45 lines
1.4 KiB
YAML
45 lines
1.4 KiB
YAML
---
|
|
kind: pipeline
|
|
type: docker
|
|
name: default
|
|
steps:
|
|
# prüfe ob secrets im Repo sind
|
|
- name: run gitleaks
|
|
image: plugins/gitleaks
|
|
settings:
|
|
path: .
|
|
|
|
# linter für Dockerfiles
|
|
# https://github.com/hadolint/hadolint/blob/master/docs/INTEGRATION.md
|
|
- name: hadolint
|
|
image: hadolint/hadolint:latest-debian
|
|
# image: ghcr.io/hadolint/hadolint:latest-debian
|
|
commands:
|
|
- hadolint --version
|
|
- hadolint Dockerfile
|
|
|
|
- name: container
|
|
image: docker:dind
|
|
environment:
|
|
username:
|
|
from_secret: OCI_REGISTRY_USER
|
|
password:
|
|
from_secret: OCI_REGISTRY_PASS
|
|
commands:
|
|
- sleep 600
|
|
- docker build -t registry.mgrote.net/allzweckcontainer:latest .
|
|
- docker tag registry.mgrote.net/allzweckcontainer:latest registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_SHA:0:8}
|
|
- docker tag registry.mgrote.net/allzweckcontainer:latest registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_BRANCH}
|
|
- docker login --username $username --password $password registry.mgrote.net
|
|
- docker push registry.mgrote.net/allzweckcontainer:latest
|
|
- docker push registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_SHA:0:8}
|
|
- docker push registry.mgrote.net/allzweckcontainer:${DRONE_COMMIT_BRANCH}
|
|
volumes:
|
|
- name: dockersock
|
|
path: /var/run/docker.sock
|
|
|
|
volumes:
|
|
- name: dockersock
|
|
host:
|
|
path: /var/run/docker.sock
|