squash
All checks were successful
ci/woodpecker/manual/lint Pipeline was successful
ci/woodpecker/manual/build Pipeline was successful

ci: when

hadolint: DL3047

chore(deps): update dependency jinja2 to v2.11.3 (#1)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

chore(deps): update dependency pykeepass to v4.1.0 (#2)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

Syntax

Test

chore(deps): update dependency jinja2 to v3.1.4 (#3)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

t

d

fdgh

3

r

dd

dff

ff

df

ff

dfdf

ff

todo

dd

dd

ff

ff

chore(deps): update woodpeckerci/plugin-git docker tag to v2.5.1 (#5)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

pip extra

pykeepass==4.0.3

ff

ff

f

apackages

dd

ff

ff

ff

--root-user-action--root-user-action

dd

ff

ff

ff

gg

ff

chore(deps): update dependency ansible-dev-tools to v24.7.2 (#6)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

chore(deps): update dependency ansible-manage-lvm to v0.2.12 (#7)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

chore(deps): update dependency community.crypto to v2.21.1 (#8)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

chore(deps): update docker docker tag to v27.1.0 (#9)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

chore(deps): update dependency ansible_role_gitea to v3.5.0 (#10)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

ffd

d

chore(deps): update docker docker tag to v27.1.1 (#11)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

ff

f

dd

dd

ff

dsfsa

dd

chore(deps): update dependency pykeepass to v4.1.0 (#12)
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>

H
This commit is contained in:
Michael Grote 2024-07-09 22:35:14 +02:00
commit 73c15af7b4
6 changed files with 192 additions and 0 deletions

61
.woodpecker/build.yml Normal file
View file

@ -0,0 +1,61 @@
---
depends_on:
- lint
clone:
git:
image: "woodpeckerci/plugin-git:2.5.1"
settings:
depth: 9999 # wird benötigt um die Commits zählen zu können
lfs: false
partial: false
steps:
set_variables:
image: "registry.mgrote.net/allzweckcontainer:latest"
commands:
# set version
- |
MAJOR="1"
MINOR="0"
PATCH="$(git rev-list --count "$CI_COMMIT_BRANCH")"
VERSION="v$MAJOR.$MINOR.$PATCH"
if [ "$CI_COMMIT_BRANCH" != "main" ] && [ "$CI_COMMIT_BRANCH" != "master" ]; then
VERSION=$VERSION-dev
fi
echo "VERSION=$VERSION" >> .variables
# set date
- |
DATE=$(date --iso-8601=seconds)
echo "DATE=$DATE" >> .variables
when:
- event: [push, pull_request, cron, manual]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
build_and_push: # damit dieser Step laufen kann muss das Repo in der Woodpecker-GUI "privilegiert" sein
image: "docker:27.1.1"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
commands:
- cat .variables
- source .variables
# https://unix.stackexchange.com/questions/748633/error-multiple-platforms-feature-is-currently-not-supported-for-docker-driver
- docker buildx create --use --platform=linux/amd64 --name multi-platform-builder
- docker buildx inspect --bootstrap
- |
docker buildx build \
--platform=linux/amd64 \
--push \
--tag registry.mgrote.net/${CI_REPO_NAME}:${CI_COMMIT_SHA:0:8} \
--tag registry.mgrote.net/${CI_REPO_NAME}:${CI_COMMIT_BRANCH} \
--tag registry.mgrote.net/${CI_REPO_NAME}:latest \
--tag registry.mgrote.net/${CI_REPO_NAME}:$VERSION \
--label org.opencontainers.image.url=$CI_REPO_URL \
--label org.opencontainers.image.source=$CI_REPO_URL \
--label org.opencontainers.image.revision=$CI_COMMIT_SHA \
--label org.opencontainers.image.created=$DATE \
--file Dockerfile .
when:
- event: [push, pull_request, cron, manual]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
...

33
.woodpecker/lint.yml Normal file
View file

@ -0,0 +1,33 @@
---
steps:
gitleaks:
image: zricethezav/gitleaks:v8.18.4
commands:
- gitleaks detect --no-git --verbose --source $CI_WORKSPACE
when:
- event: [push, pull_request, cron]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
hadolint:
image: pipelinecomponents/hadolint:0.26.4
commands:
- hadolint Dockerfile
when:
- event: [push, pull_request, cron]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
shellcheck:
image: "koalaman/shellcheck-alpine:v0.10.0"
commands:
- |
find . -type f -not -path './.git/*' -not -path './collections/*' -exec file {} \; | while IFS= read -r line; do
if echo "$line" | grep -q "shell script"; then
file_path=$(echo "$line" | awk -F':' '{print $1}')
shellcheck "$file_path"
fi
done
when:
- event: [push, pull_request, cron]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
#ss
...

39
Dockerfile Normal file
View file

@ -0,0 +1,39 @@
FROM python:3.12.4-bookworm
ENV DEBIAN_FRONTEND=noninteractive
WORKDIR /
COPY requirements.txt .
COPY requirements.yaml .
# hadolint ignore=DL3013
RUN python3 -m pip install --no-cache-dir --upgrade pip \
&& python3 -m pip install --no-cache-dir -r requirements.txt
RUN ansible-galaxy install -r requirements.yaml --roles-path=/ansible/roles
# hadolint ignore=DL3008
RUN apt-get update \
&& apt-get -y --no-install-recommends install \
vim \
tmux \
htop \
git \
dnsutils \
mc \
ca-certificates \
tree \
wget \
curl \
whois \
net-tools \
apt-transport-https \
moreutils \
acl \
ripgrep \
pwgen \
keychain \
bc \
jq \
&& rm -rf /var/lib/apt/lists/* /var/tmp/* /tmp/* requirements.txt requirements.yaml\
&& apt-get clean

13
renovate.json Normal file
View file

@ -0,0 +1,13 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
":dependencyDashboard",
":semanticPrefixFixDepsChoreOthers",
":ignoreModulesAndTests",
"group:monorepos",
"group:recommended",
"replacements:all",
"workarounds:all",
"mergeConfidence:all-badges"
]
}

4
requirements.txt Normal file
View file

@ -0,0 +1,4 @@
pykeepass==4.1.0
jmespath==1.0.1
ansible==10.2.0
ansible-dev-tools==24.7.2

42
requirements.yaml Normal file
View file

@ -0,0 +1,42 @@
collections:
- name: community.general
version: "9.2.0"
- name: community.crypto
version: "2.21.1"
- name: ansible.posix
version: "1.5.4"
- name: community.docker
version: "3.11.0"
- name: viczem.keepass
version: "0.7.5"
roles:
- name: ansible-role-bootstrap
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-bootstrap
version: "7.0.2"
- name: ansible-ufw
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-ufw
version: "v4.1.13"
- name: ansible-manage-lvm
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-manage-lvm
version: "v0.2.12"
- name: ansible-role-unattended-upgrades
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-unattended-upgrades
version: "v4.6.0"
- name: ansible-role-pip
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-pip
version: "3.0.3"
- name: ansible-role-nfs
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-nfs
version: "2.0.0"
- name: ansible-role-docker
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-docker
version: "7.1.0"
- name: ansible_role_ctop
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible_role_ctop
version: "1.1.6"
- name: ansible_role_gitea
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible_role_gitea
version: "v3.5.0"
- name: ansible-role-postgresql
src: git+https://git.mgrote.net/ansible-role-mirrors/ansible-role-postgresql
version: "3.5.2"