--- kind: secret name: docker_username get: path: odit-registry-builder name: username --- kind: secret name: docker_password get: path: odit-registry-builder name: password --- kind: secret name: gitea_token get: path: odit-git-bot name: apikey --- kind: secret name: git_ssh get: path: odit-git-bot name: sshkey --- kind: secret name: cosign_key get: path: cosign name: cosign.key --- kind: secret name: cosign_password get: path: cosign name: cosign.password --- kind: pipeline type: kubernetes name: build:latest steps: - name: bump_patch depends_on: [clone] image: registry.odit.services/hub/library/node:18.6.0-alpine3.15 commands: - apk add git - git config --global push.default current - git branch --set-upstream-to=origin/main main - yarn - yarn release:patch - git pull - name: push to repo image: appleboy/drone-git-push depends_on: [bump_patch] settings: commit: false author_email: bot@odit.services followtags: true branch: main remote: git@git.odit.services:odit/nginx-brotli.git skip_verify: true ssh_key: from_secret: git_ssh - name: docker release image: registry.odit.services/library/drone-kaniko depends_on: [bump_patch] settings: username: from_secret: docker_username password: from_secret: docker_password repo: library/nginx-brotli tags: - latest cache: true trigger: branch: - main --- kind: pipeline type: kubernetes name: build:tags steps: - name: build_tag image: registry.odit.services/library/drone-kaniko depends_on: [clone] settings: username: from_secret: docker_username password: from_secret: docker_password repo: library/nginx-brotli tags: - "${DRONE_TAG}" cache: true registry: registry.odit.services - name: sign_image image: registry.odit.services/hub/library/alpine:edge depends_on: [build_tag] commands: - apk add cosign docker - echo $COSIGN_KEY | sed 's/
/\n/g' > cosign.key - echo $DOCKER_PASSWORD | docker login registry.odit.services -u $DOCKER_USERNAME --password-stdin - "cosign sign --key cosign.key registry.odit.services/library/nginx-brotli:${DRONE_TAG}" environment: COSIGN_KEY: from_secret: cosign_key COSIGN_PASSWORD: from_secret: cosign_password DOCKER_PASSWORD: from_secret: docker_password DOCKER_USERNAME: from_secret: docker_username trigger: event: - tag --- kind: pipeline type: kubernetes name: build:nightly steps: - name: docker release image: registry.odit.services/library/drone-kaniko depends_on: [clone] settings: username: from_secret: docker_username password: from_secret: docker_password repo: library/nginx-brotli tags: - nightly cache: true registry: registry.odit.services trigger: branch: - main event: - cron cron: include: - nightly --- kind: pipeline type: kubernetes name: build:weekly steps: - name: bump_prepatch depends_on: [clone] image: registry.odit.services/hub/library/node:18.6.0-alpine3.15 commands: - apk add git - git config --global push.default current - git branch --set-upstream-to=origin/main main - yarn - "yarn release:prepatch" - git pull - name: push to repo image: appleboy/drone-git-push depends_on: [bump_prepatch] settings: commit: false author_email: bot@odit.services followtags: true branch: main remote: git@git.odit.services:odit/nginx-brotli.git skip_verify: true ssh_key: from_secret: git_ssh - name: docker release image: registry.odit.services/library/drone-kaniko depends_on: [bump_prepatch] settings: username: from_secret: docker_username password: from_secret: docker_password repo: library/nginx-brotli tags: - weekly - "${DRONE_STAGE_STARTED}" cache: true registry: registry.odit.services trigger: branch: - main event: - cron cron: include: - weekly # --- # kind: pipeline # type: kubernetes # name: build:pr # steps: # - name: docker release # image: plugins/docker # user: 0 # depends_on: [clone] # settings: # dry_run: true # tags: # - "PR-${DRONE_STAGE_STARTED}" # mtu: 1000 # trigger: # event: # - pull_request