---
kind: pipeline
type: docker
name: default
steps:
  # prüfe ob secrets im Repo sind
  - name: run gitleaks
    image: plugins/gitleaks
    settings:
      path: .

  # linter für Dockerfiles
  # https://github.com/hadolint/hadolint/blob/master/docs/INTEGRATION.md
  - name: hadolint
    image: hadolint/hadolint:latest-debian
    # image: ghcr.io/hadolint/hadolint:latest-debian
    commands:
      - hadolint --version
      - hadolint  Dockerfile

  - name: container
    image: docker:dind
    environment:
      DOCKER_USERNAME:
        from_secret: OCI_REGISTRY_USER
      DOCKER_PASSWORD:
        from_secret: OCI_REGISTRY_PASS
    commands:
      - docker build -t registry.mgrote.net/allzweckcontainer:latest .
      #- docker tag registry.mgrote.net/allzweckcontainer:latest registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_SHA:0:8}
    #  - docker tag registry.mgrote.net/allzweckcontainer:latest registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_BRANCH}
      - docker login registry.mgrote.net
      - docker push registry.mgrote.net/allzweckcontainer:latest
    #  - docker push registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_SHA:0:8}
    #  - docker push registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_BRANCH}
    volumes:
    - name: dockersock
      path: /var/run/docker.sock

volumes:
- name: dockersock
  host:
    path: /var/run/docker.sock