stages: - go-test - build - test - dast build: stage: build except: - tags variables: IMAGE_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_BRANCH:$CI_COMMIT_SHA LATEST_IMAGE_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_BRANCH:latest script: - echo $IMAGE_TAG - echo $LATEST_IMAGE_TAG - docker info - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin - docker pull gentoo/portage:latest - docker pull gentoo/stage3-amd64 - docker pull $LATEST_IMAGE_TAG || true - docker build --cache-from $LATEST_IMAGE_TAG -t $IMAGE_TAG -t $LATEST_IMAGE_TAG . - docker push $LATEST_IMAGE_TAG - docker push $IMAGE_TAG build-tag: stage: build only: - tags variables: IMAGE_TAG: $CI_REGISTRY_IMAGE/web:$CI_COMMIT_TAG script: - echo $IMAGE_TAG - docker info - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin - docker pull gentoo/portage:latest - docker pull gentoo/stage3-amd64 - docker build -t $IMAGE_TAG . - docker push $IMAGE_TAG go-test: stage: go-test image: golang:1.14.0 script: - go test -v ./pkg/... include: - template: Dependency-Scanning.gitlab-ci.yml - template: Container-Scanning.gitlab-ci.yml - template: SAST.gitlab-ci.yml # - template: DAST.gitlab-ci.yml variables: DS_DISABLE_DIND: "true" SAST_DISABLE_DIND: "true" DAST_WEBSITE: https://archives.gentoo.org # DAST_FULL_SCAN_ENABLED: "true"