# when: manual
# image: docker:20.10
# # This needs a TwistCLI image based on a Docker base image.
# script:
# - echo "Simulate a Prisma scan."
# NetSparker:
# stage: Application Scan
# tags:
# - devsecops-instance
# when: manual
# image: docker:20.10
# # This needs a NetSparker image to invoke the scan.
# script:
# - echo "Simulate a NetSparker scan."