From 2fd6a92f6d80ef00c16f3cf7522c2aa0fe153001 Mon Sep 17 00:00:00 2001 From: Andrey Arapov Date: Sat, 14 Jul 2018 16:06:03 +0200 Subject: [PATCH] add .drone.yml --- .drone.yml | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 83 insertions(+), 6 deletions(-) diff --git a/.drone.yml b/.drone.yml index bcf8dca..d4df4c8 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,12 +1,89 @@ -workspace: - base: /go - path: src/github.com/jmccann/drone-clair - pipeline: build: - image: golang:1.7 + image: golang:1.10-alpine environment: - CGO_ENABLED=0 + - GOPATH=/drone commands: - - go test -cover -coverprofile=coverage.out + - set -x + - apk add --update --no-cache git + - go test -v -cover -coverprofile=coverage.out - go build -ldflags "-s -w -X main.revision=$(git rev-parse HEAD)" -a + + restore_cache: + image: drillster/drone-volume-cache:latest + restore: true + mount: + - /drone/docker + # Set the ``DRONE_VOLUME=/tmp/drone-cache:/cache`` drone-server variable, + # so you can benefit from the caching. + # Otherwise you will have to make this repository trusted in Drone and use + # the volumes as follows. + # volumes: + # - /tmp/drone-cache:/cache + + # drone repo add arno/drone-clair + # drone secret add/update --name docker_username --value arno --event push --event tag --event deployment arno/drone-clair + # drone secret add/update --name docker_password --value "$(pass show vps/registry.nixaid.com | head -1)" --event push --event tag --event deployment arno/drone-clair + publish: + image: plugins/docker:17.12 + # repo: andrey01/${DRONE_REPO_NAME} + registry: registry.nixaid.com + repo: registry.nixaid.com/arno/${DRONE_REPO_NAME} + tags: + - latest + # - ${DRONE_COMMIT_SHA:0:7} + # group: docker + # dockerfile: Dockerfile + secrets: [docker_username, docker_password] + # Since we restore the docker image cache to /drone/docker + storage_path: /drone/docker + use_cache: true + when: + event: [push, tag] + branch: master + + rebuild_cache: + image: drillster/drone-volume-cache:latest + rebuild: true + mount: + - /drone/docker + # Set the ``DRONE_VOLUME=/tmp/drone-cache:/cache`` drone-server variable, + # so you can benefit from the caching. + # Otherwise you will have to make this repository trusted in Drone and use + # the volumes as follows. + # volumes: + # - /tmp/drone-cache:/cache + + # ca_cert comes from /srv/data/registry/certs/ca.crt + claircheck: + # image: jmccann/drone-clair:1 + image: andrey01/drone-clair + url: http://clair:6060 + secrets: [ docker_username, docker_password ] + # ignore errors for now. This will work only in drone 0.9 https://github.com/drone/drone-runtime/commit/3e8bd99f60f4032226523320cd2b2321f9525159 + err_ignore: true + scan_image: registry.nixaid.com/arno/${DRONE_REPO_NAME}:latest + ca_cert: | + -----BEGIN CERTIFICATE----- + MIIBOjCB4KADAgECAgkAzhpbLWXa4H0wCgYIKoZIzj0EAwIwEDEOMAwGA1UEAwwF + bXktQ0EwHhcNMTgwNzA5MjIzMTAzWhcNMjgwNzA2MjIzMTAzWjAQMQ4wDAYDVQQD + DAVteS1DQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFIE8bTfQ76U5qG/Xgjw + BbQU0oRJLYlRxBIWF9MTNSJr2LoaoyrU8jrcWQGRrfKPoVuwUJWp2tp5SJy0AHH7 + 4fijIzAhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKkMAoGCCqGSM49 + BAMCA0kAMEYCIQCYbTbxRD2yX4LzGjh84fKPWPQM9ps8RE2nfwZjqdRUGgIhAOHb + USigh6FzqEPk2jiaV3t1wNtChRWRfupTKG6CD345 + -----END CERTIFICATE----- + + notify: + image: drillster/drone-email:latest + from: Drone CI + subject: NIXAID Drone Pipeline {{#success build.status}}SUCCESS{{else}}FAILURE{{/success}} Notification + host: mail.nixaid.com + port: 587 + # username: arno + # secrets: [ email_username, email_password ] + # recipients: [ andrey.arapov@nixaid.com ] + when: + status: [success, failure] # changed + event: [push, tag]