tricks/.drone.yml

---
kind: pipeline
name: build

steps:
- name: test-build-container
  image: plugins/docker
  settings:
    registry: scm.project42.io
    dockerfile: Dockerfile
    username:
      from_secret: registry_username
    password:
      from_secret: registry_password
    repo: scm.project42.io/elia/tricks
    dry_run: true
    squash: true
    compress: true
    tags:
    - "${DRONE_COMMIT_SHA:0:8}"

- name: build-container
  image: plugins/docker
  settings:
    registry: scm.project42.io
    dockerfile: Dockerfile
    username:
      from_secret: registry_username
    password:
      from_secret: registry_password
    repo: scm.project42.io/elia/tricks
    dry_run: false
    squash: true
    compress: true
    tags:
    - "${DRONE_COMMIT_SHA:0:8}"
  depends_on:
    - test-build-container
  when:
    event:
      exclude:
        - promote

trigger:
  exclude:
    event:
      - promote

---
kind: pipeline
name: scan

steps:
- name: trivy-scan
  image: scm.project42.io/elia/tricks:latest
  environment:
    REGISTRY_USERNAME:
      from_secret: registry_username
    REGISTRY_PASSWORD:
      from_secret: registry_password
  commands:
    - trivy image --image-src remote scm.project42.io/elia/tricks:"${DRONE_COMMIT_SHA:0:8}"
    - trivy image --format json --output result.json --image-src remote scm.project42.io/elia/tricks:"${DRONE_COMMIT_SHA:0:8}"
    - export TIMESTAMP=$(date "+%F %T %Z")
    - echo $TIMESTAMP
    - oras attach --username "$REGISTRY_USERNAME" --password "$REGISTRY_PASSWORD" -a "org.opencontainers.trivy.created=$TIMESTAMP" -a "org.opencontainers.trivy.status=Passed" -a "org.opencontainers.trivy.tag=${DRONE_COMMIT_SHA:0:8}" --artifact-type application/json "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}" result.json
  when:
    event:
      exclude:
        - promote

depends_on:
  - build

trigger:
  exclude:
    event:
      - promote

---
kind: pipeline
name: deploy

steps:
- name: promote-container
  image: scm.project42.io/elia/tricks:latest
  environment:
    REGISTRY_USERNAME:
      from_secret: registry_username
    REGISTRY_PASSWORD:
      from_secret: registry_password
  commands:
    - scripts/get-scan-report "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}"
    - oras tag --username "$REGISTRY_USERNAME" --password "$REGISTRY_PASSWORD" "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}" latest
  when:
    event:
    - promote
    target:
    - production

depends_on:
  - scan

trigger:
  event:
    - promote
  target:
    - production
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00			`---`
			`kind: pipeline`
chore(): Migrate to using tricks and the latest version 2023-07-03 21:23:17 +00:00			`name: build`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00
			`steps:`
chore(): Adds triggers and fixes steps names 2023-07-03 17:01:08 +00:00			`- name: test-build-container`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00			`image: plugins/docker`
			`settings:`
			`registry: scm.project42.io`
			`dockerfile: Dockerfile`
			`username:`
			`from_secret: registry_username`
			`password:`
			`from_secret: registry_password`
chore(): Moving to tools to become a bag of Tricks 2023-07-03 21:12:34 +00:00			`repo: scm.project42.io/elia/tricks`
			`dry_run: true`
			`squash: true`
			`compress: true`
			`tags:`
			`- "${DRONE_COMMIT_SHA:0:8}"`

			`- name: build-container`
			`image: plugins/docker`
			`settings:`
			`registry: scm.project42.io`
			`dockerfile: Dockerfile`
			`username:`
			`from_secret: registry_username`
			`password:`
			`from_secret: registry_password`
			`repo: scm.project42.io/elia/tricks`
chore(): Migrates trivy to remote mode 2023-07-03 18:41:23 +00:00			`dry_run: false`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00			`squash: true`
chore(): Compress the image 2023-07-03 17:24:08 +00:00			`compress: true`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00			`tags:`
			`- "${DRONE_COMMIT_SHA:0:8}"`
chore(): Moving to tools to become a bag of Tricks 2023-07-03 21:12:34 +00:00			`depends_on:`
			`- test-build-container`
chore(): Revising pipeline for promotion 2023-07-04 16:35:12 +00:00			`when:`
			`event:`
			`exclude:`
			`- promote`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00
chore(): Moving to tools to become a bag of Tricks 2023-07-03 21:12:34 +00:00			`trigger:`
			`exclude:`
			`event:`
			`- promote`

			`---`
			`kind: pipeline`
			`name: scan`

			`steps:`
chore(): Adds a Trivy scanning step 2023-07-03 17:05:23 +00:00			`- name: trivy-scan`
chore(): Migrate to using tricks and the latest version 2023-07-03 21:23:17 +00:00			`image: scm.project42.io/elia/tricks:latest`
chore(): attaching the scan to the image 2023-07-03 22:10:41 +00:00			`environment:`
			`REGISTRY_USERNAME:`
			`from_secret: registry_username`
			`REGISTRY_PASSWORD:`
			`from_secret: registry_password`
chore(): Adds a Trivy scanning step 2023-07-03 17:05:23 +00:00			`commands:`
chore(): Revising pipeline for promotion 2023-07-04 16:35:12 +00:00			`- trivy image --image-src remote scm.project42.io/elia/tricks:"${DRONE_COMMIT_SHA:0:8}"`
chore(): attaching the scan to the image 2023-07-03 22:10:41 +00:00			`- trivy image --format json --output result.json --image-src remote scm.project42.io/elia/tricks:"${DRONE_COMMIT_SHA:0:8}"`
			`- export TIMESTAMP=$(date "+%F %T %Z")`
			`- echo $TIMESTAMP`
			`- oras attach --username "$REGISTRY_USERNAME" --password "$REGISTRY_PASSWORD" -a "org.opencontainers.trivy.created=$TIMESTAMP" -a "org.opencontainers.trivy.status=Passed" -a "org.opencontainers.trivy.tag=${DRONE_COMMIT_SHA:0:8}" --artifact-type application/json "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}" result.json`
chore(): Revising pipeline for promotion 2023-07-04 16:35:12 +00:00			`when:`
			`event:`
			`exclude:`
			`- promote`
chore(): Promote image to post scran after successful scan 2023-07-03 20:43:26 +00:00
chore(): Moving to tools to become a bag of Tricks 2023-07-03 21:12:34 +00:00			`depends_on:`
chore(): Migrate to using tricks and the latest version 2023-07-03 21:23:17 +00:00			`- build`
chore(): Moving to tools to become a bag of Tricks 2023-07-03 21:12:34 +00:00
chore(): Adds triggers and fixes steps names 2023-07-03 17:01:08 +00:00			`trigger:`
			`exclude:`
			`event:`
			`- promote`

chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00			`---`
			`kind: pipeline`
chore(): Migrate to using tricks and the latest version 2023-07-03 21:23:17 +00:00			`name: deploy`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00
			`steps:`
chore(): Migrates to using the same image 2023-07-03 21:19:50 +00:00			`- name: promote-container`
chore(): Migrate to using tricks and the latest version 2023-07-03 21:23:17 +00:00			`image: scm.project42.io/elia/tricks:latest`
chore(): Migrates promotion to renaming 2023-07-03 21:05:03 +00:00			`environment:`
			`REGISTRY_USERNAME:`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00			`from_secret: registry_username`
chore(): Migrates promotion to renaming 2023-07-03 21:05:03 +00:00			`REGISTRY_PASSWORD:`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00			`from_secret: registry_password`
chore(): Migrates promotion to renaming 2023-07-03 21:05:03 +00:00			`commands:`
chore(): Copy scripts to the container 2023-07-04 17:21:12 +00:00			`- scripts/get-scan-report "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}"`
chore(): attaching the scan to the image 2023-07-03 22:10:41 +00:00			`- oras tag --username "$REGISTRY_USERNAME" --password "$REGISTRY_PASSWORD" "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}" latest`
chore(): Adds triggers and fixes steps names 2023-07-03 17:01:08 +00:00			`when:`
			`event:`
			`- promote`
			`target:`
			`- production`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00
			`depends_on:`
chore(): Moving to tools to become a bag of Tricks 2023-07-03 21:12:34 +00:00			`- scan`
chore(): Adds pipelien to build container 2023-07-03 16:57:17 +00:00
			`trigger:`
			`event:`
			`- promote`
			`target:`
			`- production`