add token and ci script

.woodpecker.yml

@@ -0,0 +1,16 @@
+steps:
+  deploy:
+    image: quay.io/wollud1969/woodpecker-helper:0.4.1
+    environment:
+      KUBE_CONFIG_CONTENT:
+        from_secret: kube_config
+      GPG_PASSPHRASE:
+        from_secret: gpg_passphrase
+    commands:
+      - export IMAGE_TAG=$CI_COMMIT_TAG
+      - printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig
+      - export KUBECONFIG=/tmp/kubeconfig
+      - ./install.sh
+    when:
+      - event: tag
+

install.sh

@@ -9,6 +9,13 @@ kubectl create namespace $NAMESPACE \
   -o yaml | \
   kubectl -f - apply
 
+eval "`cat secrets.asc | /usr/local/bin/decrypt-secrets.sh`"
+kubectl create secret generic trivy-secret \
+  --dry-run=client \
+  -o yaml \
+  --save-config \
+  --from-literal=serverToken=$serverToken | \
+  kubectl apply -f - -n $NAMESPACE
 
 helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
 helm repo update

secrets.asc

@@ -0,0 +1,8 @@
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMInXOggkRURoP70owBc5Bp2aQL5X6HfMQkHEia+YXfOjg7aleWZjz5R0oE
+8fwMoEy/trg82Y+L07/G7QzPHUJEM1wzFDLMIKw/LeiPCY/+U0L3EpCD5AnhZVDM
+ooIthRKWX02TYTMpP7pIXlYuLsBQbisne4XeyQqZAky+DosMRihO1c7pQo1f/V2x
+cEtEEQgvljNfa1XoOA==
+=FXwX
+-----END PGP MESSAGE-----