Compare commits
96 Commits
Author | SHA1 | Date |
---|---|---|
CSRBot | c936097b8b | |
CSRBot | 6bafa51c18 | |
CSRBot | 9bbde4129d | |
CSRBot | 64f539cebb | |
CSRBot | 4cd621fa6c | |
CSRBot | ea75b23fb1 | |
CSRBot | 639709afa9 | |
CSRBot | 11d5e468ec | |
Markus Pesch | d03877e64a | |
CSRBot | 8859623de0 | |
CSRBot | c186a0b5be | |
CSRBot | cdc962221f | |
Markus Pesch | 119e9af25a | |
CSRBot | 95ffa8065e | |
CSRBot | 71b7eb6ba9 | |
CSRBot | fbe63a5027 | |
CSRBot | c97583c7d2 | |
CSRBot | daa136f3e4 | |
CSRBot | 0a0a214e9e | |
CSRBot | 0acd5505f0 | |
CSRBot | a2cc20a592 | |
CSRBot | ebe1e2bd6c | |
Markus Pesch | 75777f61d2 | |
CSRBot | e1d69901a7 | |
CSRBot | 28ee7a5d8b | |
CSRBot | fee00be1f1 | |
Markus Pesch | 834f529bc2 | |
Markus Pesch | 940e7c7918 | |
Markus Pesch | 90a2f529e2 | |
CSRBot | ec61631af8 | |
Markus Pesch | 6d38917136 | |
Markus Pesch | 1226cff143 | |
Markus Pesch | c94ef136a5 | |
Markus Pesch | 710a8a4abb | |
CSRBot | b439c231d9 | |
CSRBot | 211bb21d8d | |
CSRBot | a992832914 | |
Markus Pesch | e50c614a86 | |
Markus Pesch | 4f2096a08d | |
Markus Pesch | 3ac62994bb | |
CSRBot | d3ffb8f958 | |
CSRBot | 975aceabab | |
CSRBot | baf7a06898 | |
Markus Pesch | 8226e94d8d | |
CSRBot | 8cc4b3f742 | |
Markus Pesch | a7f9c0c6cf | |
Markus Pesch | 1edef6e850 | |
CSRBot | d67caaff74 | |
CSRBot | 823481437f | |
CSRBot | 3642484b71 | |
Markus Pesch | c9fca2da82 | |
CSRBot | 23d30e1ec2 | |
CSRBot | be6d29f7cf | |
CSRBot | 653cf8617f | |
CSRBot | 455074d813 | |
CSRBot | bd6f855184 | |
Markus Pesch | 1ac6cf46ac | |
Markus Pesch | 1224fae830 | |
Markus Pesch | 2e4352a938 | |
CSRBot | 56ed7af5de | |
Markus Pesch | 55a96024cb | |
CSRBot | 153a8ae807 | |
CSRBot | 7328a04b8e | |
Markus Pesch | a275c9bde2 | |
Markus Pesch | caee174a28 | |
Markus Pesch | 071fddfb2d | |
Markus Pesch | e329110bcb | |
CSRBot | 23784b0c6a | |
Markus Pesch | 1d95239f99 | |
Markus Pesch | b98771a73b | |
CSRBot | 66db33c7e6 | |
CSRBot | 2df4196559 | |
Markus Pesch | d60f8ecf3b | |
CSRBot | fcc86696ef | |
Markus Pesch | 2a98e41abc | |
CSRBot | a959083ce8 | |
Markus Pesch | 416227e726 | |
CSRBot | 84160a1da1 | |
CSRBot | 844e1e6fcb | |
CSRBot | 1048c119c7 | |
Markus Pesch | f694616518 | |
CSRBot | 98e4a25346 | |
Markus Pesch | 3d081a64d3 | |
CSRBot | 361b283a0c | |
Markus Pesch | bd4ff0de93 | |
CSRBot | 6fb81d193f | |
CSRBot | 58a08458dd | |
Markus Pesch | e4093b908f | |
CSRBot | 881d9e55f5 | |
CSRBot | 57b61cb507 | |
Markus Pesch | 7da82b9353 | |
Markus Pesch | 7c1c548b47 | |
CSRBot | 85e7048dd2 | |
Markus Pesch | 6ade7ee753 | |
CSRBot | 77d6d374ea | |
CSRBot | b7aad139c4 |
732
.drone.yml
732
.drone.yml
|
@ -3,14 +3,20 @@ kind: pipeline
|
|||
type: kubernetes
|
||||
name: linter
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: markdown lint
|
||||
commands:
|
||||
- markdownlint *.md
|
||||
image: docker.io/volkerraschek/markdownlint:0.31.1
|
||||
image: git.cryptic.systems/volker.raschek/markdownlint:0.40.0
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
|
@ -18,15 +24,17 @@ steps:
|
|||
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
|
@ -46,113 +54,57 @@ kind: pipeline
|
|||
type: docker
|
||||
name: dry-run-amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
image: docker.io/plugins/docker:20.17.4
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
dry_run: true
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
tags: latest-amd64
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
exclude:
|
||||
- master
|
||||
event:
|
||||
- pull_request
|
||||
- push
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: dry-run-arm-v7
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
dry_run: true
|
||||
tags: latest-arm-v7
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
exclude:
|
||||
|
@ -168,52 +120,57 @@ kind: pipeline
|
|||
type: docker
|
||||
name: dry-run-arm64-v8
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm64
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
dry_run: true
|
||||
tags: latest-arm64-v8
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.17.4
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
dry_run: true
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
tags: latest-arm64-v8
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
exclude:
|
||||
|
@ -229,110 +186,56 @@ kind: pipeline
|
|||
type: docker
|
||||
name: latest-amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
image: docker.io/plugins/docker:20.17.4
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
tags: latest-amd64
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
event:
|
||||
- cron
|
||||
- push
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: latest-arm-v7
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
tags: latest-arm-v7
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
|
@ -347,51 +250,56 @@ kind: pipeline
|
|||
type: docker
|
||||
name: latest-arm64-v8
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm64
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
tags: latest-arm64-v8
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.17.4
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
tags: latest-arm64-v8
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
|
@ -406,29 +314,46 @@ kind: pipeline
|
|||
type: kubernetes
|
||||
name: latest-manifest
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- latest-amd64
|
||||
- latest-arm64-v8
|
||||
|
||||
# docker.io/plugins/manifest only for amd64 architectures available
|
||||
node_selector:
|
||||
kubernetes.io/os: linux
|
||||
kubernetes.io/arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build-manifest
|
||||
image: docker.io/plugins/manifest:latest
|
||||
image: docker.io/plugins/manifest:1.4.0
|
||||
settings:
|
||||
auto_tag: false
|
||||
ignore_missing: true
|
||||
spec: manifest.tmpl
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
|
@ -438,10 +363,65 @@ steps:
|
|||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
event:
|
||||
- cron
|
||||
- push
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: kubernetes
|
||||
name: latest-sync
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- latest-amd64
|
||||
- latest-arm-v7
|
||||
- latest-arm64-v8
|
||||
- latest-manifest
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: latest-sync
|
||||
commands:
|
||||
- skopeo sync --all --src=docker --src-creds=$SRC_CRED_USERNAME:$SRC_CRED_PASSWORD --dest=docker --dest-creds=$DEST_CRED_USERNAME:$DEST_CRED_PASSWORD git.cryptic.systems/volker.raschek/gosec docker.io/volkerraschek
|
||||
environment:
|
||||
SRC_CRED_USERNAME:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
SRC_CRED_PASSWORD:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
DEST_CRED_USERNAME:
|
||||
from_secret: container_image_registry_user
|
||||
DEST_CRED_PASSWORD:
|
||||
from_secret: container_image_registry_password
|
||||
image: quay.io/skopeo/stable:v1.15.0
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
memory: 150M
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
|
@ -457,105 +437,55 @@ kind: pipeline
|
|||
type: docker
|
||||
name: tagged-amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
image: docker.io/plugins/docker:20.17.4
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: true
|
||||
auto_tag_suffix: amd64
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
build_args:
|
||||
- HELM_VERSION=${DRONE_TAG}
|
||||
no_cache: true
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- tag
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: tagged-arm-v7
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: true
|
||||
auto_tag_suffix: arm-v7
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
build_args:
|
||||
- HELM_VERSION=${DRONE_TAG}
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
build_args:
|
||||
- GOSEC_VERSION=v${DRONE_TAG}
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- tag
|
||||
|
@ -567,50 +497,55 @@ kind: pipeline
|
|||
type: docker
|
||||
name: tagged-arm64-v8
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
image: docker.io/plugins/docker:20.17.4
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: true
|
||||
auto_tag_suffix: arm64-v8
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
build_args:
|
||||
- HELM_VERSION=${DRONE_TAG}
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
path: /var/run/docker.sock
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
build_args:
|
||||
- GOSEC_VERSION=v${DRONE_TAG}
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
volumes:
|
||||
- name: docker_socket
|
||||
host:
|
||||
path: /var/run/docker.sock
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- tag
|
||||
|
@ -622,29 +557,46 @@ kind: pipeline
|
|||
type: kubernetes
|
||||
name: tagged-manifest
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- tagged-amd64
|
||||
- tagged-arm64-v8
|
||||
|
||||
# docker.io/plugins/manifest only for amd64 architectures available
|
||||
node_selector:
|
||||
kubernetes.io/os: linux
|
||||
kubernetes.io/arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build-manifest
|
||||
image: docker.io/plugins/manifest:latest
|
||||
image: docker.io/plugins/manifest:1.4.0
|
||||
settings:
|
||||
auto_tag: true
|
||||
ignore_missing: true
|
||||
spec: manifest.tmpl
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
|
||||
- name: notify
|
||||
image: docker.io/drillster/drone-email:latest
|
||||
- name: email-notification
|
||||
environment:
|
||||
PLUGIN_HOST:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
PLUGIN_USERNAME:
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
PLUGIN_PASSWORD:
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
PLUGIN_FROM:
|
||||
from_secret: smtp_mail_address
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
|
@ -654,10 +606,62 @@ steps:
|
|||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- tag
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: kubernetes
|
||||
name: tagged-sync
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- tagged-amd64
|
||||
- tagged-arm-v7
|
||||
- tagged-arm64-v8
|
||||
- tagged-manifest
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: tagged-sync
|
||||
commands:
|
||||
- skopeo sync --all --src=docker --src-creds=$SRC_CRED_USERNAME:$SRC_CRED_PASSWORD --dest=docker --dest-creds=$DEST_CRED_USERNAME:$DEST_CRED_PASSWORD git.cryptic.systems/volker.raschek/gosec docker.io/volkerraschek
|
||||
environment:
|
||||
SRC_CRED_USERNAME:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
SRC_CRED_PASSWORD:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
DEST_CRED_USERNAME:
|
||||
from_secret: container_image_registry_user
|
||||
DEST_CRED_PASSWORD:
|
||||
from_secret: container_image_registry_password
|
||||
image: quay.io/skopeo/stable:v1.15.0
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
memory: 150M
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
event:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM docker.io/library/golang:1.18.3-alpine AS build
|
||||
FROM docker.io/library/golang:1.22.3-alpine AS build
|
||||
|
||||
ARG GOSEC_VERSION
|
||||
|
||||
|
|
30
Makefile
30
Makefile
|
@ -1,22 +1,22 @@
|
|||
# GOSEC_VERSION
|
||||
# Only required to install a specifiy version
|
||||
GOSEC_VERSION?=v2.12.0 # renovate: datasource=github-releases depName=securego/gosec
|
||||
GOSEC_VERSION?=v2.19.0 # renovate: datasource=github-releases depName=securego/gosec
|
||||
|
||||
# CONTAINER_RUNTIME
|
||||
# The CONTAINER_RUNTIME variable will be used to specified the path to a
|
||||
# container runtime. This is needed to start and run a container image.
|
||||
CONTAINER_RUNTIME?=$(shell which docker)
|
||||
CONTAINER_RUNTIME?=$(shell which podman)
|
||||
|
||||
# HELM_IMAGE_REGISTRY_NAME
|
||||
# GOSEC_IMAGE_REGISTRY_NAME
|
||||
# Defines the name of the new container to be built using several variables.
|
||||
HELM_IMAGE_REGISTRY_NAME:=docker.io
|
||||
HELM_IMAGE_REGISTRY_USER:=volkerraschek
|
||||
GOSEC_IMAGE_REGISTRY_NAME:=git.cryptic.systems
|
||||
GOSEC_IMAGE_REGISTRY_USER:=volker.raschek
|
||||
|
||||
HELM_IMAGE_NAMESPACE?=${HELM_IMAGE_REGISTRY_USER}
|
||||
HELM_IMAGE_NAME:=gosec
|
||||
HELM_IMAGE_VERSION?=latest
|
||||
HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_NAME}/${HELM_IMAGE_NAMESPACE}/${HELM_IMAGE_NAME}:${HELM_IMAGE_VERSION}
|
||||
HELM_IMAGE_UNQUALIFIED=${HELM_IMAGE_NAMESPACE}/${HELM_IMAGE_NAME}:${HELM_IMAGE_VERSION}
|
||||
GOSEC_IMAGE_NAMESPACE?=${GOSEC_IMAGE_REGISTRY_USER}
|
||||
GOSEC_IMAGE_NAME:=gosec
|
||||
GOSEC_IMAGE_VERSION?=latest
|
||||
GOSEC_IMAGE_FULLY_QUALIFIED=${GOSEC_IMAGE_REGISTRY_NAME}/${GOSEC_IMAGE_NAMESPACE}/${GOSEC_IMAGE_NAME}:${GOSEC_IMAGE_VERSION}
|
||||
GOSEC_IMAGE_UNQUALIFIED=${GOSEC_IMAGE_NAMESPACE}/${GOSEC_IMAGE_NAME}:${GOSEC_IMAGE_VERSION}
|
||||
|
||||
# BUILD CONTAINER IMAGE
|
||||
# ==============================================================================
|
||||
|
@ -27,23 +27,23 @@ container-image/build:
|
|||
--file Dockerfile \
|
||||
--no-cache \
|
||||
--pull \
|
||||
--tag ${HELM_IMAGE_FULLY_QUALIFIED} \
|
||||
--tag ${HELM_IMAGE_UNQUALIFIED} \
|
||||
--tag ${GOSEC_IMAGE_FULLY_QUALIFIED} \
|
||||
--tag ${GOSEC_IMAGE_UNQUALIFIED} \
|
||||
.
|
||||
|
||||
# DELETE CONTAINER IMAGE
|
||||
# ==============================================================================
|
||||
PHONY:=container-image/delete
|
||||
container-image/delete:
|
||||
- ${CONTAINER_RUNTIME} image rm ${HELM_IMAGE_FULLY_QUALIFIED} ${HELM_IMAGE_UNQUALIFIED}
|
||||
- ${CONTAINER_RUNTIME} image rm ${GOSEC_IMAGE_FULLY_QUALIFIED} ${GOSEC_IMAGE_UNQUALIFIED}
|
||||
- ${CONTAINER_RUNTIME} image rm ${BASE_IMAGE_FULL}
|
||||
|
||||
# PUSH CONTAINER IMAGE
|
||||
# ==============================================================================
|
||||
PHONY+=container-image/push
|
||||
container-image/push:
|
||||
echo ${HELM_IMAGE_REGISTRY_PASSWORD} | ${CONTAINER_RUNTIME} login ${HELM_IMAGE_REGISTRY_NAME} --username ${HELM_IMAGE_REGISTRY_USER} --password-stdin
|
||||
${CONTAINER_RUNTIME} push ${HELM_IMAGE_FULLY_QUALIFIED}
|
||||
echo ${GOSEC_IMAGE_REGISTRY_PASSWORD} | ${CONTAINER_RUNTIME} login ${GOSEC_IMAGE_REGISTRY_NAME} --username ${GOSEC_IMAGE_REGISTRY_USER} --password-stdin
|
||||
${CONTAINER_RUNTIME} push ${GOSEC_IMAGE_FULLY_QUALIFIED}
|
||||
|
||||
# PHONY
|
||||
# ==============================================================================
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
image: volkerraschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
|
||||
image: git.cryptic.systems/volker.raschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
|
||||
{{#if build.tags}}
|
||||
tags:
|
||||
{{#each build.tags}}
|
||||
|
@ -7,19 +7,11 @@ tags:
|
|||
- "latest"
|
||||
{{/if}}
|
||||
manifests:
|
||||
-
|
||||
image: volkerraschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-amd64
|
||||
- image: git.cryptic.systems/volker.raschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-amd64
|
||||
platform:
|
||||
architecture: amd64
|
||||
os: linux
|
||||
-
|
||||
image: volkerraschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm-v7
|
||||
platform:
|
||||
architecture: arm
|
||||
os: linux
|
||||
variant: v7
|
||||
-
|
||||
image: volkerraschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm64-v8
|
||||
- image: git.cryptic.systems/volker.raschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm64-v8
|
||||
platform:
|
||||
architecture: arm64
|
||||
os: linux
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"assignees": [ "volker.raschek" ],
|
||||
"automergeStrategy": "merge-commit",
|
||||
"automergeType": "pr",
|
||||
"labels": [ "renovate" ],
|
||||
"packageRules": [
|
||||
{
|
||||
|
@ -11,6 +9,14 @@
|
|||
"matchManagers": "droneci",
|
||||
"matchUpdateTypes": [ "minor", "patch"]
|
||||
},
|
||||
{
|
||||
"description": "Automatically update patch version of used container images in docker files",
|
||||
"addLabels": [ "renovate/container-image", "renovate/automerge" ],
|
||||
"automerge": true,
|
||||
"matchBaseBranches": [ "master" ],
|
||||
"matchManagers": [ "dockerfile" ],
|
||||
"matchUpdateTypes": [ "patch" ]
|
||||
},
|
||||
{
|
||||
"addLabels": [ "renovate/gosec", "renovate/automerge" ],
|
||||
"automerge": false,
|
||||
|
|
Loading…
Reference in New Issue