diff --git a/.dictionary b/.dictionary
new file mode 100644
index 0000000..e69de29
diff --git a/.drone.yml b/.drone.yml
deleted file mode 100644
index 59a1246..0000000
--- a/.drone.yml
+++ /dev/null
@@ -1,176 +0,0 @@
----
-kind: pipeline
-name: test
-
-platform:
- os: linux
- arch: amd64
-
-steps:
- - name: markdownlint
- image: thegeeklab/markdownlint-cli
- commands:
- - markdownlint 'README.md'
-
-trigger:
- ref:
- - refs/heads/main
- - refs/tags/**
- - refs/pull/**
-
----
-kind: pipeline
-name: build-container
-
-platform:
- os: linux
- arch: amd64
-
-steps:
- - name: tags
- image: thegeeklab/docker-autotag
- environment:
- DOCKER_AUTOTAG_FORCE_LATEST: True
- DOCKER_AUTOTAG_IGNORE_PRERELEASE: True
- DOCKER_AUTOTAG_OUTPUT_FILE: .tags
- DOCKER_AUTOTAG_VERSION: ${DRONE_TAG}
-
- - name: dryrun
- image: thegeeklab/drone-docker-buildx:23
- settings:
- dockerfile: Dockerfile.multiarch
- dry_run: true
- platforms:
- - linux/amd64
- - linux/arm64
- - linux/arm/v7
- - linux/arm/v6
- provenance: false
- repo: thegeeklab/${DRONE_REPO_NAME}
- when:
- ref:
- - refs/pull/**
- depends_on:
- - tags
-
- - name: publish-dockerhub
- image: thegeeklab/drone-docker-buildx:23
- settings:
- dockerfile: Dockerfile.multiarch
- password:
- from_secret: docker_password
- platforms:
- - linux/amd64
- - linux/arm64
- - linux/arm/v7
- - linux/arm/v6
- provenance: false
- repo: thegeeklab/${DRONE_REPO_NAME}
- username:
- from_secret: docker_username
- when:
- ref:
- - refs/heads/main
- - refs/tags/**
- depends_on:
- - dryrun
-
- - name: publish-quay
- image: thegeeklab/drone-docker-buildx:23
- settings:
- dockerfile: Dockerfile.multiarch
- password:
- from_secret: quay_password
- platforms:
- - linux/amd64
- - linux/arm64
- - linux/arm/v7
- - linux/arm/v6
- provenance: false
- registry: quay.io
- repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
- username:
- from_secret: quay_username
- when:
- ref:
- - refs/heads/main
- - refs/tags/**
- depends_on:
- - dryrun
-
-trigger:
- ref:
- - refs/heads/main
- - refs/tags/**
- - refs/pull/**
-
-depends_on:
- - test
-
----
-kind: pipeline
-name: notifications
-
-platform:
- os: linux
- arch: amd64
-
-steps:
- - name: pushrm-dockerhub
- image: chko/docker-pushrm:1
- environment:
- DOCKER_PASS:
- from_secret: docker_password
- DOCKER_USER:
- from_secret: docker_username
- PUSHRM_FILE: README.md
- PUSHRM_SHORT: Custom Alpine image including a common toolset
- PUSHRM_TARGET: thegeeklab/${DRONE_REPO_NAME}
- when:
- status:
- - success
-
- - name: pushrm-quay
- image: chko/docker-pushrm:1
- environment:
- APIKEY__QUAY_IO:
- from_secret: quay_token
- PUSHRM_FILE: README.md
- PUSHRM_TARGET: quay.io/thegeeklab/${DRONE_REPO_NAME}
- when:
- status:
- - success
-
- - name: matrix
- image: thegeeklab/drone-matrix
- settings:
- homeserver:
- from_secret: matrix_homeserver
- password:
- from_secret: matrix_password
- roomid:
- from_secret: matrix_roomid
- template: "Status: **{{ .Build.Status }}**
Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}
Message: {{ .Commit.Message.Title }}"
- username:
- from_secret: matrix_username
- when:
- status:
- - success
- - failure
-
-trigger:
- ref:
- - refs/heads/main
- - refs/tags/**
- status:
- - success
- - failure
-
-depends_on:
- - build-container
-
----
-kind: signature
-hmac: d617b5f20a39e588746d4bbffe6b257578af7be614eb281945ad835e7bcebacd
-
-...
diff --git a/.woodpecker/build-container.yml b/.woodpecker/build-container.yml
new file mode 100644
index 0000000..916ddae
--- /dev/null
+++ b/.woodpecker/build-container.yml
@@ -0,0 +1,89 @@
+---
+when:
+ - event: [pull_request, tag]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+steps:
+ security-build:
+ image: quay.io/thegeeklab/wp-docker-buildx:1
+ settings:
+ containerfile: Containerfile.multiarch
+ output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
+ repo: ${CI_REPO}
+
+ security-scan:
+ image: ghcr.io/aquasecurity/trivy
+ commands:
+ - trivy -v
+ - trivy image --input oci/${CI_REPO_NAME}
+ environment:
+ TRIVY_EXIT_CODE: 1
+ TRIVY_IGNORE_UNFIXED: True
+ TRIVY_NO_PROGRESS: True
+ TRIVY_SEVERITY: HIGH,CRITICAL
+ TRIVY_TIMEOUT: 1m
+ TRIVY_SKIP_FILES: /usr/local/bin/gomplate
+
+ dryrun:
+ image: quay.io/thegeeklab/wp-docker-buildx:1
+ settings:
+ containerfile: Containerfile.multiarch
+ dry_run: true
+ platforms:
+ - linux/amd64
+ - linux/arm64
+ - linux/arm/v7
+ provenance: false
+ repo: ${CI_REPO}
+ when:
+ - event: [pull_request]
+
+ publish-dockerhub:
+ group: container
+ image: quay.io/thegeeklab/wp-docker-buildx:1
+ settings:
+ auto_tag: true
+ containerfile: Containerfile.multiarch
+ password:
+ from_secret: docker_password
+ platforms:
+ - linux/amd64
+ - linux/arm64
+ - linux/arm/v7
+ provenance: false
+ repo: ${CI_REPO}
+ username:
+ from_secret: docker_username
+ when:
+ - event: [tag]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+ publish-quay:
+ group: container
+ image: quay.io/thegeeklab/wp-docker-buildx:1
+ settings:
+ auto_tag: true
+ containerfile: Containerfile.multiarch
+ password:
+ from_secret: quay_password
+ platforms:
+ - linux/amd64
+ - linux/arm64
+ - linux/arm/v7
+ provenance: false
+ registry: quay.io
+ repo: quay.io/${CI_REPO}
+ username:
+ from_secret: quay_username
+ when:
+ - event: [tag]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+depends_on:
+ - test
diff --git a/.woodpecker/docs.yml b/.woodpecker/docs.yml
new file mode 100644
index 0000000..4b388fa
--- /dev/null
+++ b/.woodpecker/docs.yml
@@ -0,0 +1,61 @@
+---
+when:
+ - event: [pull_request, tag]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+steps:
+ markdownlint:
+ image: quay.io/thegeeklab/markdownlint-cli
+ commands:
+ - markdownlint 'README.md'
+
+ spellcheck:
+ image: quay.io/thegeeklab/alpine-tools
+ commands:
+ - spellchecker --files '_docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls
+ environment:
+ FORCE_COLOR: "true"
+ NPM_CONFIG_LOGLEVEL: "error"
+
+ link-validation:
+ image: docker.io/lycheeverse/lychee
+ group: test
+ commands:
+ - lychee --no-progress --format detailed README.md
+
+ pushrm-dockerhub:
+ image: docker.io/chko/docker-pushrm:1
+ secrets:
+ - source: docker_password
+ target: DOCKER_PASS
+ - source: docker_username
+ target: DOCKER_USER
+ environment:
+ PUSHRM_FILE: README.md
+ PUSHRM_SHORT: Custom Alpine image including a common toolset
+ PUSHRM_TARGET: ${CI_REPO}
+ when:
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+ status: [success]
+
+ pushrm-quay:
+ image: docker.io/chko/docker-pushrm:1
+ secrets:
+ - source: quay_token
+ target: APIKEY__QUAY_IO
+ environment:
+ PUSHRM_FILE: README.md
+ PUSHRM_TARGET: quay.io/${CI_REPO}
+ when:
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+ status: [success]
+
+depends_on:
+ - build-package
+ - build-container
diff --git a/.woodpecker/notify.yml b/.woodpecker/notify.yml
new file mode 100644
index 0000000..a851904
--- /dev/null
+++ b/.woodpecker/notify.yml
@@ -0,0 +1,26 @@
+---
+when:
+ - event: [tag]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+runs_on: [success, failure]
+
+steps:
+ matrix:
+ image: quay.io/thegeeklab/wp-matrix
+ settings:
+ homeserver:
+ from_secret: matrix_homeserver
+ password:
+ from_secret: matrix_password
+ roomid:
+ from_secret: matrix_roomid
+ username:
+ from_secret: matrix_username
+ when:
+ - status: [success, failure]
+
+depends_on:
+ - docs
diff --git a/Dockerfile.multiarch b/Containerfile.multiarch
similarity index 100%
rename from Dockerfile.multiarch
rename to Containerfile.multiarch