Commit b73b1f91 authored by Mark Fletcher's avatar Mark Fletcher

10.5 Update the .gitignore, .gitlab-ci.yml, and Dockerfile templates

parent 5eb8a023
...@@ -54,3 +54,10 @@ google-services.json ...@@ -54,3 +54,10 @@ google-services.json
freeline.py freeline.py
freeline/ freeline/
freeline_project_description.json freeline_project_description.json
# fastlane
fastlane/report.xml
fastlane/Preview.html
fastlane/screenshots
fastlane/test_output
fastlane/readme.md
# See https://www.dartlang.org/tools/private-files.html # See https://www.dartlang.org/tools/private-files.html
# Files and directories created by pub # Files and directories created by pub
.dart_tool/
.packages .packages
.pub/ .pub/
build/ build/
......
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# User-specific stuff: # User-specific stuff:
...@@ -9,7 +9,6 @@ ...@@ -9,7 +9,6 @@
# Sensitive or high-churn files: # Sensitive or high-churn files:
.idea/**/dataSources/ .idea/**/dataSources/
.idea/**/dataSources.ids .idea/**/dataSources.ids
.idea/**/dataSources.xml
.idea/**/dataSources.local.xml .idea/**/dataSources.local.xml
.idea/**/sqlDataSources.xml .idea/**/sqlDataSources.xml
.idea/**/dynamic.xml .idea/**/dynamic.xml
......
...@@ -45,6 +45,7 @@ nosetests.xml ...@@ -45,6 +45,7 @@ nosetests.xml
coverage.xml coverage.xml
*.cover *.cover
.hypothesis/ .hypothesis/
.pytest_cache/
# Translations # Translations
*.mo *.mo
......
...@@ -13,6 +13,8 @@ msg/*Feedback.msg ...@@ -13,6 +13,8 @@ msg/*Feedback.msg
msg/*Goal.msg msg/*Goal.msg
msg/*Result.msg msg/*Result.msg
msg/_*.py msg/_*.py
build_isolated/
devel_isolated/
# Generated by dynamic reconfigure # Generated by dynamic reconfigure
*.cfgc *.cfgc
......
...@@ -10,6 +10,7 @@ ...@@ -10,6 +10,7 @@
*.fot *.fot
*.cb *.cb
*.cb2 *.cb2
.*.lb
## Intermediate documents: ## Intermediate documents:
*.dvi *.dvi
......
...@@ -237,6 +237,7 @@ _UpgradeReport_Files/ ...@@ -237,6 +237,7 @@ _UpgradeReport_Files/
Backup*/ Backup*/
UpgradeLog*.XML UpgradeLog*.XML
UpgradeLog*.htm UpgradeLog*.htm
ServiceFabricBackup/
# SQL Server files # SQL Server files
*.mdf *.mdf
......
...@@ -110,12 +110,15 @@ performance: ...@@ -110,12 +110,15 @@ performance:
kubernetes: active kubernetes: active
sast: sast:
image: registry.gitlab.com/gitlab-org/gl-sast:latest image: docker:latest
variables: variables:
POSTGRES_DB: "false" DOCKER_DRIVER: overlay2
allow_failure: true allow_failure: true
services:
- docker:dind
script: script:
- sast . - setup_docker
- sast
artifacts: artifacts:
paths: [gl-sast-report.json] paths: [gl-sast-report.json]
...@@ -285,6 +288,12 @@ production: ...@@ -285,6 +288,12 @@ production:
export TILLER_NAMESPACE=$KUBE_NAMESPACE export TILLER_NAMESPACE=$KUBE_NAMESPACE
function sast_container() { function sast_container() {
if [[ -n "$CI_REGISTRY_USER" ]]; then
echo "Logging to GitLab Container Registry with CI credentials..."
docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
echo ""
fi
docker run -d --name db arminc/clair-db:latest docker run -d --name db arminc/clair-db:latest
docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1 docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1
apk add -U wget ca-certificates apk add -U wget ca-certificates
...@@ -309,7 +318,12 @@ production: ...@@ -309,7 +318,12 @@ production:
function sast() { function sast() {
case "$CI_SERVER_VERSION" in case "$CI_SERVER_VERSION" in
*-ee) *-ee)
/app/bin/run "$@" # Extract "MAJOR.MINOR" from CI_SERVER_VERSION and generate "MAJOR-MINOR-stable"
SAST_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
docker run --volume "$PWD:/code" \
--volume /var/run/docker.sock:/var/run/docker.sock \
"registry.gitlab.com/gitlab-org/security-products/sast:$SAST_VERSION" /app/bin/run /code
;; ;;
*) *)
echo "GitLab EE is required" echo "GitLab EE is required"
...@@ -346,6 +360,12 @@ production: ...@@ -346,6 +360,12 @@ production:
replicas="$new_replicas" replicas="$new_replicas"
fi fi
if [[ "$CI_PROJECT_VISIBILITY" != "public" ]]; then
secret_name='gitlab-registry'
else
secret_name=''
fi
helm upgrade --install \ helm upgrade --install \
--wait \ --wait \
--set service.enabled="$service_enabled" \ --set service.enabled="$service_enabled" \
...@@ -353,6 +373,7 @@ production: ...@@ -353,6 +373,7 @@ production:
--set image.repository="$CI_APPLICATION_REPOSITORY" \ --set image.repository="$CI_APPLICATION_REPOSITORY" \
--set image.tag="$CI_APPLICATION_TAG" \ --set image.tag="$CI_APPLICATION_TAG" \
--set image.pullPolicy=IfNotPresent \ --set image.pullPolicy=IfNotPresent \
--set image.secrets[0].name="$secret_name" \
--set application.track="$track" \ --set application.track="$track" \
--set application.database_url="$DATABASE_URL" \ --set application.database_url="$DATABASE_URL" \
--set service.url="$CI_ENVIRONMENT_URL" \ --set service.url="$CI_ENVIRONMENT_URL" \
...@@ -482,6 +503,9 @@ production: ...@@ -482,6 +503,9 @@ production:
function create_secret() { function create_secret() {
echo "Create secret..." echo "Create secret..."
if [[ "$CI_PROJECT_VISIBILITY" == "public" ]]; then
return
fi
kubectl create secret -n "$KUBE_NAMESPACE" \ kubectl create secret -n "$KUBE_NAMESPACE" \
docker-registry gitlab-registry \ docker-registry gitlab-registry \
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment