Update registry.odit.services/hub/library/alpine Docker tag to v3.18

.drone.yml

@@ -0,0 +1,198 @@
+---
+kind: secret
+name: docker_username
+get:
+  path: odit-registry-builder
+  name: username
+
+---
+kind: secret
+name: docker_password
+get:
+  path: odit-registry-builder
+  name: password
+
+---
+kind: secret
+name: gitea_token
+get:
+  path: odit-git-bot
+  name: apikey
+
+---
+kind: secret
+name: git_ssh
+get:
+  path: odit-git-bot
+  name: sshkey
+
+---
+kind: secret
+name: cosign_key
+get:
+  path: cosign
+  name: cosign.key
+
+---
+kind: secret
+name: cosign_password
+get:
+  path: cosign
+  name: cosign.password
+
+---
+kind: pipeline
+type: kubernetes
+name: build:latest
+steps:
+  - name: bump_patch
+    depends_on: [clone]
+    image: registry.odit.services/hub/library/node:19.2.0-alpine3.15
+    commands:
+      - apk add git
+      - git config --global push.default current
+      - git branch --set-upstream-to=origin/main main
+      - yarn
+      - yarn release:patch
+      - git pull
+  - name: push to repo
+    image: registry.odit.services/hub/appleboy/drone-git-push
+    depends_on: [bump_patch]
+    settings:
+      commit: false
+      author_email: bot@odit.services
+      followtags: true
+      branch: main
+      remote: git@git.odit.services:odit/nginx-brotli.git
+      skip_verify: true
+      ssh_key:
+        from_secret: git_ssh
+  - name: docker release
+    image: registry.odit.services/library/drone-kaniko
+    depends_on: [bump_patch]
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: library/nginx-brotli
+      registry: registry.odit.services
+      tags:
+        - latest
+      cache: true
+trigger:
+  branch:
+    - main
+---
+kind: pipeline
+type: kubernetes
+name: build:tags
+steps:
+  - name: build_tag
+    image: registry.odit.services/library/drone-kaniko
+    depends_on: [clone]
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: library/nginx-brotli
+      tags:
+        - "${DRONE_TAG}"
+      cache: true
+      registry: registry.odit.services
+  # - name: sign_image
+  #   image: registry.odit.services/hub/library/alpine:edge
+  #   depends_on: [build_tag]
+  #   commands:
+  #     - apk add cosign docker
+  #     - echo $COSIGN_KEY | sed 's/<br>/\n/g' > cosign.key
+  #     - echo $DOCKER_PASSWORD | docker login registry.odit.services -u $DOCKER_USERNAME --password-stdin
+  #     - "cosign sign --key cosign.key registry.odit.services/library/nginx-brotli:${DRONE_TAG}"
+    environment:
+      COSIGN_KEY:
+        from_secret: cosign_key
+      COSIGN_PASSWORD:
+        from_secret: cosign_password
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+      DOCKER_USERNAME:
+        from_secret: docker_username
+trigger:
+  event:
+    - tag
+---
+kind: pipeline
+type: kubernetes
+name: build:nightly
+steps:
+  - name: docker release
+    image: registry.odit.services/library/drone-kaniko
+    depends_on: [clone]
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: library/nginx-brotli
+      tags:
+        - nightly
+      cache: true
+      registry: registry.odit.services
+trigger:
+  branch:
+    - main
+  event:
+    - cron
+  cron:
+    include:
+      - nightly
+---
+kind: pipeline
+type: kubernetes
+name: build:weekly
+steps:
+  - name: bump_prepatch
+    depends_on: [clone]
+    image: registry.odit.services/hub/library/node:19.2.0-alpine3.15
+    commands:
+      - apk add git
+      - git config --global push.default current
+      - git branch --set-upstream-to=origin/main main
+      - yarn
+      - "yarn release:prepatch"
+      - git pull
+  - name: push to repo
+    image: registry.odit.services/hub/appleboy/drone-git-push
+    depends_on: [bump_prepatch]
+    settings:
+      commit: false
+      author_email: bot@odit.services
+      followtags: true
+      branch: main
+      remote: git@git.odit.services:odit/nginx-brotli.git
+      skip_verify: true
+      ssh_key:
+        from_secret: git_ssh
+  - name: docker release
+    image: registry.odit.services/library/drone-kaniko
+    depends_on: [bump_prepatch]
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: library/nginx-brotli
+      tags:
+        - weekly
+        - "${DRONE_STAGE_STARTED}"
+      cache: true
+      registry: registry.odit.services
+trigger:
+  branch:
+    - main
+  event:
+    - cron
+  cron:
+    include:
+      - weekly

.woodpecker/build.yml

@@ -1,71 +0,0 @@
-steps:
-  - name: build latest
-    image: registry.odit.services/library/docker-buildx
-    settings:
-      repo: registry.odit.services/library/nginx-brotli
-      tags:
-        - latest
-      registry: registry.odit.services
-      platforms: linux/amd64,linux/arm64
-      cache_from:
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:nightly'
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:latest'
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:cache'
-      cache_to:
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:cache\\,mode=max\\,image-manifest=true\\,oci-mediatypes=true'
-      username:
-        from_secret: odit-registry-builder-username
-      password:
-        from_secret: odit-registry-builder-password
-    secrets:
-      - source: odit-npm-cache-url
-        target: NPM_REGISTRY_URL
-    when:
-      branch: main
-      event: push
-  - name: build nightly
-    image: registry.odit.services/library/docker-buildx
-    settings:
-      repo: registry.odit.services/library/nginx-brotli
-      tags:
-        - nightly
-      registry: registry.odit.services
-      platforms: linux/amd64,linux/arm64
-      cache_from:
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:nightly'
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:latest'
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:cache'
-      cache_to:
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:cache\\,mode=max\\,image-manifest=true\\,oci-mediatypes=true'
-      username:
-        from_secret: odit-registry-builder-username
-      password:
-        from_secret: odit-registry-builder-password
-    secrets:
-      - source: odit-npm-cache-url
-        target: NPM_REGISTRY_URL
-    when:
-      branch: main
-      event: cron
-      cron: nightly
-  - name: build tag
-    image: registry.odit.services/library/docker-buildx
-    settings:
-      repo: registry.odit.services/library/nginx-brotli
-      tags:
-        - "${CI_COMMIT_TAG}"
-      registry: registry.odit.services
-      platforms: linux/amd64,linux/arm64
-      cache_from:
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:nightly'
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:latest'
-        - 'type=registry\\,ref=registry.odit.services/library/nginx-brotli:cache'
-      username:
-        from_secret: odit-registry-builder-username
-      password:
-        from_secret: odit-registry-builder-password
-    secrets:
-      - source: odit-npm-cache-url
-        target: NPM_REGISTRY_URL
-    when:
-      event: tag

Dockerfile

@@ -48,7 +48,7 @@ ARG CONFIG="\
 		--add-module=/usr/src/ngx_brotli \
 	"
 
-FROM registry.odit.services/hub/library/alpine:3.19
+FROM registry.odit.services/hub/library/alpine:3.18
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
 ARG NGINX_VERSION
@@ -133,7 +133,7 @@ RUN \
 			| xargs -r apk info --installed \
 			| sort -u > /tmp/runDeps.txt
 
-FROM registry.odit.services/hub/library/alpine:3.19
+FROM registry.odit.services/hub/library/alpine:3.18
 ARG NGINX_VERSION
 
 COPY --from=0 /tmp/runDeps.txt /tmp/runDeps.txt