--- kind: secret name: docker_username get: path: odit-registry-builder name: username --- kind: secret name: docker_password get: path: odit-registry-builder name: password --- kind: secret name: gitea_token get: path: odit-git-bot name: apikey --- kind: secret name: git_ssh get: path: odit-git-bot name: sshkey --- kind: secret name: cosign_key get: path: cosign name: cosign.key --- kind: secret name: cosign_password get: path: cosign name: cosign.password --- kind: pipeline type: kubernetes name: build:latest steps: - name: bump_patch depends_on: [clone] image: registry.odit.services/hub/library/node:18.1.0-alpine3.15 commands: - apk add git - git config --global push.default current - git branch --set-upstream-to=origin/main main - yarn - yarn release:patch - git pull - name: push to repo image: appleboy/drone-git-push depends_on: [bump_patch] settings: commit: false author_email: bot@odit.services followtags: true branch: main remote: git@git.odit.services:odit/nginx-brotli.git skip_verify: true ssh_key: from_secret: git_ssh - name: docker release image: plugins/docker depends_on: [clone] user: 0 settings: username: from_secret: docker_username password: from_secret: docker_password repo: registry.odit.services/library/nginx-brotli tags: - latest registry: registry.odit.services mtu: 1000 trigger: branch: - main --- kind: pipeline type: kubernetes name: build:tags steps: - name: build_tag image: plugins/docker user: 0 depends_on: [clone] settings: username: from_secret: docker_username password: from_secret: docker_password repo: registry.odit.services/library/nginx-brotli tags: - "${DRONE_TAG}" registry: registry.odit.services mtu: 1000 - name: sign_image depends_on: [build_tag] image: registry.odit.services/hub/library/alpine:edge commands: - apk add cosign docker - echo $COSIGN_KEY > cosign.key - echo $DOCKER_PASSWORD | docker login registry.odit.services -u $DOCKER_USERNAME --password-stdin - "cosign sign --key cosign.key registry.odit.services/library/nginx-brotli:${DRONE_TAG}" environment: COSIGN_KEY: from_secret: cosign_key COSIGN_PASSWORD: from_secret: cosign_password DOCKER_PASSWORD: from_secret: docker_password DOCKER_USERNAME: from_secret: docker_username trigger: event: - tag --- kind: pipeline type: kubernetes name: build:nightly steps: - name: docker release image: plugins/docker user: 0 depends_on: [clone] settings: username: from_secret: docker_username password: from_secret: docker_password repo: registry.odit.services/library/nginx-brotli tags: - nightly registry: registry.odit.services mtu: 1000 trigger: branch: - main event: - cron cron: include: - nightly --- kind: pipeline type: kubernetes name: build:weekly steps: - name: bump_prepatch depends_on: [clone] image: registry.odit.services/hub/library/node:18.1.0-alpine3.15 commands: - apk add git - git config --global push.default current - git branch --set-upstream-to=origin/main main - yarn - "yarn release:prepatch" - git pull - name: push to repo image: appleboy/drone-git-push depends_on: [bump_patch] settings: commit: false author_email: bot@odit.services followtags: true branch: main remote: git@git.odit.services:odit/nginx-brotli.git skip_verify: true ssh_key: from_secret: git_ssh - name: docker release image: plugins/docker user: 0 depends_on: [clone] settings: username: from_secret: docker_username password: from_secret: docker_password repo: registry.odit.services/library/nginx-brotli tags: - weekly - "${DRONE_STAGE_STARTED}" registry: registry.odit.services mtu: 1000 trigger: branch: - main event: - cron cron: include: - weekly --- kind: pipeline type: kubernetes name: build:pr steps: - name: docker release image: plugins/docker user: 0 depends_on: [clone] settings: dry_run: true tags: - "PR-${DRONE_STAGE_STARTED}" mtu: 1000 trigger: event: - pull_request