--- kind: pipeline type: kubernetes name: linter clone: disable: true platform: os: linux steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: markdown lint commands: - markdownlint *.md image: git.cryptic.systems/volker.raschek/markdownlint:0.38.0 resources: limits: cpu: 150 memory: 150M - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 resources: limits: cpu: 150 memory: 150M when: status: - changed - failure trigger: event: exclude: - tag --- kind: pipeline type: docker name: dry-run-amd64 clone: disable: true depends_on: - linter platform: os: linux arch: amd64 steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: build image: docker.io/plugins/docker:20.17.2 settings: auto_tag: false dockerfile: Dockerfile dry_run: true force_tag: true no_cache: true purge: true mirror: from_secret: docker_io_mirror registry: git.cryptic.systems repo: git.cryptic.systems/volker.raschek/gosec tags: latest-amd64 username: from_secret: git_cryptic_systems_container_registry_user password: from_secret: git_cryptic_systems_container_registry_password - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 when: status: - changed - failure trigger: branch: exclude: - master event: - pull_request - push repo: - volker.raschek/gosec-docker --- kind: pipeline type: docker name: dry-run-arm64-v8 clone: disable: true depends_on: - linter platform: os: linux arch: arm64 steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: build image: docker.io/plugins/docker:20.17.2 settings: auto_tag: false dockerfile: Dockerfile dry_run: true force_tag: true no_cache: true purge: true mirror: from_secret: docker_io_mirror registry: git.cryptic.systems repo: git.cryptic.systems/volker.raschek/gosec tags: latest-arm64-v8 username: from_secret: git_cryptic_systems_container_registry_user password: from_secret: git_cryptic_systems_container_registry_password - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 when: status: - changed - failure trigger: branch: exclude: - master event: - pull_request - push repo: - volker.raschek/gosec-docker --- kind: pipeline type: docker name: latest-amd64 clone: disable: true depends_on: - linter platform: os: linux arch: amd64 steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: build image: docker.io/plugins/docker:20.17.2 settings: auto_tag: false dockerfile: Dockerfile force_tag: true no_cache: true purge: true mirror: from_secret: docker_io_mirror registry: git.cryptic.systems repo: git.cryptic.systems/volker.raschek/gosec tags: latest-amd64 username: from_secret: git_cryptic_systems_container_registry_user password: from_secret: git_cryptic_systems_container_registry_password - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 when: status: - changed - failure trigger: branch: - master event: - cron - push repo: - volker.raschek/gosec-docker --- kind: pipeline type: docker name: latest-arm64-v8 clone: disable: true depends_on: - linter platform: os: linux arch: arm64 steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: build image: docker.io/plugins/docker:20.17.2 settings: auto_tag: false dockerfile: Dockerfile force_tag: true no_cache: true purge: true mirror: from_secret: docker_io_mirror registry: git.cryptic.systems repo: git.cryptic.systems/volker.raschek/gosec tags: latest-arm64-v8 username: from_secret: git_cryptic_systems_container_registry_user password: from_secret: git_cryptic_systems_container_registry_password - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 when: status: - changed - failure trigger: branch: - master event: - cron - push repo: - volker.raschek/gosec-docker --- kind: pipeline type: kubernetes name: latest-manifest clone: disable: true depends_on: - latest-amd64 - latest-arm64-v8 # docker.io/plugins/manifest only for amd64 architectures available node_selector: kubernetes.io/os: linux kubernetes.io/arch: amd64 steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: build-manifest image: docker.io/plugins/manifest:1.4.0 settings: auto_tag: false ignore_missing: true spec: manifest.tmpl username: from_secret: git_cryptic_systems_container_registry_user password: from_secret: git_cryptic_systems_container_registry_password - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 resources: limits: cpu: 150 memory: 150M when: status: - changed - failure trigger: branch: - master event: - cron - push repo: - volker.raschek/gosec-docker --- kind: pipeline type: kubernetes name: latest-sync clone: disable: true depends_on: - latest-manifest steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: latest-sync commands: - skopeo sync --all --src=docker --src-creds=$SRC_CRED_USERNAME:$SRC_CRED_PASSWORD --dest=docker --dest-creds=$DEST_CRED_USERNAME:$DEST_CRED_PASSWORD git.cryptic.systems/volker.raschek/gosec docker.io/volkerraschek environment: SRC_CRED_USERNAME: from_secret: git_cryptic_systems_container_registry_user SRC_CRED_PASSWORD: from_secret: git_cryptic_systems_container_registry_password DEST_CRED_USERNAME: from_secret: container_image_registry_user DEST_CRED_PASSWORD: from_secret: container_image_registry_password image: quay.io/skopeo/stable:v1.14.0 - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 resources: limits: cpu: 150 memory: 150M when: status: - changed - failure trigger: branch: - master event: - cron - push repo: - volker.raschek/gosec-docker --- kind: pipeline type: docker name: tagged-amd64 clone: disable: true platform: os: linux arch: amd64 steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: build image: docker.io/plugins/docker:20.17.2 settings: auto_tag: true auto_tag_suffix: amd64 dockerfile: Dockerfile force_tag: true no_cache: true purge: true mirror: from_secret: docker_io_mirror registry: git.cryptic.systems repo: git.cryptic.systems/volker.raschek/gosec username: from_secret: git_cryptic_systems_container_registry_user password: from_secret: git_cryptic_systems_container_registry_password build_args: - GOSEC_VERSION=v${DRONE_TAG} - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 when: status: - changed - failure trigger: event: - tag repo: - volker.raschek/gosec-docker --- kind: pipeline type: docker name: tagged-arm64-v8 clone: disable: true platform: os: linux arch: arm64 steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: build image: docker.io/plugins/docker:20.17.2 settings: auto_tag: true auto_tag_suffix: arm64-v8 dockerfile: Dockerfile force_tag: true no_cache: true purge: true mirror: from_secret: docker_io_mirror registry: git.cryptic.systems repo: git.cryptic.systems/volker.raschek/gosec username: from_secret: git_cryptic_systems_container_registry_user password: from_secret: git_cryptic_systems_container_registry_password build_args: - GOSEC_VERSION=v${DRONE_TAG} - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 when: status: - changed - failure trigger: event: - tag repo: - volker.raschek/gosec-docker --- kind: pipeline type: kubernetes name: tagged-manifest clone: disable: true depends_on: - tagged-amd64 - tagged-arm64-v8 # docker.io/plugins/manifest only for amd64 architectures available node_selector: kubernetes.io/os: linux kubernetes.io/arch: amd64 steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: build-manifest image: docker.io/plugins/manifest:1.4.0 settings: auto_tag: true ignore_missing: true spec: manifest.tmpl username: from_secret: git_cryptic_systems_container_registry_user password: from_secret: git_cryptic_systems_container_registry_password - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 resources: limits: cpu: 150 memory: 150M when: status: - changed - failure trigger: event: - tag repo: - volker.raschek/gosec-docker --- kind: pipeline type: kubernetes name: tagged-sync clone: disable: true depends_on: - tagged-manifest steps: - name: clone image: git.cryptic.systems/volker.raschek/git:1.3.1 - name: tagged-sync commands: - skopeo sync --all --src=docker --src-creds=$SRC_CRED_USERNAME:$SRC_CRED_PASSWORD --dest=docker --dest-creds=$DEST_CRED_USERNAME:$DEST_CRED_PASSWORD git.cryptic.systems/volker.raschek/gosec docker.io/volkerraschek environment: SRC_CRED_USERNAME: from_secret: git_cryptic_systems_container_registry_user SRC_CRED_PASSWORD: from_secret: git_cryptic_systems_container_registry_password DEST_CRED_USERNAME: from_secret: container_image_registry_user DEST_CRED_PASSWORD: from_secret: container_image_registry_password image: quay.io/skopeo/stable:v1.14.0 - name: email-notification environment: SMTP_FROM_ADDRESS: from_secret: smtp_from_address SMTP_FROM_NAME: from_secret: smtp_from_name SMTP_HOST: from_secret: smtp_host SMTP_USERNAME: from_secret: smtp_username SMTP_PASSWORD: from_secret: smtp_password image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 resources: limits: cpu: 150 memory: 150M when: status: - changed - failure trigger: event: - tag repo: - volker.raschek/gosec-docker