---
kind: pipeline
type: docker
name: default
steps:
  # prüfe ob secrets im Repo sind
  - name: run gitleaks
    image: plugins/gitleaks
    settings:
      path: .

  # linter für Dockerfiles
  # https://github.com/hadolint/hadolint/blob/master/docs/INTEGRATION.md
  - name: hadolint
    image: hadolint/hadolint:latest-debian
    # image: ghcr.io/hadolint/hadolint:latest-debian
    commands:
      - hadolint --version
      - hadolint  Dockerfile

  - name: container
    image: docker:20
    environment:
      username:
        from_secret: OCI_REGISTRY_USER
      password:
        from_secret: OCI_REGISTRY_PASS
    commands:
      - sleep 600
      - docker build -t registry.mgrote.net/allzweckcontainer:latest .
      - docker tag registry.mgrote.net/allzweckcontainer:latest registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_SHA:0:8}
      - docker tag registry.mgrote.net/allzweckcontainer:latest registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_BRANCH}
      - docker login --username $username --password $password registry.mgrote.net
      - docker push registry.mgrote.net/allzweckcontainer:latest
      - docker push registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_SHA:0:8}
      - docker push registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_BRANCH}
    volumes:
      - name: dockersock
        path: /var/run