diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 1ae92f2ca347f62458f692aca40ef02164d0ea12..2e2cbd6a0f3faca4e295e6487a3c882d1abcdffb 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,14 @@ +include: + - template: Dependency-Scanning.gitlab-ci.yml + - template: Security/Container-Scanning.gitlab-ci.yml + - template: Security/Secret-Detection.gitlab-ci.yml + variables: CONTAINER_IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA CONTAINER_RELEASE_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG + POSTGRES_BASE_IMAGE_VERSION: '11.13-bullseye' + POSTGRES_IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA + PIP_REQUIREMENTS_FILE: /app/requirements/production.txt .kaniko-setup_template: &kaniko-setup - mkdir -p /kaniko/.docker @@ -11,7 +19,7 @@ variables: stages: - build - - package + - test - deploy build: @@ -36,7 +44,7 @@ tag-dev-image: image: name: gcr.io/go-containerregistry/crane:debug entrypoint: [""] - stage: package + stage: deploy before_script: - *crane-setup script: @@ -50,7 +58,7 @@ tag-release-image: image: name: gcr.io/go-containerregistry/crane:debug entrypoint: [""] - stage: package + stage: deploy before_script: - *crane-setup script: @@ -61,21 +69,30 @@ tag-release-image: build_postgres-image: - image: docker:19.03.0 - services: - - docker:19.03.0-dind - tags: - - docker - variables: - POSTGRES_BASE_IMAGE_VERSION: '11.13-bullseye' - POSTGRES_IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA - POSTGRES_IMAGE_VERSION_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$POSTGRES_BASE_IMAGE_VERSION + image: + name: gcr.io/kaniko-project/executor:debug + entrypoint: [""] stage: build + before_script: + - *kaniko-setup script: - - docker build -t $POSTGRES_IMAGE --build-arg POSTGRES_IMAGE_TAG=$POSTGRES_BASE_IMAGE_VERSION -f compose/postgres/Dockerfile . - - docker push $POSTGRES_IMAGE - - docker tag $POSTGRES_IMAGE $POSTGRES_IMAGE_VERSION_TAG - - docker push $POSTGRES_IMAGE_VERSION_TAG + - /kaniko/executor + --context $CI_PROJECT_DIR + --dockerfile $CI_PROJECT_DIR/compose/postgres/Dockerfile + --build-arg POSTGRES_IMAGE_TAG=$POSTGRES_BASE_IMAGE_VERSION + --destination $POSTGRES_IMAGE only: - postgres-image +tag_postgres-image: + image: + name: gcr.io/go-containerregistry/crane:debug + entrypoint: [""] + stage: deploy + before_script: + - *crane-setup + script: + - crane tag $POSTGRES_IMAGE $POSTGRES_BASE_IMAGE_VERSION + only: + - postgres-image + diff --git a/config/settings/docker.py b/config/settings/docker.py index e982b3d3da5f0e477f7bbd4d9896668cb1196380..c46d8cc8b6eaf436c0f7f5c92f8d711c7c9a9fb1 100644 --- a/config/settings/docker.py +++ b/config/settings/docker.py @@ -1,5 +1,5 @@ import os -from . import BASE_DIR, INSTALLED_APPS, PROJECT_EXPORTS, PROJECT_IMPORTS, VENDOR +from . import BASE_DIR, INSTALLED_APPS, PROJECT_EXPORTS, PROJECT_IMPORTS, VENDOR, AUTHENTICATION_BACKENDS, MIDDLEWARE from django.utils.translation import ugettext_lazy as _ ''' @@ -293,13 +293,13 @@ if (str(os.getenv('USE_PROXY')).lower() == 'true'): PROJECT_SEND_ISSUE = False OVERLAYS = {} -#PROJECT_SEND_ISSUE = True -#EMAIL_RECIPIENTS_CHOICES = [ -# ('esteban.huanqui@gwdg.de', 'eRA Support (Esteban) <esteban.huanqui@gwdg.de>'), -# ('thenne@gwdg.de', 'eRA Support (Timo) <thenne@gwdg.de>'), -# ('uveentj@gwdg.de', 'eRA Support (Ubbo) <uveentj@gwdg.de>'), -#] +PROJECT_SEND_ISSUE = True +EMAIL_RECIPIENTS_CHOICES = [ + ('esteban.huanqui@gwdg.de', 'eRA Support (Esteban) <esteban.huanqui@gwdg.de>'), + ('thenne@gwdg.de', 'eRA Support (Timo) <thenne@gwdg.de>'), + ('uveentj@gwdg.de', 'eRA Support (Ubbo) <uveentj@gwdg.de>'), +] -#PROJECT_QUESTIONS_AUTOSAVE = True +PROJECT_QUESTIONS_AUTOSAVE = True