chore(): Migrates pipeline to using the latest tricks features
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/promote/production Build is passing

This commit is contained in:
Elia el Lazkani 2023-07-05 23:53:11 +02:00
parent 1916c0003e
commit 720c8e29ea

View file

@ -61,8 +61,13 @@ steps:
- name: trivy-scan - name: trivy-scan
image: scm.project42.io/elia/tricks:latest image: scm.project42.io/elia/tricks:latest
environment:
REGISTRY_USERNAME:
from_secret: registry_username
REGISTRY_PASSWORD:
from_secret: registry_password
commands: commands:
- trivy image --image-src remote "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}" - generate-scan-report -i scm.project42.io/elia/blog -t "${DRONE_COMMIT_SHA:0:8}" -g "${DRONE_COMMIT_SHA:0:8}"
depends_on: depends_on:
- build-container - build-container
@ -74,7 +79,8 @@ steps:
REGISTRY_PASSWORD: REGISTRY_PASSWORD:
from_secret: registry_password from_secret: registry_password
commands: commands:
- oras cp --from-username "$REGISTRY_USERNAME" --from-password "$REGISTRY_PASSWORD" --to-username "$REGISTRY_USERNAME" --to-password "$REGISTRY_PASSWORD" "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}" scm.project42.io/elia/blog:latest - check-scan-report -i scm.project42.io/elia/blog -t "${DRONE_COMMIT_SHA:0:8}"
- oras tag --username "$REGISTRY_USERNAME" --password "$REGISTRY_PASSWORD" "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}" latest
depends_on: depends_on:
- trivy-scan - trivy-scan
when: when: