gosec-docker/.drone.yml
Markus Pesch 2e4352a938
Some checks failed
continuous-integration/drone/push Build is failing
feat(ci): use docker.io/plugins/manifest v1.4.0
2023-06-18 14:48:59 +02:00

701 lines
12 KiB
YAML

---
kind: pipeline
type: kubernetes
name: linter
clone:
disable: true
platform:
os: linux
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: markdown lint
commands:
- markdownlint *.md
image: git.cryptic.systems/volker.raschek/markdownlint:0.35.0
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: docker
name: dry-run-amd64
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: false
dry_run: true
tags: latest-amd64
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
depends_on:
- linter
trigger:
branch:
exclude:
- master
event:
- pull_request
- push
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: docker
name: dry-run-arm-v7
clone:
disable: true
platform:
os: linux
arch: arm
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: false
dry_run: true
tags: latest-arm-v7
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
depends_on:
- linter
trigger:
branch:
exclude:
- master
event:
- pull_request
- push
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: docker
name: dry-run-arm64-v8
clone:
disable: true
platform:
os: linux
arch: arm64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: false
dry_run: true
tags: latest-arm64-v8
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
depends_on:
- linter
trigger:
branch:
exclude:
- master
event:
- pull_request
- push
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: docker
name: latest-amd64
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: false
tags: latest-amd64
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
depends_on:
- linter
trigger:
branch:
- master
event:
- cron
- push
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: docker
name: latest-arm-v7
clone:
disable: true
platform:
os: linux
arch: arm
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: false
tags: latest-arm-v7
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
depends_on:
- linter
trigger:
branch:
- master
event:
- cron
- push
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: docker
name: latest-arm64-v8
clone:
disable: true
platform:
os: linux
arch: arm64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: false
tags: latest-arm64-v8
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
depends_on:
- linter
trigger:
branch:
- master
event:
- cron
- push
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: kubernetes
name: latest-manifest
clone:
disable: true
# docker.io/plugins/manifest only for amd64 architectures available
node_selector:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build-manifest
image: docker.io/plugins/manifest:1.4.0
settings:
auto_tag: false
ignore_missing: true
spec: manifest.tmpl
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
depends_on:
- latest-amd64
- latest-arm-v7
- latest-arm64-v8
trigger:
branch:
- master
event:
- cron
- push
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: docker
name: tagged-amd64
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: true
auto_tag_suffix: amd64
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
build_args:
- GOSEC_VERSION=${DRONE_TAG}
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
trigger:
event:
- tag
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: docker
name: tagged-arm-v7
clone:
disable: true
platform:
os: linux
arch: arm
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: true
auto_tag_suffix: arm-v7
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
build_args:
- GOSEC_VERSION=${DRONE_TAG}
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
trigger:
event:
- tag
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: docker
name: tagged-arm64-v8
clone:
disable: true
platform:
os: linux
arch: arm64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build
image: docker.io/plugins/docker:20.10.9
settings:
dockerfile: Dockerfile
auto_tag: true
auto_tag_suffix: arm64-v8
repo: volkerraschek/gosec
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
build_args:
- GOSEC_VERSION=${DRONE_TAG}
no_cache: true
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
when:
status:
- changed
- failure
trigger:
event:
- tag
repo:
- volker.raschek/gosec-docker
---
kind: pipeline
type: kubernetes
name: tagged-manifest
clone:
disable: true
# docker.io/plugins/manifest only for amd64 architectures available
node_selector:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.2.1
- name: build-manifest
image: docker.io/plugins/manifest:1.4.0
settings:
auto_tag: true
ignore_missing: true
spec: manifest.tmpl
username:
from_secret: container_image_registry_user
password:
from_secret: container_image_registry_password
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.2
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
depends_on:
- tagged-amd64
- tagged-arm-v7
- tagged-arm64-v8
trigger:
event:
- tag
repo:
- volker.raschek/gosec-docker