55 lines
1.6 KiB
YAML
55 lines
1.6 KiB
YAML
---
|
|
kind: pipeline
|
|
type: docker
|
|
|
|
platform:
|
|
os: linux
|
|
arch: amd64
|
|
|
|
steps:
|
|
- name: build
|
|
image: gcr.io/kaniko-project/executor:latest
|
|
entrypoint: [ /kaniko/executor ]
|
|
command: [ "--context=/drone/src", "--dockerfile=Dockerfile", "--destination=image", "--no-push", "--tarPath=maptest-bot.tar" ]
|
|
|
|
- name: scan-image
|
|
image: aquasec/trivy:latest
|
|
commands:
|
|
- trivy image --exit-code 1 --severity CRITICAL --input maptest-bot.tar
|
|
|
|
- name: push-image
|
|
image: alpine:3
|
|
commands:
|
|
- wget -qO- https://github.com/google/go-containerregistry/releases/download/v0.9.0/go-containerregistry_Linux_x86_64.tar.gz | tar xvz -C /usr/bin/
|
|
- crane auth login -u $REGISTRY_USER -p $REGISTRY_PASS $REGISTRY_URL
|
|
- crane push maptest-bot.tar $REGISTRY_URL/strafesnet/maptest-bot:latest
|
|
- crane push maptest-bot.tar $REGISTRY_URL/strafesnet/maptest-bot:master-$DRONE_BUILD_NUMBER
|
|
environment:
|
|
REGISTRY_URL:
|
|
from_secret: REGISTRY_URL
|
|
REGISTRY_USER:
|
|
from_secret: REGISTRY_USER
|
|
REGISTRY_PASS:
|
|
from_secret: REGISTRY_PASS
|
|
when:
|
|
ref:
|
|
- refs/heads/master
|
|
|
|
- name: deploy
|
|
image: alpine/helm:latest
|
|
commands:
|
|
- mkdir ~/.kube && echo "$KUBE_CONF_DEV" > ~/.kube/config && chmod 600 ~/.kube/config
|
|
- helm install --namespace=strafesnet-dev maptest-bot --set config="$(echo $APP_CONFIG | base64 -w0)" --set image.tag=master-$DRONE_BUILD_NUMBER chart
|
|
environment:
|
|
APP_CONFIG:
|
|
from_secret: APP_CONFIG
|
|
KUBE_CONF_DEV:
|
|
from_secret: KUBE_CONF_DEV
|
|
when:
|
|
ref:
|
|
- refs/heads/master
|
|
|
|
trigger:
|
|
ref:
|
|
- refs/heads/master
|
|
- refs/pull/*/head |