add token and ci script

2025-02-03 12:50:52 +01:00 · 2025-02-03 12:50:52 +01:00 · a24674d57e
commit a24674d57e
parent e3a74b9089
3 changed files with 31 additions and 0 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -0,0 +1,16 @@
+steps:
+  deploy:
+    image: quay.io/wollud1969/woodpecker-helper:0.4.1
+    environment:
+      KUBE_CONFIG_CONTENT:
+        from_secret: kube_config
+      GPG_PASSPHRASE:
+        from_secret: gpg_passphrase
+    commands:
+      - export IMAGE_TAG=$CI_COMMIT_TAG
+      - printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig
+      - export KUBECONFIG=/tmp/kubeconfig
+      - ./install.sh
+    when:
+      - event: tag
+
--- a/install.sh
+++ b/install.sh
@ -9,6 +9,13 @@ kubectl create namespace $NAMESPACE \
  -o yaml | \
  kubectl -f - apply

+eval "`cat secrets.asc | /usr/local/bin/decrypt-secrets.sh`"
+kubectl create secret generic trivy-secret \
+  --dry-run=client \
+  -o yaml \
+  --save-config \
+  --from-literal=serverToken=$serverToken | \
+  kubectl apply -f - -n $NAMESPACE

 helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
 helm repo update
--- a/secrets.asc
+++ b/secrets.asc
@ -0,0 +1,8 @@
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMInXOggkRURoP70owBc5Bp2aQL5X6HfMQkHEia+YXfOjg7aleWZjz5R0oE
+8fwMoEy/trg82Y+L07/G7QzPHUJEM1wzFDLMIKw/LeiPCY/+U0L3EpCD5AnhZVDM
+ooIthRKWX02TYTMpP7pIXlYuLsBQbisne4XeyQqZAky+DosMRihO1c7pQo1f/V2x
+cEtEEQgvljNfa1XoOA==
+=FXwX
+-----END PGP MESSAGE-----