Compare commits

...

23 Commits

Author SHA1 Message Date
d1b3dd7438
ci: add read-only pull secret to security build
All checks were successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-11-14 21:09:57 +01:00
e8936ca2c2 chore(docker): update node.js to 4b44c32
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-11-13 00:05:52 +00:00
12b1014e37 chore(docker): update node.js to f73e9c7
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-10-31 00:02:13 +00:00
f877d4c455 chore(docker): update node.js to 169ac94
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-10-30 01:02:22 +00:00
b53e50186b
ci: replace deprecated workflow syntax
All checks were successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
ci/woodpecker/tag/build-package Pipeline was successful
ci/woodpecker/tag/build-container Pipeline was successful
ci/woodpecker/tag/docs Pipeline was successful
ci/woodpecker/tag/notify Pipeline was successful
2024-10-26 20:55:54 +02:00
09eb59f4da chore(docker): update node.js to ec35a66
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-10-18 00:02:25 +00:00
945e381477 chore(docker): update node.js to 967bab2
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-10-05 01:03:14 +00:00
86e43bb714 chore(docker): update node.js to 9c488cd
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-10-05 00:02:34 +00:00
264acd37ed chore(docker): update node.js to 2394e40
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-09-28 01:03:23 +00:00
cf487984cc chore(docker): update node.js to a4d47ec
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-09-28 00:02:42 +00:00
a74d968c30 chore(docker): update node.js to df85129
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-09-06 00:03:37 +00:00
5af1799179 chore(docker): update node.js to 9fb2039
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-08-22 01:04:19 +00:00
74075aa223 chore(docker): update docker.io/node:lts-bookworm-slim docker digest to 2d45856
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-08-14 00:03:44 +00:00
9e4b2021d8 chore(deps): update dependency mikefarah/yq to v4.44.3 (#382)
All checks were successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
Reviewed-on: #382
Co-authored-by: Renovator Bot <renovator@rknet.org>
Co-committed-by: Renovator Bot <renovator@rknet.org>
2024-08-12 12:14:21 +02:00
f63af3142b
ci: fix notification step
All checks were successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
ci/woodpecker/tag/build-package Pipeline was successful
ci/woodpecker/tag/build-container Pipeline was successful
ci/woodpecker/tag/docs Pipeline was successful
ci/woodpecker/tag/notify Pipeline was successful
2024-08-12 09:41:15 +02:00
eca016f7f9 chore(deps): update quay.io/thegeeklab/wp-docker-buildx docker tag to v5 (#381)
Some checks failed
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline failed
Reviewed-on: #381
Co-authored-by: Renovator Bot <renovator@rknet.org>
Co-committed-by: Renovator Bot <renovator@rknet.org>
2024-08-12 09:23:03 +02:00
675cce1bb7 chore(docker): update docker.io/node:lts-bookworm-slim docker digest to a22f79e (#380)
Some checks failed
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/docs unknown status
ci/woodpecker/push/build-container Pipeline failed
ci/woodpecker/push/notify Pipeline failed
Reviewed-on: #380
Co-authored-by: Renovator Bot <renovator@rknet.org>
Co-committed-by: Renovator Bot <renovator@rknet.org>
2024-08-12 09:22:48 +02:00
336d2df01f chore(deps): update dependency @lhci/cli to v0.14.0 (#379)
Some checks failed
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline failed
ci/woodpecker/push/docs unknown status
ci/woodpecker/push/notify Pipeline failed
Reviewed-on: #379
Co-authored-by: Renovator Bot <renovator@rknet.org>
Co-committed-by: Renovator Bot <renovator@rknet.org>
2024-08-12 09:22:34 +02:00
72164ec7db chore(deps): update dependency mikefarah/yq to v4.44.2 (#378)
All checks were successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
Reviewed-on: #378
Co-authored-by: Renovator Bot <renovator@rknet.org>
Co-committed-by: Renovator Bot <renovator@rknet.org>
2024-06-16 21:27:37 +02:00
647e59f55d chore(docker): update node.js to 0ff3b9e
All checks were successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
2024-06-14 00:03:26 +00:00
ab260a546d chore(docker): update node.js to a163012
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-05-29 00:33:19 +00:00
54ac4c3547 chore(docker): update node.js to cffed8c
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-05-15 00:02:43 +00:00
84e07d5e06 chore(docker): update node.js to 8a60b73
All checks were successful
ci/woodpecker/pr/build-package Pipeline was successful
ci/woodpecker/pr/build-container Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
2024-05-14 03:02:27 +00:00
4 changed files with 27 additions and 26 deletions

View File

@ -7,14 +7,17 @@ when:
steps:
- name: security-build
image: quay.io/thegeeklab/wp-docker-buildx:4
image: quay.io/thegeeklab/wp-docker-buildx:5
settings:
containerfile: Containerfile
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
repo: thegeeklab/${CI_REPO_NAME}
registry_config:
from_secret: DOCKER_REGISTRY_CONFIG_PULL
- name: security-scan
image: ghcr.io/aquasecurity/trivy
image: docker.io/aquasec/trivy
depends_on: security-build
commands:
- trivy -v
- trivy image --input oci/${CI_REPO_NAME}
@ -24,10 +27,11 @@ steps:
TRIVY_NO_PROGRESS: "true"
TRIVY_SEVERITY: HIGH,CRITICAL
TRIVY_TIMEOUT: 1m
TRIVY_DB_REPOSITORY: docker.io/aquasec/trivy-db:2
- name: publish-dockerhub
image: quay.io/thegeeklab/wp-docker-buildx:4
group: container
image: quay.io/thegeeklab/wp-docker-buildx:5
depends_on: security-scan
settings:
auto_tag: true
containerfile: Containerfile
@ -44,8 +48,8 @@ steps:
- ${CI_REPO_DEFAULT_BRANCH}
- name: publish-quay
image: quay.io/thegeeklab/wp-docker-buildx:4
group: container
image: quay.io/thegeeklab/wp-docker-buildx:5
depends_on: security-scan
settings:
auto_tag: true
containerfile: Containerfile

View File

@ -8,13 +8,11 @@ when:
steps:
- name: markdownlint
image: quay.io/thegeeklab/markdownlint-cli
group: test
commands:
- markdownlint 'README.md'
- name: spellcheck
image: quay.io/thegeeklab/alpine-tools
group: test
commands:
- spellchecker --files '_docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls
environment:
@ -22,18 +20,17 @@ steps:
- name: link-validation
image: docker.io/lycheeverse/lychee
group: test
commands:
- lychee --no-progress --format detailed README.md
- name: pushrm-dockerhub
image: docker.io/chko/docker-pushrm:1
secrets:
- source: docker_password
target: DOCKER_PASS
- source: docker_username
target: DOCKER_USER
depends_on: [markdownlint, spellcheck, link-validation]
environment:
DOCKER_PASS:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
PUSHRM_FILE: README.md
PUSHRM_SHORT: Custom image for lighthouse-ci
PUSHRM_TARGET: thegeeklab/${CI_REPO_NAME}
@ -45,10 +42,10 @@ steps:
- name: pushrm-quay
image: docker.io/chko/docker-pushrm:1
secrets:
- source: quay_token
target: APIKEY__QUAY_IO
depends_on: [markdownlint, spellcheck, link-validation]
environment:
APIKEY__QUAY_IO:
from_secret: quay_token
PUSHRM_FILE: README.md
PUSHRM_TARGET: quay.io/thegeeklab/${CI_REPO_NAME}
when:

View File

@ -13,12 +13,12 @@ steps:
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
username:
from_secret: matrix_username
room_id:
from_secret: matrix_room_id
user_id:
from_secret: matrix_user_id
access_token:
from_secret: matrix_access_token
when:
- status: [success, failure]

View File

@ -1,4 +1,4 @@
FROM docker.io/node:lts-bookworm-slim@sha256:60e4bda010af8cb1f729615be62a766de4c0c1413894ab05676eaa51a2d91c89
FROM docker.io/node:lts-bookworm-slim@sha256:4b44c32c9f3118d60977d0dde5f758f63c4f9eac8ddee4275277239ec600950f
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
@ -11,9 +11,9 @@ ARG BUILD_VERSION
ARG YQ_VERSION
# renovate: datasource=npm depName=@lhci/cli
ENV LHCI_VERSION="${BUILD_VERSION:-0.13.0}"
ENV LHCI_VERSION="${BUILD_VERSION:-0.14.0}"
# renovate: datasource=github-releases depName=mikefarah/yq
ENV YQ_VERSION="${YQ_VERSION:-v4.44.1}"
ENV YQ_VERSION="${YQ_VERSION:-v4.44.3}"
ENV LHCI_BASE_DIR=/drone/src \
FORCE_COLOR=true \