variables: LATEST_IMAGE: '$CI_REGISTRY_IMAGE:latest' DOCKER_VERSION: '24.0.2' GOLANG_VERSION: '1.20' NODE_VERSION: '18' ALPINE_VERSION: '3' image: docker:$DOCKER_VERSION-git stages: - test - build - analyse include: - local: .gitlab/_common.gitlab-ci.yml - local: .gitlab/_rules.gitlab-ci.yml - template: Jobs/Secret-Detection.gitlab-ci.yml - template: Jobs/Container-Scanning.gitlab-ci.yml secret_detection: rules: !reference [.rules:default, rules] unit_tests: rules: !reference [.rules:default, rules] stage: test image: golang:$GOLANG_VERSION-alpine extends: - .go-cache script: - go install gotest.tools/gotestsum@latest - gotestsum --junitfile report.xml --format testname -- ./... -coverprofile=profile.cov - go tool cover -func profile.cov coverage: '/\(statements\)(?:\s+)?(\d+(?:\.\d+)?%)/' artifacts: when: always reports: junit: report.xml build_release: rules: !reference [.rules:release, rules] stage: build extends: .login_registry services: - name: docker:$DOCKER_VERSION-dind alias: docker variables: DOCKER_BUILDKIT: '1' DOCKER_TLS_CERTDIR: '/certs' CURRENT_IMAGE: '$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG' GO_BUILDER_IMAGE: '$CI_REGISTRY_IMAGE:go-builder' NODE_BUILDER_IMAGE: '$CI_REGISTRY_IMAGE:node-builder' LOGO_BUILDER_IMAGE: '$CI_REGISTRY_IMAGE:logo' script: - apk add bash - .gitlab/build_image.sh - docker push $CURRENT_IMAGE - docker push $LATEST_IMAGE container_scanning: rules: !reference [.rules:release, rules] stage: analyse variables: CS_IMAGE: $LATEST_IMAGE CS_DOCKERFILE_PATH: docker/Dockerfile