first commit
All checks were successful
ci/woodpecker/manual/lint Pipeline was successful
ci/woodpecker/manual/build Pipeline was successful

This commit is contained in:
Michael Grote 2024-05-08 14:38:53 +02:00
commit 8ed6286d2b
4 changed files with 111 additions and 0 deletions

61
.woodpecker/build.yml Normal file
View file

@ -0,0 +1,61 @@
---
depends_on:
- lint
clone:
git:
image: "woodpeckerci/plugin-git:2.5.0"
settings:
depth: 9999 # wird benötigt um die Commits zählen zu können
lfs: false
partial: false
steps:
set_variables:
image: "registry.mgrote.net/allzweckcontainer:latest"
commands:
# set version
- |
MAJOR="1"
MINOR="1"
PATCH="$(git rev-list --count "$CI_COMMIT_BRANCH")"
VERSION="v$MAJOR.$MINOR.$PATCH"
if [ "$CI_COMMIT_BRANCH" != "main" ] && [ "$CI_COMMIT_BRANCH" != "master" ]; then
VERSION=$VERSION-dev
fi
echo "VERSION=$VERSION" >> .variables
# set date
- |
DATE=$(date --iso-8601=seconds)
echo "DATE=$DATE" >> .variables
when:
- event: [push, pull_request]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
build_and_push: # damit dieser Step laufen kann muss das Repo in der Woodpecker-GUI "privilegiert" sein
image: "docker:26.1.1"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
commands:
- cat .variables
- source .variables
# https://unix.stackexchange.com/questions/748633/error-multiple-platforms-feature-is-currently-not-supported-for-docker-driver
- docker buildx create --use --platform=linux/amd64 --name multi-platform-builder
- docker buildx inspect --bootstrap
- |
docker buildx build \
--platform=linux/amd64 \
--push \
--tag registry.mgrote.net/${CI_REPO_NAME}:${CI_COMMIT_SHA:0:8} \
--tag registry.mgrote.net/${CI_REPO_NAME}:${CI_COMMIT_BRANCH} \
--tag registry.mgrote.net/${CI_REPO_NAME}:latest \
--tag registry.mgrote.net/${CI_REPO_NAME}:$VERSION \
--label org.opencontainers.image.url=$CI_REPO_URL \
--label org.opencontainers.image.source=$CI_REPO_URL \
--label org.opencontainers.image.revision=$CI_COMMIT_SHA \
--label org.opencontainers.image.created=$DATE \
--file Dockerfile .
when:
- event: [push, pull_request]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
...

32
.woodpecker/lint.yml Normal file
View file

@ -0,0 +1,32 @@
---
steps:
gitleaks:
image: zricethezav/gitleaks:v8.18.2
commands:
- gitleaks detect --no-git --verbose --source $CI_WORKSPACE
when:
- event: [push, pull_request]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
hadolint:
image: pipelinecomponents/hadolint:0.26.1
commands:
- hadolint Dockerfile
when:
- event: [push, pull_request]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
shellcheck:
image: "koalaman/shellcheck-alpine:v0.10.0"
commands:
- |
find . -type f -not -path './.git/*' -not -path './collections/*' -exec file {} \; | while IFS= read -r line; do
if echo "$line" | grep -q "shell script"; then
file_path=$(echo "$line" | awk -F':' '{print $1}')
shellcheck "$file_path"
fi
done
when:
- event: [push, pull_request]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
...

11
Dockerfile Normal file
View file

@ -0,0 +1,11 @@
FROM ubuntu:24.04
ENV DEBIAN_FRONTEND=noninteractive
# hadolint ignore=DL3008,DL3028
RUN apt-get update \
&& apt-get -y --no-install-recommends install \
python3-full \
&& pip3 install --no-cache-dir --break-system-packages pylint==3.1.0 \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* /var/tmp/* /tmp/*

7
renovate.json Normal file
View file

@ -0,0 +1,7 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base",
"default:pinDigestsDisabled"
]
}