215 lines
4.5 KiB
YAML
215 lines
4.5 KiB
YAML
---
|
|
kind: secret
|
|
name: docker_username
|
|
get:
|
|
path: odit-registry-builder
|
|
name: username
|
|
|
|
---
|
|
kind: secret
|
|
name: docker_password
|
|
get:
|
|
path: odit-registry-builder
|
|
name: password
|
|
|
|
---
|
|
kind: secret
|
|
name: gitea_token
|
|
get:
|
|
path: odit-git-bot
|
|
name: apikey
|
|
|
|
---
|
|
kind: secret
|
|
name: git_ssh
|
|
get:
|
|
path: odit-git-bot
|
|
name: sshkey
|
|
|
|
---
|
|
kind: secret
|
|
name: cosign_key
|
|
get:
|
|
path: cosign
|
|
name: cosign.key
|
|
|
|
---
|
|
kind: secret
|
|
name: cosign_password
|
|
get:
|
|
path: cosign
|
|
name: cosign.password
|
|
|
|
---
|
|
kind: pipeline
|
|
type: kubernetes
|
|
name: build:latest
|
|
steps:
|
|
- name: bump_patch
|
|
depends_on: [clone]
|
|
image: registry.odit.services/hub/library/node:18.6.0-alpine3.15
|
|
commands:
|
|
- apk add git
|
|
- git config --global push.default current
|
|
- git branch --set-upstream-to=origin/main main
|
|
- yarn
|
|
- yarn release:patch
|
|
- git pull
|
|
- name: push to repo
|
|
image: appleboy/drone-git-push
|
|
depends_on: [bump_patch]
|
|
settings:
|
|
commit: false
|
|
author_email: bot@odit.services
|
|
followtags: true
|
|
branch: main
|
|
remote: git@git.odit.services:odit/nginx-brotli.git
|
|
skip_verify: true
|
|
ssh_key:
|
|
from_secret: git_ssh
|
|
- name: docker release
|
|
image: registry.odit.services/library/drone-kaniko
|
|
depends_on: [bump_patch]
|
|
settings:
|
|
username:
|
|
from_secret: docker_username
|
|
password:
|
|
from_secret: docker_password
|
|
repo: library/nginx-brotli
|
|
tags:
|
|
- latest
|
|
cache: true
|
|
trigger:
|
|
branch:
|
|
- main
|
|
---
|
|
kind: pipeline
|
|
type: kubernetes
|
|
name: build:tags
|
|
steps:
|
|
- name: build_tag
|
|
image: registry.odit.services/library/drone-kaniko
|
|
depends_on: [clone]
|
|
settings:
|
|
username:
|
|
from_secret: docker_username
|
|
password:
|
|
from_secret: docker_password
|
|
repo: library/nginx-brotli
|
|
tags:
|
|
- "${DRONE_TAG}"
|
|
cache: true
|
|
registry: registry.odit.services
|
|
- name: sign_image
|
|
image: registry.odit.services/hub/library/alpine:edge
|
|
depends_on: [build_tag]
|
|
commands:
|
|
- apk add cosign docker
|
|
- echo $COSIGN_KEY | sed 's/<br>/\n/g' > cosign.key
|
|
- echo $DOCKER_PASSWORD | docker login registry.odit.services -u $DOCKER_USERNAME --password-stdin
|
|
- "cosign sign --key cosign.key registry.odit.services/library/nginx-brotli:${DRONE_TAG}"
|
|
environment:
|
|
COSIGN_KEY:
|
|
from_secret: cosign_key
|
|
COSIGN_PASSWORD:
|
|
from_secret: cosign_password
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
trigger:
|
|
event:
|
|
- tag
|
|
---
|
|
kind: pipeline
|
|
type: kubernetes
|
|
name: build:nightly
|
|
steps:
|
|
- name: docker release
|
|
image: registry.odit.services/library/drone-kaniko
|
|
depends_on: [clone]
|
|
settings:
|
|
username:
|
|
from_secret: docker_username
|
|
password:
|
|
from_secret: docker_password
|
|
repo: library/nginx-brotli
|
|
tags:
|
|
- nightly
|
|
cache: true
|
|
registry: registry.odit.services
|
|
trigger:
|
|
branch:
|
|
- main
|
|
event:
|
|
- cron
|
|
cron:
|
|
include:
|
|
- nightly
|
|
---
|
|
kind: pipeline
|
|
type: kubernetes
|
|
name: build:weekly
|
|
steps:
|
|
- name: bump_prepatch
|
|
depends_on: [clone]
|
|
image: registry.odit.services/hub/library/node:18.6.0-alpine3.15
|
|
commands:
|
|
- apk add git
|
|
- git config --global push.default current
|
|
- git branch --set-upstream-to=origin/main main
|
|
- yarn
|
|
- "yarn release:prepatch"
|
|
- git pull
|
|
- name: push to repo
|
|
image: appleboy/drone-git-push
|
|
depends_on: [bump_prepatch]
|
|
settings:
|
|
commit: false
|
|
author_email: bot@odit.services
|
|
followtags: true
|
|
branch: main
|
|
remote: git@git.odit.services:odit/nginx-brotli.git
|
|
skip_verify: true
|
|
ssh_key:
|
|
from_secret: git_ssh
|
|
- name: docker release
|
|
image: registry.odit.services/library/drone-kaniko
|
|
depends_on: [bump_prepatch]
|
|
settings:
|
|
username:
|
|
from_secret: docker_username
|
|
password:
|
|
from_secret: docker_password
|
|
repo: library/nginx-brotli
|
|
tags:
|
|
- weekly
|
|
- "${DRONE_STAGE_STARTED}"
|
|
cache: true
|
|
registry: registry.odit.services
|
|
trigger:
|
|
branch:
|
|
- main
|
|
event:
|
|
- cron
|
|
cron:
|
|
include:
|
|
- weekly
|
|
# ---
|
|
# kind: pipeline
|
|
# type: kubernetes
|
|
# name: build:pr
|
|
# steps:
|
|
# - name: docker release
|
|
# image: plugins/docker
|
|
# user: 0
|
|
# depends_on: [clone]
|
|
# settings:
|
|
# dry_run: true
|
|
# tags:
|
|
# - "PR-${DRONE_STAGE_STARTED}"
|
|
# mtu: 1000
|
|
# trigger:
|
|
# event:
|
|
# - pull_request
|