Hallo there,
I’am trying to remove the defined variables from my gitlab-ci.yaml to the global variables defined in the gitlab ui under settings -> CI/CD. But the problem is, not all declared variables in my yaml are ?resolved? correctly or not on time.
My feeling is, the POSTGRES_DB variable isn’t set to the POSTGRES_DB_GLOBAL. So I get a Fatal Exception that DB “sms” is not existend. I checked twice, it is correctly set in the global variables. All global variables are protected and mask except POSTGRES_DB which is only protected due to the unmet length requirement. When I define the POSTGRES_DB staticly it works just fine. So did I miss something?
My current gitlab-ci-yaml
stages:
- build
- test
- build_backend
variables:
DOCKER_DRIVER: overlay2
MAVEN_OPTS: "-Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository"
POSTGRES_DB: sms
POSTGRES_USER: $POSTGRES_USER_GLOBAL
POSTGRES_PASSWORD: $POSTGRES_PASSWORD_GLOBAL
POSTGRES_HOST_AUTH_METHOD: trust
POSTGRES_HOST: $POSTGRES_USER_GLOBAL
cache:
paths:
- $CI_PROJECT_DIR/.m2/repository
- spring/target/
include:
- template: SAST.gitlab-ci.yml
- template: Code-Quality.gitlab-ci.yml
spring_build:
image: maven:3.6.3-jdk-11
stage: build
script:
- echo compiling spring project...
- cd spring && ./mvnw -Pprod $MAVEN_OPTS compile
spring_test:
image: maven:3.6.3-jdk-11
services:
- postgres:latest
stage: test
script:
- echo verify spring application
- cd spring && ./mvnw -Pprod $MAVEN_OPTS verify
artifacts:
reports:
junit:
- spring/target/surefire-reports/TEST-*.xml
paths:
- spring/target/
expire_in: 1 week
code_quality:
stage: test
artifacts:
reports:
codequality: gl-code-quality-report.json
after_script:
- cat gl-code-quality-report.json
spotbugs-sast:
script:
- /analyzer run -compile=false
variables:
MAVEN_REPO_PATH: $CI_PROJECT_DIR/.m2/repository
artifacts:
reports:
sast: gl-sast-report.json
spring_deploy: # not really an deployment but for now its enough. Should rather be pushing the Image to docker hub to then using it in an kub-cluster.
image: docker:latest
services:
- docker:dind # Heavy security concerns due to granted root privileges by default in every container. Kaniko should be used instead.
stage: build_backend
script:
- echo building spring container...
- docker info
- apk add docker-compose
- docker-compose up -d --force-recreate --build spring
This actually works.
But not this:
stages:
- build
- test
- build_backend
variables:
DOCKER_DRIVER: overlay2
MAVEN_OPTS: "-Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository"
POSTGRES_DB: $POSTGRES_DB_GLOBAL
POSTGRES_USER: $POSTGRES_USER_GLOBAL
POSTGRES_PASSWORD: $POSTGRES_PASSWORD_GLOBAL
POSTGRES_HOST_AUTH_METHOD: trust
POSTGRES_HOST: $POSTGRES_USER_GLOBAL
cache:
paths:
- $CI_PROJECT_DIR/.m2/repository
- spring/target/
include:
- template: SAST.gitlab-ci.yml
- template: Code-Quality.gitlab-ci.yml
spring_build:
image: maven:3.6.3-jdk-11
stage: build
script:
- echo compiling spring project...
- cd spring && ./mvnw -Pprod $MAVEN_OPTS compile
spring_test:
image: maven:3.6.3-jdk-11
services:
- postgres:latest
stage: test
script:
- echo verify spring application
- cd spring && ./mvnw -Pprod $MAVEN_OPTS verify
artifacts:
reports:
junit:
- spring/target/surefire-reports/TEST-*.xml
paths:
- spring/target/
expire_in: 1 week
code_quality:
stage: test
artifacts:
reports:
codequality: gl-code-quality-report.json
after_script:
- cat gl-code-quality-report.json
spotbugs-sast:
script:
- /analyzer run -compile=false
variables:
MAVEN_REPO_PATH: $CI_PROJECT_DIR/.m2/repository
artifacts:
reports:
sast: gl-sast-report.json
spring_deploy: # not really an deployment but for now its enough. Should rather be pushing the Image to docker hub to then using it in an kub-cluster.
image: docker:latest
services:
- docker:dind # Heavy security concerns due to granted root privileges by default in every container. Kaniko should be used instead.
stage: build_backend
script:
- echo building spring container...
- docker info
- apk add docker-compose
- docker-compose up -d --force-recreate --build spring
Any ideas why this won’t work?