steps: build: image: plugins/kaniko settings: repo: ${FORGE_NAME}/${CI_REPO} registry: from_secret: container_registry tags: latest,${CI_COMMIT_SHA},${CI_COMMIT_TAG} username: from_secret: container_registry_username password: from_secret: container_registry_password dockerfile: Dockerfile when: - event: [push, tag] scan_image: image: aquasec/trivy commands: - trivy image $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA --quiet --exit-code 1 when: - event: [push, tag] deploy: image: quay.io/wollud1969/k8s-admin-helper:0.1.3 environment: KUBE_CONFIG_CONTENT: from_secret: kube_config GPG_PASSPHRASE: from_secret: gpg_passphrase commands: - export IMAGE_TAG=$CI_COMMIT_TAG - printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig - export KUBECONFIG=/tmp/kubeconfig - ./deployment/deploy.sh when: - event: tag