push to private regitsry and analyze by clair
Some checks failed
the build failed

This commit is contained in:
Andy 2018-07-11 11:06:54 +02:00
parent bf8b21dc07
commit 50ee81ae5b
Signed by: arno
GPG Key ID: 9076D5E6B31AE99C

View File

@ -18,12 +18,16 @@ pipeline:
# volumes:
# - /tmp/drone-cache:/cache
# drone secret update --name docker_username --value arno --event push --event tag --event deployment arno/hipchat
# drone secret update --name docker_password --value "$(pass show vps/registry.nixaid.com | head -1)" --event push --event tag --event deployment arno/hipchat
publish:
image: plugins/docker:17.12
repo: andrey01/${DRONE_REPO_NAME}
# repo: andrey01/${DRONE_REPO_NAME}
registry: registry.nixaid.com
repo: registry.nixaid.com/andrey01/${DRONE_REPO_NAME}
tags:
- latest
- ${DRONE_COMMIT_SHA:0:7}
# - ${DRONE_COMMIT_SHA:0:7}
# group: docker
# dockerfile: Dockerfile
secrets: [docker_username, docker_password]
@ -34,6 +38,24 @@ pipeline:
event: [push, tag]
branch: master
# ca_cert comes from /srv/data/registry/certs/ca.crt
claircheck:
# image: jmccann/drone-clair:1
image: andrey01/drone-clair
url: http://clair:6060
secrets: [ docker_username, docker_password ]
scan_image: registry.nixaid.com/andrey01/${DRONE_REPO_NAME}:latest
ca_cert: |
-----BEGIN CERTIFICATE-----
MIIBOjCB4KADAgECAgkAzhpbLWXa4H0wCgYIKoZIzj0EAwIwEDEOMAwGA1UEAwwF
bXktQ0EwHhcNMTgwNzA5MjIzMTAzWhcNMjgwNzA2MjIzMTAzWjAQMQ4wDAYDVQQD
DAVteS1DQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFIE8bTfQ76U5qG/Xgjw
BbQU0oRJLYlRxBIWF9MTNSJr2LoaoyrU8jrcWQGRrfKPoVuwUJWp2tp5SJy0AHH7
4fijIzAhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKkMAoGCCqGSM49
BAMCA0kAMEYCIQCYbTbxRD2yX4LzGjh84fKPWPQM9ps8RE2nfwZjqdRUGgIhAOHb
USigh6FzqEPk2jiaV3t1wNtChRWRfupTKG6CD345
-----END CERTIFICATE-----
rebuild_cache:
image: drillster/drone-volume-cache:latest
rebuild: true