Compare commits

..

1 Commits

Author SHA1 Message Date
600891051b Update aquasec/trivy Docker tag to v0.51.1
Some checks failed
ci/woodpecker/push/renovate Pipeline was successful
ci/woodpecker/pr/renovate Pipeline was successful
ci/woodpecker/push/test Pipeline was successful
ci/woodpecker/pr/test Pipeline was successful
ci/woodpecker/push/master Pipeline was successful
ci/woodpecker/push/next Pipeline was successful
ci/woodpecker/pr/master Pipeline was successful
ci/woodpecker/pr/next Pipeline failed
2024-05-08 07:45:15 +00:00
5 changed files with 151 additions and 70 deletions

View File

@ -1,70 +0,0 @@
when:
- event: [pull_request, tag, cron]
- event: push
branch:
- ${CI_REPO_DEFAULT_BRANCH}
variables:
- &build_plugin 'woodpeckerci/plugin-docker-buildx:3.2.1'
# deployment targets
- &publish_repos 'ocram85/blog,gitea.ocram85.com/ocram85/blog'
# logins for deployment targets
- publish_logins: &publish_logins
# Default DockerHub login
- registry: https://index.docker.io/v1/
username:
from_secret: hub_user
password:
from_secret: hub_passwd
# Additional Quay.IO login
- registry: https://gitea.ocram85.com
username:
from_secret: gitea_user
password:
from_secret: gitea_passwd
steps:
test:
image: *build_plugin
settings:
dry_run: true
registry: gitea.ocram85.com
repo: test
dockerfile: Dockerfile
platforms: linux/amd64
auto_tag: true
#build_args:
# - VERSION=${CI_COMMIT_TAG:-PR ${CI_COMMIT_PULL_REQUEST}}
# - TAG=${CI_COMMIT_TAG}
when:
event: pull_request
branch: ${CI_REPO_DEFAULT_BRANCH}
publish:
image: *build_plugin
settings:
repo: *publish_repos
dockerfile: Dockerfile
platforms: linux/amd64
auto_tag: true
logins: *publish_logins
#build_args:
# - VERSION=${CI_COMMIT_TAG:-PR ${CI_COMMIT_PULL_REQUEST}}
# - TAG=${CI_COMMIT_TAG}
when:
event: [push, tag, cron]
branch: ${CI_REPO_DEFAULT_BRANCH}
build-next:
image: *build_plugin
settings:
repo: *publish_repos
dockerfile: Dockerfile
platforms: linux/amd64
tag: next
logins: *publish_logins
#build_args:
# - VERSION=${CI_COMMIT_TAG:-PR ${CI_COMMIT_PULL_REQUEST}}
# - TAG=${CI_COMMIT_TAG}
when:
event: [pull_request]

66
.woodpecker/master.yml Normal file
View File

@ -0,0 +1,66 @@
depends_on:
- test
pipeline:
buildMaster:
image: plugins/docker
settings:
repo: ocram85/blog
dockerfile: Dockerfile
auto_tag: true
build_args:
- NODE_BASE=lts-buster-slim
- NGINX_BASE=1.23.1-alpine
username:
from_secret: hub_user
password:
from_secret: hub_passwd
when:
event: push
branch: master
buildMasterGitea:
image: plugins/docker
settings:
registry: gitea.ocram85.com
repo: gitea.ocram85.com/ocram85/blog
dockerfile: Dockerfile
auto_tag: true
build_args:
- NODE_BASE=lts-buster-slim
- NGINX_BASE=1.23.1-alpine
username:
from_secret: gitea_user
password:
from_secret: gitea_passwd
when:
event: push
branch: master
trivyMaster:
image: aquasec/trivy:0.51.1
commands:
- |
trivy image \
--severity UNKNOWN,LOW,MEDIUM \
--no-progress \
ocram85/blog:latest
- |
trivy image \
--severity HIGH,CRITICAL \
--no-progress \
ocram85/blog:latest
when:
event: push
branch: master
triggerPortainerMaster:
image: ocram85/portainer-serviceupdate
settings:
#VERBOSE: true
URI: "https://portainer.ocram85.com"
TOKEN:
from_secret: TOKEN
when:
event: push
branch: master

56
.woodpecker/next.yml Normal file
View File

@ -0,0 +1,56 @@
depends_on:
- test
pipeline:
buildNext:
image: woodpeckerci/plugin-docker-buildx
settings:
repo: ocram85/blog
dockerfile: Dockerfile
tags: next
username:
from_secret: hub_user
password:
from_secret: hub_passwd
when:
event: pull_request
buildNextGitea:
image: woodpeckerci/plugin-docker-buildx
settings:
registry: gitea.ocram85.com
repo: gitea.ocram85.com/ocram85/blog
dockerfile: Dockerfile
tags: next
username:
from_secret: gitea_user
password:
from_secret: gitea_passwd
when:
event: pull_request
trivyNext:
image: aquasec/trivy:0.51.1
commands:
- |
trivy image \
--severity UNKNOWN,LOW,MEDIUM \
--no-progress \
ocram85/blog:next
- |
trivy image \
--severity HIGH,CRITICAL \
--no-progress \
ocram85/blog:next
when:
event: pull_request
triggerPortainer:
image: ocram85/portainer-serviceupdate
settings:
#VERBOSE: true
URI: "https://portainer.ocram85.com"
TOKEN:
from_secret: NEXT_TOKEN
when:
event: pull_request

22
.woodpecker/renovate.yml Normal file
View File

@ -0,0 +1,22 @@
pipeline:
DockerBaseImage:
image: renovate/renovate:34.108-slim
commands:
- "renovate"
secrets:
- RENOVATE_TOKEN
environment:
#LOG_LEVEL: debug
RENOVATE_PLATFORM: "gitea"
RENOVATE_ENDPOINT: "https://gitea.ocram85.com"
RENOVATE_REPOSITORIES: "${CI_REPO}"
RENOVATE_LABELS: "renovate"
#RENOVATE_DRY_RUN: "full"
RENOVATE_TOKEN: "${RENOVATE_TOKEN}"
RENOVATE_GITHUB_TOKEN_WARN: "false"
when:
event:
- push
branch:
- master
- updDeps

7
.woodpecker/test.yml Normal file
View File

@ -0,0 +1,7 @@
pipeline:
build:
image: node:lts-buster-slim
commands:
- npm install
- npm run test
- npm run build