Compare commits
No commits in common. "main" and "v1.32.2+1" have entirely different histories.
@ -7,18 +7,15 @@ when:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: security-build
|
- name: security-build
|
||||||
image: quay.io/thegeeklab/wp-docker-buildx:6
|
image: quay.io/thegeeklab/wp-docker-buildx:5
|
||||||
settings:
|
settings:
|
||||||
containerfile: Containerfile
|
containerfile: Containerfile
|
||||||
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
|
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
|
||||||
repo: thegeeklab/${CI_REPO_NAME}
|
repo: thegeeklab/${CI_REPO_NAME}
|
||||||
cache_to: type=local,dest=oci/cache/${CI_REPO_NAME},mode=max
|
cache_to: type=local,dest=oci/cache/${CI_REPO_NAME},mode=max
|
||||||
registry_config:
|
|
||||||
from_secret: DOCKER_REGISTRY_CONFIG_PULL
|
|
||||||
|
|
||||||
- name: security-scan
|
- name: security-scan
|
||||||
image: docker.io/aquasec/trivy
|
image: ghcr.io/aquasecurity/trivy
|
||||||
depends_on: security-build
|
|
||||||
commands:
|
commands:
|
||||||
- trivy -v
|
- trivy -v
|
||||||
- trivy image --input oci/${CI_REPO_NAME}
|
- trivy image --input oci/${CI_REPO_NAME}
|
||||||
@ -28,11 +25,10 @@ steps:
|
|||||||
TRIVY_NO_PROGRESS: "true"
|
TRIVY_NO_PROGRESS: "true"
|
||||||
TRIVY_SEVERITY: HIGH,CRITICAL
|
TRIVY_SEVERITY: HIGH,CRITICAL
|
||||||
TRIVY_TIMEOUT: 1m
|
TRIVY_TIMEOUT: 1m
|
||||||
TRIVY_DB_REPOSITORY: docker.io/aquasec/trivy-db:2
|
|
||||||
|
|
||||||
- name: publish-dockerhub
|
- name: publish-dockerhub
|
||||||
image: quay.io/thegeeklab/wp-docker-buildx:6
|
image: quay.io/thegeeklab/wp-docker-buildx:5
|
||||||
depends_on: security-scan
|
group: container
|
||||||
settings:
|
settings:
|
||||||
auto_tag: true
|
auto_tag: true
|
||||||
containerfile: Containerfile
|
containerfile: Containerfile
|
||||||
@ -51,8 +47,8 @@ steps:
|
|||||||
- ${CI_REPO_DEFAULT_BRANCH}
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
- name: publish-quay
|
- name: publish-quay
|
||||||
image: quay.io/thegeeklab/wp-docker-buildx:6
|
image: quay.io/thegeeklab/wp-docker-buildx:5
|
||||||
depends_on: security-scan
|
group: container
|
||||||
settings:
|
settings:
|
||||||
auto_tag: true
|
auto_tag: true
|
||||||
containerfile: Containerfile
|
containerfile: Containerfile
|
||||||
|
|||||||
@ -8,11 +8,13 @@ when:
|
|||||||
steps:
|
steps:
|
||||||
- name: markdownlint
|
- name: markdownlint
|
||||||
image: quay.io/thegeeklab/markdownlint-cli
|
image: quay.io/thegeeklab/markdownlint-cli
|
||||||
|
group: test
|
||||||
commands:
|
commands:
|
||||||
- markdownlint 'README.md'
|
- markdownlint 'README.md'
|
||||||
|
|
||||||
- name: spellcheck
|
- name: spellcheck
|
||||||
image: quay.io/thegeeklab/alpine-tools
|
image: quay.io/thegeeklab/alpine-tools
|
||||||
|
group: test
|
||||||
commands:
|
commands:
|
||||||
- spellchecker --files '_docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls
|
- spellchecker --files '_docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls
|
||||||
environment:
|
environment:
|
||||||
@ -20,17 +22,18 @@ steps:
|
|||||||
|
|
||||||
- name: link-validation
|
- name: link-validation
|
||||||
image: docker.io/lycheeverse/lychee
|
image: docker.io/lycheeverse/lychee
|
||||||
|
group: test
|
||||||
commands:
|
commands:
|
||||||
- lychee --no-progress --format detailed README.md
|
- lychee --no-progress --format detailed README.md
|
||||||
|
|
||||||
- name: pushrm-dockerhub
|
- name: pushrm-dockerhub
|
||||||
image: docker.io/chko/docker-pushrm:1
|
image: docker.io/chko/docker-pushrm:1
|
||||||
depends_on: [markdownlint, spellcheck, link-validation]
|
secrets:
|
||||||
|
- source: docker_password
|
||||||
|
target: DOCKER_PASS
|
||||||
|
- source: docker_username
|
||||||
|
target: DOCKER_USER
|
||||||
environment:
|
environment:
|
||||||
DOCKER_PASS:
|
|
||||||
from_secret: docker_password
|
|
||||||
DOCKER_USER:
|
|
||||||
from_secret: docker_username
|
|
||||||
PUSHRM_FILE: README.md
|
PUSHRM_FILE: README.md
|
||||||
PUSHRM_SHORT: Custom image for Vaultwarden password manager
|
PUSHRM_SHORT: Custom image for Vaultwarden password manager
|
||||||
PUSHRM_TARGET: thegeeklab/${CI_REPO_NAME}
|
PUSHRM_TARGET: thegeeklab/${CI_REPO_NAME}
|
||||||
@ -42,10 +45,10 @@ steps:
|
|||||||
|
|
||||||
- name: pushrm-quay
|
- name: pushrm-quay
|
||||||
image: docker.io/chko/docker-pushrm:1
|
image: docker.io/chko/docker-pushrm:1
|
||||||
depends_on: [markdownlint, spellcheck, link-validation]
|
secrets:
|
||||||
|
- source: quay_token
|
||||||
|
target: APIKEY__QUAY_IO
|
||||||
environment:
|
environment:
|
||||||
APIKEY__QUAY_IO:
|
|
||||||
from_secret: quay_token
|
|
||||||
PUSHRM_FILE: README.md
|
PUSHRM_FILE: README.md
|
||||||
PUSHRM_TARGET: quay.io/thegeeklab/${CI_REPO_NAME}
|
PUSHRM_TARGET: quay.io/thegeeklab/${CI_REPO_NAME}
|
||||||
when:
|
when:
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
FROM docker.io/clux/muslrust:1.82.0-stable@sha256:9f88e922b2bfa7ff2252d61dc38be2ee5544d01bfa0acdc27b32c0a4a214c723 AS build
|
FROM docker.io/clux/muslrust:1.81.0-stable@sha256:40c808d662ce88c1eac4809187e7decfba6a2eea01bddf5c3b78c1407795ddaf AS build
|
||||||
|
|
||||||
ARG WEBVAULT_VERSION
|
ARG WEBVAULT_VERSION
|
||||||
ARG VAULTWARDEN_VERSION
|
ARG VAULTWARDEN_VERSION
|
||||||
@ -14,7 +14,7 @@ ARG TARGETPLATFORM
|
|||||||
# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds versioning=loose
|
# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds versioning=loose
|
||||||
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2024.6.2}"
|
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2024.6.2}"
|
||||||
# renovate: datasource=github-releases depName=dani-garcia/vaultwarden
|
# renovate: datasource=github-releases depName=dani-garcia/vaultwarden
|
||||||
ENV VAULTWARDEN_VERSION="${VAULTWARDEN_VERSION:-1.32.4}"
|
ENV VAULTWARDEN_VERSION="${VAULTWARDEN_VERSION:-1.32.2}"
|
||||||
|
|
||||||
ENV DATA_FOLDER=/tmp
|
ENV DATA_FOLDER=/tmp
|
||||||
|
|
||||||
@ -46,7 +46,7 @@ RUN ldd target/$(cat rust_target)/release/vaultwarden && \
|
|||||||
target/$(cat rust_target)/release/vaultwarden --help && \
|
target/$(cat rust_target)/release/vaultwarden --help && \
|
||||||
target/$(cat rust_target)/release/vaultwarden --version
|
target/$(cat rust_target)/release/vaultwarden --version
|
||||||
|
|
||||||
FROM docker.io/alpine:3.20@sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb7527e017a4b4a
|
FROM docker.io/alpine:3.20@sha256:beefdbd8a1da6d2915566fde36db9db0b524eb737fc57cd1367effd16dc0d06d
|
||||||
|
|
||||||
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
|
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
|
||||||
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
|
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user