-
Notifications
You must be signed in to change notification settings - Fork 1
/
.gitlab-ci.yml
36 lines (32 loc) · 944 Bytes
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
---
stages:
- kics-scan
.docker-login: &docker-login
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
test:
<<: *docker-login
stage: kics-scan
script:
- docker run $CI_REGISTRY_IMAGE:latest --scan-repo ${TEST_REPOSITORY} --gitlab-hostname ${GITLAB_HOSTNAME} --gitlab-access-token ${GITLAB_ACCESS_TOKEN}
needs:
- build
rules:
- if: $CI_PIPELINE_SOURCE == "schedule" && $TEST_SCAN == "true"
scan:
<<: *docker-login
stage: kics-scan
script:
- docker run $CI_REGISTRY_IMAGE:latest --gitlab-hostname ${GITLAB_HOSTNAME} --gitlab-access-token ${GITLAB_ACCESS_TOKEN}
needs:
- build
rules:
- if: $CI_PIPELINE_SOURCE == "schedule" && $LIVE_SCAN == "true"
build:
<<: *docker-login
stage: kics-scan
script:
- docker build -t $CI_REGISTRY_IMAGE:latest .
- docker push $CI_REGISTRY_IMAGE:latest
rules:
- if: $CI_PIPELINE_SOURCE == "schedule"