darkrival329
darkrival329
/ release.gitlab-ci.yml
Created
September 4, 2025 13:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .ci-templates/release.yml | |
| # | |
| # Usage: | |
| # 1) include this file | |
| # 2) ensure tag rules exist OR rely on the fallback rule here | |
| # 3) downstream can `needs: ["release:version"]` to read $VERSION | |
| .rule:tag-only: | |
| rules: | |
| - if: '$CI_COMMIT_TAG' |
darkrival329
/ container-scan.gitlab-ci.yml
Created
September 4, 2025 11:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ---------------------------- | |
| # Container Scanning (digest-aware, dotenv-driven) | |
| # ---------------------------- | |
| # | |
| # This pipeline template provides a security-focused container scanning workflow for GitLab CI/CD. | |
| # Key features: | |
| # - Digest-aware scanning (uses precise image digests for accurate vulnerability detection) | |
| # - dotenv-driven configuration (pulls environment variables from .env files) | |
| # - Integrates with GitLab's security scanning tools (Container Scanning, SBOM) | |
| # - Optional dependency on build jobs (supports scanning without full build pipeline) |
darkrival329
/ job-rules.gitlab-ci.yml
Created
September 4, 2025 11:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .gitlab/job-rules.gitlab-ci.yml | |
| # | |
| # Reusable job rules — each block is a hidden job that can be referenced with: | |
| # rules: !reference [.rule:name-here, rules] | |
| # | |
| # NOTES: | |
| # - "First match wins": GitLab evaluates rules top-to-bottom and stops on the first match. | |
| # - Always end with an explicit `- when: never` to deny all non-matching cases. | |
| # ------------------------------------------------------------------- |
darkrival329
/ docker.gitlab-ci.yml
Created
September 4, 2025 11:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .build-common: | |
| extends: .build-dind | |
| variables: | |
| PUSH_IMAGE: "false" | |
| RELEASE_IMAGE: "false" | |
| TAG_LATEST: "false" | |
| TAG_SUFFIX: "" | |
| DOCKER_CONTEXT: "." | |
| DOCKERFILE: "Dockerfile" | |
| # image tag suffixes |