-
semantic-release-bot authored
## [5.0.2](https://gitlab.com/to-be-continuous/docker/compare/5.0.1...5.0.2) (2023-05-16) ### Bug Fixes * **kaniko:** fix $HOME variable ([e213a9e2](https://gitlab.com/to-be-continuous/docker/commit/e213a9e24c6712b04af75421ff03e0cf4a52dd34))
semantic-release-bot authored## [5.0.2](https://gitlab.com/to-be-continuous/docker/compare/5.0.1...5.0.2) (2023-05-16) ### Bug Fixes * **kaniko:** fix $HOME variable ([e213a9e2](https://gitlab.com/to-be-continuous/docker/commit/e213a9e24c6712b04af75421ff03e0cf4a52dd34))
gitlab-ci-docker.yml 32.35 KiB
# =========================================================================================
# Copyright (C) 2021 Orange & contributors
#
# This program is free software; you can redistribute it and/or modify it under the terms
# of the GNU Lesser General Public License as published by the Free Software Foundation;
# either version 3 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
# without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along with this
# program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
# Floor, Boston, MA 02110-1301, USA.
# =========================================================================================
# default workflow rules: Merge Request pipelines
workflow:
rules:
# prevent branch pipeline when an MR is open (prefer MR pipeline)
- if: '$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS'
when: never
- when: always
# test job prototype: implement adaptive pipeline rules
.test-policy:
rules:
# on tag: auto & failing
- if: $CI_COMMIT_TAG
# on ADAPTIVE_PIPELINE_DISABLED: auto & failing
- if: '$ADAPTIVE_PIPELINE_DISABLED == "true"'
# on production or integration branch(es): auto & failing
- if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# early stage (dev branch, no MR): manual & non-failing
- if: '$CI_MERGE_REQUEST_ID == null && $CI_OPEN_MERGE_REQUESTS == null'
when: manual
allow_failure: true
# Draft MR: auto & non-failing
- if: '$CI_MERGE_REQUEST_TITLE =~ /^Draft:.*/'
allow_failure: true
# else (Ready MR): auto & failing
- when: on_success
variables:
# variabilized tracking image
TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master"
DOCKER_LINT_IMAGE: "registry.hub.docker.com/projectatomic/dockerfile-lint:latest"
DOCKER_HADOLINT_IMAGE: "registry.hub.docker.com/hadolint/hadolint:latest-alpine"
DOCKER_IMAGE: "registry.hub.docker.com/library/docker:latest"
DOCKER_DIND_IMAGE: "registry.hub.docker.com/library/docker:dind"
DOCKER_KANIKO_IMAGE: "gcr.io/kaniko-project/executor:debug"
DOCKER_SKOPEO_IMAGE: "quay.io/skopeo/stable:latest"
DOCKER_BUILDAH_IMAGE: "quay.io/buildah/stable:latest"
# for retro-compatibility (deprecated & undocumented)
DOCKER_DOCKERFILE_PATH: "."
DOCKER_FILE: "$DOCKER_DOCKERFILE_PATH/Dockerfile"
DOCKER_CONFIG_FILE: ".docker/config.json"
# When testing a Docker Health (test stage), how long (in seconds) wait for the HealthCheck status (https://docs.docker.com/engine/reference/builder/#healthcheck)
DOCKER_HEALTHCHECK_TIMEOUT: "60"
# Default Docker config uses the internal GitLab registry
DOCKER_SNAPSHOT_IMAGE: "$CI_REGISTRY_IMAGE/snapshot:$CI_COMMIT_REF_SLUG"
DOCKER_RELEASE_IMAGE: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"
DOCKER_KANIKO_VERBOSITY: "info"
DOCKER_TRIVY_SECURITY_LEVEL_THRESHOLD: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"