parent
9cbc294969
commit
3efe3a0941
@ -1,63 +1,76 @@
|
|||||||
|
|
||||||
The Hipchat plugin sends build status messages to users and rooms. The below pipeline configuration demonstrates simple usage:
|
The Clair plugin scans your docker image for security vulnerabilities. The below pipeline configuration demonstrates simple usage:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
pipeline:
|
pipeline:
|
||||||
clair:
|
clair:
|
||||||
image: Unikorn123/drone-clair
|
image: jmccann/drone-clair:1
|
||||||
url: http://clair.company.com
|
url: http://clair.company.com
|
||||||
username: johndoe
|
username: johndoe
|
||||||
password: mysecret
|
password: mysecret
|
||||||
scan_image: python:2.7
|
scan_image: python:2.7
|
||||||
```
|
```
|
||||||
|
|
||||||
# Secrets
|
To verify https/ssl connections with a different CA certificate use `ca_cert`
|
||||||
|
|
||||||
The Hipchat plugin supports reading credentials from the Drone secret store. This is strongly recommended instead of storing credentials in the pipeline configuration in plain text.
|
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
pipeline:
|
pipeline:
|
||||||
slack:
|
clair:
|
||||||
image: jmccann/drone-hipchat
|
image: jmccann/drone-clair:1
|
||||||
room: my-room
|
url: http://clair.company.com
|
||||||
- auth_token: my-auth-token
|
username: johndoe
|
||||||
|
password: mysecret
|
||||||
|
scan_image: python:2.7
|
||||||
|
+ ca_cert: |
|
||||||
|
+ -----BEGIN CERTIFICATE-----
|
||||||
|
+ MII...
|
||||||
|
+ -----END CERTIFICATE-----
|
||||||
```
|
```
|
||||||
|
|
||||||
The above `auth_token` Yaml attribute can be replaced with the `HIPCHAT_AUTH_TOKEN` secret environment variable.
|
# Secrets
|
||||||
|
|
||||||
Use the command line utility to add secrets to the store:
|
The Clair plugin supports reading credentials from the Drone secret store. This is strongly recommended instead of storing credentials in the pipeline configuration in plain text.
|
||||||
|
|
||||||
```nohighlight
|
```diff
|
||||||
drone secret add --image=jmccann/drone-hipchat \
|
pipeline:
|
||||||
octocat/hello-world HIPCHAT_AUTH_TOKEN abcd1234
|
clair:
|
||||||
|
image: jmccann/drone-clair:1
|
||||||
|
url: http://clair.company.com
|
||||||
|
- username: johndoe
|
||||||
|
- password: mysecret
|
||||||
|
scan_image: python:2.7
|
||||||
```
|
```
|
||||||
|
|
||||||
Don't forget to sign the Yaml after making changes:
|
The above `username` and `password` Yaml attributes can be replaced with the `DOCKER_USERNAME` and `DOCKER_PASSWORD` secret environment variables.
|
||||||
|
Please see the Drone [documentation]({{< secret-link >}}) to learn more about secrets.
|
||||||
|
|
||||||
```nohighlight
|
# Secret Reference
|
||||||
drone sign octocat/hello-world
|
|
||||||
```
|
|
||||||
|
|
||||||
Please see the [Drone documentation](http://readme.drone.io/0.5/secrets-with-plugins/) to learn more about secrets.
|
DOCKER_USERNAME
|
||||||
|
: paired with `username` - The username to authenticate to the docker registry with
|
||||||
|
|
||||||
# Secret Reference
|
DOCKER_PASSWORD
|
||||||
|
: paired with `password` - The password to authenticate to the docker registry with
|
||||||
|
|
||||||
|
CLAIR_URL
|
||||||
|
: paired with `url` - Clair server URL
|
||||||
|
|
||||||
HIPCHAT_AUTH_TOKEN
|
CLAIR_CA_CERT
|
||||||
: HipChat V2 API token
|
: paired with `ca_cert` - The CA Cert to verify https with
|
||||||
|
|
||||||
# Parameter Reference
|
# Parameter Reference
|
||||||
|
|
||||||
url
|
url
|
||||||
: HipChat server URL, defaults to `https://api.hipchat.com`
|
: Clair server URL
|
||||||
|
|
||||||
auth_token
|
username
|
||||||
: HipChat V2 API token; use a room or user token with the `Send Notification` scope
|
: Docker Registry username to download the `scan_image` from
|
||||||
|
|
||||||
room
|
password
|
||||||
: ID or URL encoded name of the room
|
: Docker Registry password to download the `scan_image` from
|
||||||
|
|
||||||
from: drone
|
scan_image
|
||||||
: A label to be shown in addition to sender's name
|
: The docker image to scan. Supports Docker Hub or private repos.
|
||||||
|
|
||||||
notify: false
|
ca_cert
|
||||||
: Whether this message should trigger a user notification. See https://www.hipchat.com/docs/apiv2/method/private_message_user
|
: The CA Cert to verify https with
|
||||||
|
Loading…
Reference in new issue