Compare commits
51 Commits
Author | SHA1 | Date | |
---|---|---|---|
37f3bcab9f | |||
1c73e31919 | |||
25da8a53ee | |||
90e9b3ecb6 | |||
1807c0ce01 | |||
027f00148c | |||
13d94b39c9 | |||
1bacf8b6be | |||
f593c03981 | |||
3aec0cd3b5 | |||
a9210cc71a | |||
c819e1cb39 | |||
e13db0c244 | |||
1ce6f9c7e9 | |||
709299f885 | |||
780540de20 | |||
6f92efc3aa | |||
3982794b22 | |||
f55e618c5e | |||
1b0ec688f2 | |||
8f49599b5a | |||
c936097b8b | |||
6bafa51c18 | |||
9bbde4129d | |||
64f539cebb | |||
4cd621fa6c | |||
ea75b23fb1 | |||
639709afa9 | |||
11d5e468ec | |||
d03877e64a | |||
8859623de0 | |||
c186a0b5be | |||
cdc962221f | |||
119e9af25a | |||
95ffa8065e | |||
71b7eb6ba9 | |||
fbe63a5027 | |||
c97583c7d2 | |||
daa136f3e4 | |||
0a0a214e9e | |||
0acd5505f0 | |||
a2cc20a592 | |||
ebe1e2bd6c | |||
75777f61d2 | |||
e1d69901a7 | |||
28ee7a5d8b | |||
fee00be1f1 | |||
834f529bc2 | |||
940e7c7918 | |||
90a2f529e2 | |||
ec61631af8 |
210
.drone.yml
210
.drone.yml
@ -16,7 +16,7 @@ steps:
|
||||
- name: markdown lint
|
||||
commands:
|
||||
- markdownlint *.md
|
||||
image: git.cryptic.systems/volker.raschek/markdownlint:0.37.0
|
||||
image: git.cryptic.systems/volker.raschek/markdownlint:0.42.0
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
@ -69,7 +69,7 @@ steps:
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
@ -115,72 +115,6 @@ trigger:
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: dry-run-arm-v7
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
dry_run: true
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
tags: latest-arm-v7
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
exclude:
|
||||
- master
|
||||
event:
|
||||
- pull_request
|
||||
- push
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
@ -201,7 +135,7 @@ steps:
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
@ -267,7 +201,7 @@ steps:
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
@ -311,70 +245,6 @@ trigger:
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: latest-arm-v7
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
tags: latest-arm-v7
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
event:
|
||||
- cron
|
||||
- push
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
@ -395,7 +265,7 @@ steps:
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
@ -449,7 +319,6 @@ clone:
|
||||
|
||||
depends_on:
|
||||
- latest-amd64
|
||||
- latest-arm-v7
|
||||
- latest-arm64-v8
|
||||
|
||||
# docker.io/plugins/manifest only for amd64 architectures available
|
||||
@ -530,7 +399,7 @@ steps:
|
||||
from_secret: container_image_registry_user
|
||||
DEST_CRED_PASSWORD:
|
||||
from_secret: container_image_registry_password
|
||||
image: quay.io/skopeo/stable:v1.13.3
|
||||
image: quay.io/skopeo/stable:v1.16.1
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -580,7 +449,7 @@ steps:
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
settings:
|
||||
auto_tag: true
|
||||
auto_tag_suffix: amd64
|
||||
@ -623,66 +492,6 @@ trigger:
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: tagged-arm-v7
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
settings:
|
||||
auto_tag: true
|
||||
auto_tag_suffix: arm-v7
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
build_args:
|
||||
- GOSEC_VERSION=v${DRONE_TAG}
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- tag
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
@ -700,7 +509,7 @@ steps:
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.10.9
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
settings:
|
||||
auto_tag: true
|
||||
auto_tag_suffix: arm64-v8
|
||||
@ -753,7 +562,6 @@ clone:
|
||||
|
||||
depends_on:
|
||||
- tagged-amd64
|
||||
- tagged-arm-v7
|
||||
- tagged-arm64-v8
|
||||
|
||||
# docker.io/plugins/manifest only for amd64 architectures available
|
||||
@ -831,7 +639,7 @@ steps:
|
||||
from_secret: container_image_registry_user
|
||||
DEST_CRED_PASSWORD:
|
||||
from_secret: container_image_registry_password
|
||||
image: quay.io/skopeo/stable:v1.13.3
|
||||
image: quay.io/skopeo/stable:v1.16.1
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
|
@ -1,4 +1,4 @@
|
||||
FROM docker.io/library/golang:1.21.3-alpine AS build
|
||||
FROM docker.io/library/golang:1.23.2-alpine AS build
|
||||
|
||||
ARG GOSEC_VERSION
|
||||
|
||||
|
6
Makefile
6
Makefile
@ -1,6 +1,6 @@
|
||||
# GOSEC_VERSION
|
||||
# Only required to install a specifiy version
|
||||
GOSEC_VERSION?=v2.18.0 # renovate: datasource=github-releases depName=securego/gosec
|
||||
GOSEC_VERSION?=v2.21.4 # renovate: datasource=github-releases depName=securego/gosec
|
||||
|
||||
# CONTAINER_RUNTIME
|
||||
# The CONTAINER_RUNTIME variable will be used to specified the path to a
|
||||
@ -9,8 +9,8 @@ CONTAINER_RUNTIME?=$(shell which podman)
|
||||
|
||||
# GOSEC_IMAGE_REGISTRY_NAME
|
||||
# Defines the name of the new container to be built using several variables.
|
||||
GOSEC_IMAGE_REGISTRY_NAME:=docker.io
|
||||
GOSEC_IMAGE_REGISTRY_USER:=volkerraschek
|
||||
GOSEC_IMAGE_REGISTRY_NAME:=git.cryptic.systems
|
||||
GOSEC_IMAGE_REGISTRY_USER:=volker.raschek
|
||||
|
||||
GOSEC_IMAGE_NAMESPACE?=${GOSEC_IMAGE_REGISTRY_USER}
|
||||
GOSEC_IMAGE_NAME:=gosec
|
||||
|
@ -11,11 +11,6 @@ manifests:
|
||||
platform:
|
||||
architecture: amd64
|
||||
os: linux
|
||||
- image: git.cryptic.systems/volker.raschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm-v7
|
||||
platform:
|
||||
architecture: arm
|
||||
os: linux
|
||||
variant: v7
|
||||
- image: git.cryptic.systems/volker.raschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm64-v8
|
||||
platform:
|
||||
architecture: arm64
|
||||
|
@ -1,14 +1,11 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"assignees": [ "volker.raschek" ],
|
||||
"automergeStrategy": "merge-commit",
|
||||
"automergeType": "pr",
|
||||
"labels": [ "renovate" ],
|
||||
"packageRules": [
|
||||
{
|
||||
"addLabels": [ "renovate/droneci", "renovate/automerge" ],
|
||||
"automerge": true,
|
||||
"excludePackagePatterns": [ "plugins/docker" ],
|
||||
"matchManagers": "droneci",
|
||||
"matchUpdateTypes": [ "minor", "patch"]
|
||||
},
|
||||
@ -16,7 +13,6 @@
|
||||
"description": "Automatically update patch version of used container images in docker files",
|
||||
"addLabels": [ "renovate/container-image", "renovate/automerge" ],
|
||||
"automerge": true,
|
||||
"matchBaseBranches": [ "master" ],
|
||||
"matchManagers": [ "dockerfile" ],
|
||||
"matchUpdateTypes": [ "patch" ]
|
||||
},
|
||||
|
Loading…
Reference in New Issue
Block a user