diff --git a/README.md b/README.md index e589a753fd54e3127f16501381326332c51ecb20..7f7699137bb4b9cc9c459577849e5bb7d10c1e26 100644 --- a/README.md +++ b/README.md @@ -241,7 +241,7 @@ It is bound to the `package-test` stage, and uses the following variables: | Name | description | default value | | -------------------------------------- | -------------------------------------------------------------------- | ----------------- | -| `DOCKER_HEALTHCHECK_DISABLED` | Set to disable health check | _(none: enabled by default)_ | +| `DOCKER_HEALTHCHECK_DISABLED` | Set to `true` to disable health check | _(none: enabled by default)_ | | `DOCKER_HEALTHCHECK_TIMEOUT` | When testing a Docker Health (test stage), how long (in seconds) wait for the [HealthCheck status](https://docs.docker.com/engine/reference/builder/#healthcheck) | `60` | | `DOCKER_HEALTHCHECK_OPTIONS` | Docker options for health check such as port mapping, environment... | _(none)_ | | `DOCKER_HEALTHCHECK_CONTAINER_ARGS` | Set arguments sent to the running container for health check | _(none)_ | @@ -271,7 +271,7 @@ It is bound to the `package-test` stage, and uses the following variables: | `DOCKER_TRIVY_IMAGE` | The docker image used to scan images with Trivy | `aquasec/trivy:latest` | | `DOCKER_TRIVY_ADDR` | The Trivy server address | _(none: disabled by default)_ | | `DOCKER_TRIVY_SECURITY_LEVEL_THRESHOLD`| Severities of vulnerabilities to be displayed (comma separated values: `UNKNOWN`, `LOW`, `MEDIUM`, `HIGH`, `CRITICAL`) | `UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL` | -| `DOCKER_TRIVY_DISABLED`| Set to disable Trivy analysis | _(none)_ | +| `DOCKER_TRIVY_DISABLED`| Set to `true` to disable Trivy analysis | _(none)_ | ### `docker-publish` job diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml index a86fa57054c887f31dcde17f782828e869e62818..ced43ec248b0ed348d53dc87bd9d5384730cdab9 100644 --- a/templates/gitlab-ci-docker.yml +++ b/templates/gitlab-ci-docker.yml @@ -367,7 +367,7 @@ stages: fi } - if [[ -z "$TEMPLATE_CHECK_UPDATE_DISABLED" ]]; then check_for_update docker "1.2.3"; fi + if [[ "$TEMPLATE_CHECK_UPDATE_DISABLED" != "true" ]]; then check_for_update docker "1.2.3"; fi init_workspace # ENDSCRIPT @@ -435,9 +435,9 @@ docker-lint: when: never # execute if DOCKER_LINT_ENABLED set # on production or integration branches: - - if: '$DOCKER_LINT_ENABLED && ($CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF)' + - if: '$DOCKER_LINT_ENABLED == "true" && ($CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF)' # else (development branches): allow failure - - if: '$DOCKER_LINT_ENABLED' + - if: '$DOCKER_LINT_ENABLED == "true"' allow_failure: true docker-hadolint: @@ -470,7 +470,7 @@ docker-hadolint: - if: $CI_MERGE_REQUEST_ID when: never # exclude if DOCKER_HADOLINT_DISABLED set - - if: $DOCKER_HADOLINT_DISABLED + - if: '$DOCKER_HADOLINT_DISABLED == "true"' when: never # on production or integration branches: auto - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF' @@ -589,7 +589,7 @@ docker-healthcheck: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never - - if: $DOCKER_HEALTHCHECK_DISABLED + - if: '$DOCKER_HEALTHCHECK_DISABLED == "true"' when: never - if: $DOCKER_DIND_BUILD @@ -624,7 +624,7 @@ docker-trivy: # exclude merge requests - if: $CI_MERGE_REQUEST_ID when: never - - if: $DOCKER_TRIVY_DISABLED + - if: '$DOCKER_TRIVY_DISABLED == "true"' when: never - if: '$DOCKER_TRIVY_ADDR && ($CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF)' # allow failure on development branches: