From 0e08abd1099310475425c99aac3dece6dd307714 Mon Sep 17 00:00:00 2001 From: Wolfgang Hottgenroth Date: Fri, 4 Apr 2025 12:50:10 +0200 Subject: [PATCH] initial with woodpecker and quay.io --- .gitlab-ci.yml | 22 ------------- .woodpecker.yml | 85 +++++++++++++++++++++++++++++++++++++++++++++++++ Dockerfile | 20 ++---------- VERSION | 1 - 4 files changed, 88 insertions(+), 40 deletions(-) delete mode 100644 .gitlab-ci.yml create mode 100644 .woodpecker.yml delete mode 100644 VERSION diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index cb41526..0000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,22 +0,0 @@ -image: docker:stable - -stages: - - build - -variables: - IMAGE_NAME: registry.gitlab.com/wolutator/networktools - -build: - stage: build - tags: - - hottis - - linux - - docker - script: - - VERSION=`cat VERSION` - - echo "Version is $VERSION" - - docker build --tag $IMAGE_NAME:latest --tag $IMAGE_NAME:$VERSION . - - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY - - docker push $IMAGE_NAME:latest - - docker push $IMAGE_NAME:$VERSION - diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..63ad084 --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,85 @@ +steps: + build: + image: plugins/kaniko + settings: + repo: ${FORGE_NAME}/${CI_REPO} + registry: + from_secret: container_registry + tags: latest,${CI_COMMIT_SHA},${CI_COMMIT_TAG} + username: + from_secret: container_registry_username + password: + from_secret: container_registry_password + dockerfile: Dockerfile + when: + - event: [push, tag] + + scan_image: + image: aquasec/trivy + environment: + TRIVY_TOKEN: + from_secret: trivy_token + TRIVY_URL: + from_secret: trivy_url + commands: + - | + env TRIVY_DISABLE_VEX_NOTICE=1 \ + trivy image \ + --server $TRIVY_URL \ + --token $TRIVY_TOKEN \ + --quiet \ + --exit-code 1 \ + $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA + when: + - event: [push, tag] + + generate_sbom: + image: quay.io/wollud1969/woodpecker-helper:0.5.1 + environment: + TRIVY_TOKEN: + from_secret: trivy_token + TRIVY_URL: + from_secret: trivy_url + DTRACK_API_KEY: + from_secret: dtrack_api_key + DTRACK_API_URL: + from_secret: dtrack_api_url + commands: + - HOME=/home/`id -nu` + - TAG="${CI_COMMIT_TAG:-$CI_COMMIT_SHA}" + - | + trivy image \ + --server $TRIVY_URL \ + --token $TRIVY_TOKEN \ + --format cyclonedx \ + --scanners license \ + --output /tmp/sbom.xml \ + $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA + - cat /tmp/sbom.xml + - | + curl -X "POST" \ + -H "Content-Type: multipart/form-data" \ + -H "X-Api-Key: $DTRACK_API_KEY" \ + -F "autoCreate=true" \ + -F "projectName=$CI_REPO" \ + -F "projectVersion=$TAG" \ + -F "bom=@/tmp/sbom.xml"\ + "$DTRACK_API_URL/api/v1/bom" + when: + - event: [tag] + + build: + image: plugins/kaniko + settings: + repo: quay.io/wollud1969/networktools + registry: quay.io + tags: + - latest + - ${CI_COMMIT_TAG} + username: + from_secret: quay_username + password: + from_secret: quay_password + dockerfile: Dockerfile + when: + - event: [tag] diff --git a/Dockerfile b/Dockerfile index 6be10d2..f79b0b8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,25 +1,11 @@ FROM debian:latest LABEL Maintainer="Wolfgang Hottgenroth " -LABEL ImageName="registry.gitlab.com/wolutator/networktools" RUN \ - apt-get update && \ - apt-get install -y make && \ - apt-get install -y openssh-client && \ - apt-get install -y git && \ - apt-get install -y python && \ - apt-get install -y python-requests && \ - apt-get install -y gpg && \ - apt-get install -y apt-transport-https && \ - apt-get install -y wget && \ - apt-get install -y curl && \ - apt-get install -y nmap && \ - apt-get install -y snmp && \ - apt-get install -y netcat && \ - apt-get install -y tcpdump + apt update && \ + apt upgrade -y --autoremove && \ + apt install make openssh-client git python3 python3-requests gpg apt-transport-https whet curl nmap snmp netcat tcpdump dnsutils net-tools - - diff --git a/VERSION b/VERSION deleted file mode 100644 index 49d5957..0000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -0.1