Compare commits
No commits in common. "master" and "2.14.0" have entirely different histories.
510
.drone.yml
510
.drone.yml
@ -3,20 +3,14 @@ kind: pipeline
|
||||
type: kubernetes
|
||||
name: linter
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: markdown lint
|
||||
commands:
|
||||
- markdownlint *.md
|
||||
image: git.cryptic.systems/volker.raschek/markdownlint:0.42.0
|
||||
image: docker.io/volkerraschek/markdownlint:0.32.2
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
@ -34,7 +28,7 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
@ -54,38 +48,24 @@ kind: pipeline
|
||||
type: docker
|
||||
name: dry-run-amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
dry_run: true
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
tags: latest-amd64
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -99,12 +79,70 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
exclude:
|
||||
- master
|
||||
event:
|
||||
- pull_request
|
||||
- push
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: dry-run-arm-v7
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
dry_run: true
|
||||
tags: latest-arm-v7
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
exclude:
|
||||
@ -120,38 +158,24 @@ kind: pipeline
|
||||
type: docker
|
||||
name: dry-run-arm64-v8
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
dry_run: true
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
tags: latest-arm64-v8
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -165,12 +189,15 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
exclude:
|
||||
@ -186,37 +213,23 @@ kind: pipeline
|
||||
type: docker
|
||||
name: latest-amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
auto_tag: false
|
||||
tags: latest-amd64
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -230,12 +243,68 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
event:
|
||||
- cron
|
||||
- push
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: latest-arm-v7
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
tags: latest-arm-v7
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
@ -250,37 +319,23 @@ kind: pipeline
|
||||
type: docker
|
||||
name: latest-arm64-v8
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
auto_tag: false
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
auto_tag: false
|
||||
tags: latest-arm64-v8
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
from_secret: container_image_registry_password
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -294,12 +349,15 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
depends_on:
|
||||
- linter
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
@ -314,32 +372,17 @@ kind: pipeline
|
||||
type: kubernetes
|
||||
name: latest-manifest
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- latest-amd64
|
||||
- latest-arm64-v8
|
||||
|
||||
# docker.io/plugins/manifest only for amd64 architectures available
|
||||
node_selector:
|
||||
kubernetes.io/os: linux
|
||||
kubernetes.io/arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build-manifest
|
||||
image: docker.io/plugins/manifest:1.4.0
|
||||
image: docker.io/plugins/manifest:latest
|
||||
settings:
|
||||
auto_tag: false
|
||||
ignore_missing: true
|
||||
spec: manifest.tmpl
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
from_secret: container_image_registry_password
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -353,7 +396,7 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
@ -363,65 +406,10 @@ steps:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
event:
|
||||
- cron
|
||||
- push
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: kubernetes
|
||||
name: latest-sync
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- latest-manifest
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: latest-sync
|
||||
commands:
|
||||
- skopeo sync --all --src=docker --src-creds=$SRC_CRED_USERNAME:$SRC_CRED_PASSWORD --dest=docker --dest-creds=$DEST_CRED_USERNAME:$DEST_CRED_PASSWORD git.cryptic.systems/volker.raschek/gosec docker.io/volkerraschek
|
||||
environment:
|
||||
SRC_CRED_USERNAME:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
SRC_CRED_PASSWORD:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
DEST_CRED_USERNAME:
|
||||
from_secret: container_image_registry_user
|
||||
DEST_CRED_PASSWORD:
|
||||
from_secret: container_image_registry_password
|
||||
image: quay.io/skopeo/stable:v1.16.1
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
memory: 150M
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
- latest-amd64
|
||||
- latest-arm-v7
|
||||
- latest-arm64-v8
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
@ -437,36 +425,25 @@ kind: pipeline
|
||||
type: docker
|
||||
name: tagged-amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: true
|
||||
auto_tag_suffix: amd64
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
from_secret: container_image_registry_password
|
||||
build_args:
|
||||
- GOSEC_VERSION=v${DRONE_TAG}
|
||||
- GOSEC_VERSION=${DRONE_TAG}
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -480,7 +457,56 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- tag
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: tagged-arm-v7
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: true
|
||||
auto_tag_suffix: arm-v7
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: container_image_registry_password
|
||||
build_args:
|
||||
- GOSEC_VERSION=${DRONE_TAG}
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
@ -497,36 +523,25 @@ kind: pipeline
|
||||
type: docker
|
||||
name: tagged-arm64-v8
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: arm64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build
|
||||
image: docker.io/plugins/docker:20.18.4
|
||||
image: docker.io/plugins/docker:latest
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: true
|
||||
auto_tag_suffix: arm64-v8
|
||||
dockerfile: Dockerfile
|
||||
force_tag: true
|
||||
no_cache: true
|
||||
purge: true
|
||||
mirror:
|
||||
from_secret: docker_io_mirror
|
||||
registry: git.cryptic.systems
|
||||
repo: git.cryptic.systems/volker.raschek/gosec
|
||||
repo: volkerraschek/gosec
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
from_secret: container_image_registry_password
|
||||
build_args:
|
||||
- GOSEC_VERSION=v${DRONE_TAG}
|
||||
- GOSEC_VERSION=${DRONE_TAG}
|
||||
no_cache: true
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -540,7 +555,7 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
@ -557,32 +572,17 @@ kind: pipeline
|
||||
type: kubernetes
|
||||
name: tagged-manifest
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- tagged-amd64
|
||||
- tagged-arm64-v8
|
||||
|
||||
# docker.io/plugins/manifest only for amd64 architectures available
|
||||
node_selector:
|
||||
kubernetes.io/os: linux
|
||||
kubernetes.io/arch: amd64
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: build-manifest
|
||||
image: docker.io/plugins/manifest:1.4.0
|
||||
image: docker.io/plugins/manifest:latest
|
||||
settings:
|
||||
auto_tag: true
|
||||
ignore_missing: true
|
||||
spec: manifest.tmpl
|
||||
username:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
from_secret: container_image_registry_user
|
||||
password:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
from_secret: container_image_registry_password
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
@ -596,7 +596,7 @@ steps:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
image: docker.io/volkerraschek/drone-email:0.1.1
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
@ -606,62 +606,10 @@ steps:
|
||||
- changed
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- tag
|
||||
repo:
|
||||
- volker.raschek/gosec-docker
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: kubernetes
|
||||
name: tagged-sync
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
depends_on:
|
||||
- tagged-manifest
|
||||
|
||||
steps:
|
||||
- name: clone
|
||||
image: git.cryptic.systems/volker.raschek/git:1.3.1
|
||||
|
||||
- name: tagged-sync
|
||||
commands:
|
||||
- skopeo sync --all --src=docker --src-creds=$SRC_CRED_USERNAME:$SRC_CRED_PASSWORD --dest=docker --dest-creds=$DEST_CRED_USERNAME:$DEST_CRED_PASSWORD git.cryptic.systems/volker.raschek/gosec docker.io/volkerraschek
|
||||
environment:
|
||||
SRC_CRED_USERNAME:
|
||||
from_secret: git_cryptic_systems_container_registry_user
|
||||
SRC_CRED_PASSWORD:
|
||||
from_secret: git_cryptic_systems_container_registry_password
|
||||
DEST_CRED_USERNAME:
|
||||
from_secret: container_image_registry_user
|
||||
DEST_CRED_PASSWORD:
|
||||
from_secret: container_image_registry_password
|
||||
image: quay.io/skopeo/stable:v1.16.1
|
||||
|
||||
- name: email-notification
|
||||
environment:
|
||||
SMTP_FROM_ADDRESS:
|
||||
from_secret: smtp_from_address
|
||||
SMTP_FROM_NAME:
|
||||
from_secret: smtp_from_name
|
||||
SMTP_HOST:
|
||||
from_secret: smtp_host
|
||||
SMTP_USERNAME:
|
||||
from_secret: smtp_username
|
||||
SMTP_PASSWORD:
|
||||
from_secret: smtp_password
|
||||
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 150
|
||||
memory: 150M
|
||||
when:
|
||||
status:
|
||||
- changed
|
||||
- failure
|
||||
- tagged-amd64
|
||||
- tagged-arm-v7
|
||||
- tagged-arm64-v8
|
||||
|
||||
trigger:
|
||||
event:
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
FROM docker.io/library/golang:1.23.3-alpine AS build
|
||||
FROM docker.io/library/golang:1.19.3-alpine AS build
|
||||
|
||||
ARG GOSEC_VERSION
|
||||
|
||||
@ -6,7 +6,7 @@ RUN apk update && \
|
||||
apk upgrade && \
|
||||
apk add git make
|
||||
|
||||
RUN if [ ! -z "${GOSEC_VERSION}" ]; then set -ex; go install github.com/securego/gosec/v2/cmd/gosec@${GOSEC_VERSION}; fi
|
||||
RUN if [ ! -z "${GOSEC_VERSION}" ]; then set -ex; go install github.com/securego/gosec/v2/cmd/gosec@v${GOSEC_VERSION}; fi
|
||||
RUN if [ -z "${GOSEC_VERSION}" ]; then set -ex; go install github.com/securego/gosec/v2/cmd/gosec@latest; fi
|
||||
|
||||
RUN cp /go/bin/gosec /usr/bin/gosec && \
|
||||
|
||||
6
Makefile
6
Makefile
@ -1,6 +1,6 @@
|
||||
# GOSEC_VERSION
|
||||
# Only required to install a specifiy version
|
||||
GOSEC_VERSION?=v2.21.4 # renovate: datasource=github-releases depName=securego/gosec
|
||||
GOSEC_VERSION?=v2.14.0 # renovate: datasource=github-releases depName=securego/gosec
|
||||
|
||||
# CONTAINER_RUNTIME
|
||||
# The CONTAINER_RUNTIME variable will be used to specified the path to a
|
||||
@ -9,8 +9,8 @@ CONTAINER_RUNTIME?=$(shell which podman)
|
||||
|
||||
# GOSEC_IMAGE_REGISTRY_NAME
|
||||
# Defines the name of the new container to be built using several variables.
|
||||
GOSEC_IMAGE_REGISTRY_NAME:=git.cryptic.systems
|
||||
GOSEC_IMAGE_REGISTRY_USER:=volker.raschek
|
||||
GOSEC_IMAGE_REGISTRY_NAME:=docker.io
|
||||
GOSEC_IMAGE_REGISTRY_USER:=volkerraschek
|
||||
|
||||
GOSEC_IMAGE_NAMESPACE?=${GOSEC_IMAGE_REGISTRY_USER}
|
||||
GOSEC_IMAGE_NAME:=gosec
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
image: git.cryptic.systems/volker.raschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
|
||||
image: volkerraschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
|
||||
{{#if build.tags}}
|
||||
tags:
|
||||
{{#each build.tags}}
|
||||
@ -7,11 +7,19 @@ tags:
|
||||
- "latest"
|
||||
{{/if}}
|
||||
manifests:
|
||||
- image: git.cryptic.systems/volker.raschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-amd64
|
||||
-
|
||||
image: volkerraschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-amd64
|
||||
platform:
|
||||
architecture: amd64
|
||||
os: linux
|
||||
- image: git.cryptic.systems/volker.raschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm64-v8
|
||||
-
|
||||
image: volkerraschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm-v7
|
||||
platform:
|
||||
architecture: arm
|
||||
os: linux
|
||||
variant: v7
|
||||
-
|
||||
image: volkerraschek/gosec:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm64-v8
|
||||
platform:
|
||||
architecture: arm64
|
||||
os: linux
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"assignees": [ "volker.raschek" ],
|
||||
"automergeStrategy": "merge-commit",
|
||||
"automergeType": "pr",
|
||||
"labels": [ "renovate" ],
|
||||
"packageRules": [
|
||||
{
|
||||
@ -9,13 +11,6 @@
|
||||
"matchManagers": "droneci",
|
||||
"matchUpdateTypes": [ "minor", "patch"]
|
||||
},
|
||||
{
|
||||
"description": "Automatically update patch version of used container images in docker files",
|
||||
"addLabels": [ "renovate/container-image", "renovate/automerge" ],
|
||||
"automerge": true,
|
||||
"matchManagers": [ "dockerfile" ],
|
||||
"matchUpdateTypes": [ "patch" ]
|
||||
},
|
||||
{
|
||||
"addLabels": [ "renovate/gosec", "renovate/automerge" ],
|
||||
"automerge": false,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user