37 lines
1004 B
YAML
37 lines
1004 B
YAML
steps:
|
|
build:
|
|
image: plugins/kaniko
|
|
settings:
|
|
repo: ${FORGE_NAME}/${CI_REPO}
|
|
registry:
|
|
from_secret: container_registry
|
|
tags: latest,${CI_COMMIT_SHA},${CI_COMMIT_TAG}
|
|
username:
|
|
from_secret: container_registry_username
|
|
password:
|
|
from_secret: container_registry_password
|
|
dockerfile: Dockerfile
|
|
when:
|
|
- event: [push, tag]
|
|
scan_image:
|
|
image: aquasec/trivy
|
|
commands:
|
|
- TRIVY_DISABLE_VEX_NOTICE=1 trivy image $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA --quiet --exit-code 1
|
|
when:
|
|
- event: [push, tag]
|
|
deploy:
|
|
image: quay.io/wollud1969/k8s-admin-helper:0.2.1
|
|
environment:
|
|
KUBE_CONFIG_CONTENT:
|
|
from_secret: kube_config
|
|
GPG_PASSPHRASE:
|
|
from_secret: gpg_passphrase
|
|
commands:
|
|
- export IMAGE_TAG=$CI_COMMIT_TAG
|
|
- printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig
|
|
- export KUBECONFIG=/tmp/kubeconfig
|
|
- ./deployment/deploy.sh
|
|
when:
|
|
- event: tag
|
|
|