aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitlab-ci.yml37
-rw-r--r--.travis.yml4
-rw-r--r--Dockerfile23
3 files changed, 61 insertions, 3 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..681d8e7
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,37 @@
+stages:
+ - build
+ - test
+ - dast
+
+info:
+ stage: .pre
+ script:
+ - docker info
+
+build:
+ stage: build
+ variables:
+ IMAGE_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_BRANCH:$CI_COMMIT_SHA
+ LATEST_IMAGE_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_BRANCH:latest
+ script:
+ - echo $IMAGE_TAG
+ - echo $LATEST_IMAGE_TAG
+ - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin
+ - docker pull gentoo/portage:latest
+ - docker pull gentoo/stage3-amd64
+ - docker pull $LATEST_IMAGE_TAG || true
+ - docker build --cache-from $LATEST_IMAGE_TAG -t $IMAGE_TAG -t $LATEST_IMAGE_TAG .
+ - docker push $LATEST_IMAGE_TAG
+ - docker push $IMAGE_TAG
+
+include:
+ - template: Dependency-Scanning.gitlab-ci.yml
+ - template: Container-Scanning.gitlab-ci.yml
+ - template: SAST.gitlab-ci.yml
+ - template: DAST.gitlab-ci.yml
+
+variables:
+ DS_DISABLE_DIND: "true"
+ SAST_DISABLE_DIND: "true"
+ DAST_WEBSITE: https://packagestest.gentoo.org
+# DAST_FULL_SCAN_ENABLED: "true"
diff --git a/.travis.yml b/.travis.yml
index b8d7be3..b3b6d1e 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,5 @@
import:
- source: .travis/travis.yml
if: branch = master
- - source: .travis/travis.docker.yml
- if: branch = dev/main \ No newline at end of file
+# - source: .travis/travis.docker.yml
+# if: branch = dev/main
diff --git a/Dockerfile b/Dockerfile
index 55e6cb0..13d4f94 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,24 @@
-FROM gentoo/rails:latest
+FROM gentoo/portage:latest as portage
+FROM gentoo/stage3-amd64
+
+# Need a portage tree to build, use last nights.
+COPY --from=portage /var/db/repos/gentoo /var/db/repos/gentoo
+
+# Sandbox doesn't work well in docker.
+ENV FEATURES="-userpriv -usersandbox -sandbox"
+ENV USE="-bindist"
+
+RUN emerge -C openssh
+RUN emerge --quiet-build \
+ net-libs/nodejs \
+ dev-lang/ruby \
+ dev-vcs/git
+RUN ACCEPT_KEYWORDS="~amd64" emerge --quiet-build sys-apps/yarn
+
+RUN eselect ruby set ruby25
+
+# Bundler is how we install the ruby stuff.
+RUN gem install bundler -v 1.17.3
# Needed for changelogs.
RUN git clone https://anongit.gentoo.org/git/repo/gentoo.git /mnt/packages-tree/gentoo/
@@ -17,3 +37,4 @@ RUN cp /var/www/packages.gentoo.org/htdocs/config/initializers/kkuleomi_config.r
# Precompile our assets.
RUN bundle exec rake webpacker:compile
CMD ["bundler", "exec", "thin", "start"]
+