update docker build and add php scheker for php

2021-06-22 20:31:59 +00:00 · 2021-06-22 20:31:59 +00:00 · a411ef6894
commit a411ef6894
parent 12f437ec96
1 changed files with 26 additions and 7 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -4,16 +4,35 @@ cache:
    - node_modules/
    - public/API/vendor/

-docker-build-master:
-  # Official docker image.
+docker-build:
+  # Use the official docker image.
  image: docker:latest
  stage: build
  services:
    - docker:dind
  before_script:
-    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" gitlab.jonasled.de
+    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+  # Default branch leaves tag empty (= latest tag)
+  # All other branches are tagged with the escaped branch name (commit ref slug)
  script:
-    - docker build -t gitlab.jonasled.de/jonasled/website:latest .
-    - docker push "gitlab.jonasled.de/jonasled/website:latest"
-  only:
-    - master
+    - |
+      if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
+        tag=""
+        echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
+      else
+        tag=":$CI_COMMIT_REF_SLUG"
+        echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
+      fi
+    - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
+    - docker push "$CI_REGISTRY_IMAGE${tag}"
+  # Run this job in a branch where a Dockerfile exists
+  rules:
+    - if: $CI_COMMIT_BRANCH
+      exists:
+        - Dockerfile
+
+php-security-checker:
+  stage: linting
+  image: registry.gitlab.com/pipeline-components/php-security-checker:latest
+  script:
+    - cd public/API && security-checker security:check composer.lock