Blog/.woodpecker/.master.yml

depends_on:
  - test

pipeline:
  buildMaster:
    image: plugins/docker
    settings:
      repo: ocram85/blog
      dockerfile: Dockerfile
      auto_tag: true
      build_args:
        - NODE_BASE=lts-buster-slim
        - NGINX_BASE=1.23.1-alpine
      username:
        from_secret: hub_user
      password:
        from_secret: hub_passwd
    when:
      event: push
      branch: master

  buildMasterGitea:
    image: plugins/docker
    settings:
      registry: gitea.ocram85.com
      repo: gitea.ocram85.com/ocram85/blog
      dockerfile: Dockerfile
      auto_tag: true
      build_args:
        - NODE_BASE=lts-buster-slim
        - NGINX_BASE=1.23.1-alpine
      username:
        from_secret: gitea_user
      password:
        from_secret: gitea_passwd
    when:
      event: push
      branch: master

  trivyMaster:
    image: aquasec/trivy:0.24.3
    commands:
      - |
        trivy image \
          --severity UNKNOWN,LOW,MEDIUM \
          --no-progress \
          ocram85/blog:latest        
      - |
        trivy image \
          --exit-code 1 \
          --severity HIGH,CRITICAL \
          --no-progress \
          ocram85/blog:latest        
    when:
      event: push
      branch: master

  triggerPortainerMaster:
    image: ocram85/portainer-serviceupdate
    settings:
      #VERBOSE: true
      URI: "https://portainer.ocram85.com"
      TOKEN:
        from_secret: TOKEN
    when:
      event: push
      branch: master