Cosign tags
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Some checks reported errors
continuous-integration/drone/push Build encountered an error
This commit is contained in:
parent
1f76c43a2a
commit
8bdc6d6a15
33
.drone.yml
33
.drone.yml
|
@ -26,6 +26,20 @@ get:
|
|||
path: odit-git-bot
|
||||
name: sshkey
|
||||
|
||||
---
|
||||
kind: secret
|
||||
name: cosign_key
|
||||
get:
|
||||
path: cosign
|
||||
name: cosign.key
|
||||
|
||||
---
|
||||
kind: secret
|
||||
name: cosign_password
|
||||
get:
|
||||
path: cosign
|
||||
name: cosign.password
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: kubernetes
|
||||
|
@ -78,7 +92,7 @@ type: kubernetes
|
|||
name: build:tags
|
||||
|
||||
steps:
|
||||
- name: build $DRONE_TAG
|
||||
- name: build:tag
|
||||
image: plugins/docker
|
||||
user: 0
|
||||
depends_on: [clone]
|
||||
|
@ -92,6 +106,23 @@ steps:
|
|||
- "${DRONE_TAG}"
|
||||
registry: registry.odit.services
|
||||
mtu: 1000
|
||||
- name: sign:image:tag
|
||||
depends_on: [build:tag]
|
||||
image: registry.odit.services/hub/library/alpine:edge
|
||||
commands:
|
||||
- apk add cosign docker
|
||||
- echo $COSIGN_KEY > cosign.key
|
||||
- echo $DOCKER_PASSWORD | docker login registry.odit.services -u $DOCKER_USERNAME --password-stdin
|
||||
- cosign sign --key cosign.key registry.odit.services/library/nginx-brotli:${DRONE_TAG}
|
||||
environment:
|
||||
COSIGN_KEY:
|
||||
from_secret: cosign_key
|
||||
COSIGN_PASSWORD:
|
||||
from_secret: cosign_password
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
trigger:
|
||||
event:
|
||||
- tag
|
||||
|
|
Loading…
Reference in New Issue
Block a user