--- default: image: $CI_REGISTRY_IMAGE:latest include: - template: Code-Quality.gitlab-ci.yml - template: Container-Scanning.gitlab-ci.yml - template: SAST.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml - template: Security/License-Scanning.gitlab-ci.yml - template: Security/Secret-Detection.gitlab-ci.yml stages: - build - test - qa - security - release - docker - misc build: stage: build needs: [] script: - make artifacts: paths: - terraform-provider-garage expire_in: 1 week test: stage: test needs: [] script: - make test pre commit: stage: qa needs: [] script: - pre-commit run --all-files code_quality: stage: qa needs: [] license_scanning: stage: qa needs: [] sast: stage: security needs: [] dependency_scanning: stage: security needs: [] secret_detection: stage: security needs: [] release: stage: release variables: # Disable shallow cloning so that goreleaser can diff between tags to # generate a changelog. GIT_DEPTH: 0 script: - gpg --import < $TERRAFORM_GPG_PRIV_KEY_FILE - GITHUB_TOKEN= goreleaser release -f .goreleaser.gitlab.yml --rm-dist - GITLAB_TOKEN= goreleaser release -f .goreleaser.github.yml --rm-dist artifacts: paths: - dist/ expire_in: never only: - tags docker build: stage: docker needs: [] image: name: gcr.io/kaniko-project/executor:debug entrypoint: [""] before_script: - mkdir -p /kaniko/.docker - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json script: - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA --destination $CI_REGISTRY_IMAGE:latest code_navigation: stage: misc image: sourcegraph/lsif-go:v1 needs: [] script: - lsif-go allow_failure: true # recommended artifacts: reports: lsif: dump.lsif container_scanning: stage: misc needs: - docker build