From 5873fac73795bb86a4eb94d6f9d7215e1aa0561e Mon Sep 17 00:00:00 2001 From: Elia el Lazkani Date: Thu, 6 Jul 2023 00:16:08 +0200 Subject: [PATCH] enh(): Updates pipeline to use tricks --- .drone.yml | 60 ++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 47 insertions(+), 13 deletions(-) diff --git a/.drone.yml b/.drone.yml index 604cd88..6bee5e4 100644 --- a/.drone.yml +++ b/.drone.yml @@ -3,7 +3,7 @@ kind: pipeline name: container-check steps: -- name: check-build +- name: check-container image: plugins/docker settings: registry: scm.project42.io @@ -18,17 +18,7 @@ steps: tags: - "${DRONE_COMMIT_SHA:0:8}" -trigger: - exclude: - event: - - promote - ---- -kind: pipeline -name: container-build - -steps: -- name: build-latest +- name: build-container image: plugins/docker settings: registry: scm.project42.io @@ -41,8 +31,52 @@ steps: dry_run: false squash: true tags: - - latest - "${DRONE_COMMIT_SHA:0:8}" + depends_on: + - check-container + when: + event: + exclude: + - promote + +- name: trivy-scan + image: scm.project42.io/elia/tricks:latest + environment: + REGISTRY_USERNAME: + from_secret: registry_username + REGISTRY_PASSWORD: + from_secret: registry_password + commands: + - generate-scan-report -i scm.project42.io/elia/nikola -t "${DRONE_COMMIT_SHA:0:8}" -g "${DRONE_COMMIT_SHA:0:8}" + depends_on: + - build-container + when: + event: + exclude: + - promote + +trigger: + exclude: + event: + - promote + +--- +kind: pipeline +name: promote-to-production + +steps: +- name: promote-container + image: scm.project42.io/elia/tricks:latest + environment: + REGISTRY_USERNAME: + from_secret: registry_username + REGISTRY_PASSWORD: + from_secret: registry_password + commands: + - check-scan-report -i scm.project42.io/elia/nikola -t "${DRONE_COMMIT_SHA:0:8}" + - oras tag --username "$REGISTRY_USERNAME" --password "$REGISTRY_PASSWORD" "scm.project42.io/elia/nikola:${DRONE_COMMIT_SHA:0:8}" latest + depends_on: + - trivy-scan when: event: - promote