67 lines
1.4 KiB
YAML
67 lines
1.4 KiB
YAML
---
|
|
kind: secret
|
|
name: docker_username
|
|
get:
|
|
path: odit-registry-builder
|
|
name: username
|
|
|
|
---
|
|
kind: secret
|
|
name: docker_password
|
|
get:
|
|
path: odit-registry-builder
|
|
name: password
|
|
|
|
---
|
|
kind: secret
|
|
name: cosign_key
|
|
get:
|
|
path: cosign
|
|
name: cosign.key
|
|
|
|
---
|
|
kind: secret
|
|
name: cosign_password
|
|
get:
|
|
path: cosign
|
|
name: cosign.password
|
|
|
|
---
|
|
kind: pipeline
|
|
type: kubernetes
|
|
name: build:latest
|
|
steps:
|
|
- name: docker release
|
|
image: registry.odit.services/library/drone-kaniko
|
|
user: 0
|
|
settings:
|
|
username:
|
|
from_secret: docker_username
|
|
password:
|
|
from_secret: docker_password
|
|
repo: library/drone-kaniko
|
|
tags:
|
|
- latest
|
|
registry: registry.odit.services
|
|
- name: sign_image
|
|
image: registry.odit.services/hub/library/alpine:edge
|
|
commands:
|
|
- apk add cosign docker
|
|
- echo $COSIGN_KEY | sed 's/<br>/\n/g' > cosign.key
|
|
- echo $DOCKER_PASSWORD | docker login registry.odit.services -u $DOCKER_USERNAME --password-stdin
|
|
- "cosign sign --key cosign.key registry.odit.services/library/drone-kaniko:latest"
|
|
environment:
|
|
COSIGN_KEY:
|
|
from_secret: cosign_key
|
|
COSIGN_PASSWORD:
|
|
from_secret: cosign_password
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
trigger:
|
|
branch:
|
|
- main
|
|
event:
|
|
- push
|