|
|
|
|
@ -18,12 +18,16 @@ pipeline:
|
|
|
|
|
# volumes:
|
|
|
|
|
# - /tmp/drone-cache:/cache
|
|
|
|
|
|
|
|
|
|
# drone secret update --name docker_username --value arno --event push --event tag --event deployment arno/hipchat
|
|
|
|
|
# drone secret update --name docker_password --value "$(pass show vps/registry.nixaid.com | head -1)" --event push --event tag --event deployment arno/hipchat
|
|
|
|
|
publish:
|
|
|
|
|
image: plugins/docker:17.12
|
|
|
|
|
repo: andrey01/${DRONE_REPO_NAME}
|
|
|
|
|
# repo: andrey01/${DRONE_REPO_NAME}
|
|
|
|
|
registry: registry.nixaid.com
|
|
|
|
|
repo: registry.nixaid.com/andrey01/${DRONE_REPO_NAME}
|
|
|
|
|
tags:
|
|
|
|
|
- latest
|
|
|
|
|
- ${DRONE_COMMIT_SHA:0:7}
|
|
|
|
|
# - ${DRONE_COMMIT_SHA:0:7}
|
|
|
|
|
# group: docker
|
|
|
|
|
# dockerfile: Dockerfile
|
|
|
|
|
secrets: [docker_username, docker_password]
|
|
|
|
|
@ -34,6 +38,24 @@ pipeline:
|
|
|
|
|
event: [push, tag]
|
|
|
|
|
branch: master
|
|
|
|
|
|
|
|
|
|
# ca_cert comes from /srv/data/registry/certs/ca.crt
|
|
|
|
|
claircheck:
|
|
|
|
|
# image: jmccann/drone-clair:1
|
|
|
|
|
image: andrey01/drone-clair
|
|
|
|
|
url: http://clair:6060
|
|
|
|
|
secrets: [ docker_username, docker_password ]
|
|
|
|
|
scan_image: registry.nixaid.com/andrey01/${DRONE_REPO_NAME}:latest
|
|
|
|
|
ca_cert: |
|
|
|
|
|
-----BEGIN CERTIFICATE-----
|
|
|
|
|
MIIBOjCB4KADAgECAgkAzhpbLWXa4H0wCgYIKoZIzj0EAwIwEDEOMAwGA1UEAwwF
|
|
|
|
|
bXktQ0EwHhcNMTgwNzA5MjIzMTAzWhcNMjgwNzA2MjIzMTAzWjAQMQ4wDAYDVQQD
|
|
|
|
|
DAVteS1DQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFIE8bTfQ76U5qG/Xgjw
|
|
|
|
|
BbQU0oRJLYlRxBIWF9MTNSJr2LoaoyrU8jrcWQGRrfKPoVuwUJWp2tp5SJy0AHH7
|
|
|
|
|
4fijIzAhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKkMAoGCCqGSM49
|
|
|
|
|
BAMCA0kAMEYCIQCYbTbxRD2yX4LzGjh84fKPWPQM9ps8RE2nfwZjqdRUGgIhAOHb
|
|
|
|
|
USigh6FzqEPk2jiaV3t1wNtChRWRfupTKG6CD345
|
|
|
|
|
-----END CERTIFICATE-----
|
|
|
|
|
|
|
|
|
|
rebuild_cache:
|
|
|
|
|
image: drillster/drone-volume-cache:latest
|
|
|
|
|
rebuild: true
|
|
|
|
|
|
