refactor: migrate to woodpecker ci #139

Merged
xoxys merged 6 commits from migrate-woodpecker into main 2023-11-08 08:04:02 +00:00
11 changed files with 251 additions and 258 deletions
Showing only changes of commit f1c7618035 - Show all commits

View File

@ -2,7 +2,7 @@ style: github
template: CHANGELOG.tpl.md template: CHANGELOG.tpl.md
info: info:
title: CHANGELOG title: CHANGELOG
repository_url: https://gitea.rknet.org/docker/vaultwarden repository_url: https://gitea.rknet.org/container/vaultwarden
options: options:
commit_groups: commit_groups:
title_maps: title_maps:

View File

@ -1,213 +0,0 @@
---
kind: pipeline
name: test
platform:
os: linux
arch: amd64
steps:
- name: markdownlint
image: thegeeklab/markdownlint-cli
commands:
- markdownlint 'README.md'
trigger:
ref:
- refs/heads/main
- refs/pull/**
- refs/tags/**
---
kind: pipeline
name: build-container
platform:
os: linux
arch: amd64
steps:
- name: binary
image: clux/muslrust:stable
commands:
- apt-get -qq update && apt-get install -yqq --no-install-recommends libpq-dev
- make build
- name: verify
image: alpine
commands:
- src/target/x86_64-unknown-linux-musl/release/vaultwarden --help
- src/target/x86_64-unknown-linux-musl/release/vaultwarden --version
depends_on:
- binary
- name: dryrun
image: thegeeklab/drone-docker-buildx:23
settings:
dockerfile: Dockerfile
dry_run: true
provenance: false
repo: thegeeklab/${DRONE_REPO_NAME}
when:
ref:
- refs/pull/**
depends_on:
- verify
- name: tags
image: thegeeklab/docker-autotag
environment:
DOCKER_AUTOTAG_FORCE_LATEST: True
DOCKER_AUTOTAG_IGNORE_PRERELEASE: True
DOCKER_AUTOTAG_OUTPUT_FILE: .tags
DOCKER_AUTOTAG_VERSION: ${DRONE_TAG}
when:
ref:
- refs/heads/main
- refs/tags/**
depends_on:
- dryrun
- name: changelog-generate
image: thegeeklab/git-chglog
commands:
- git fetch -tq
- git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased unreleased}
depends_on:
- tags
- name: changelog-format
image: thegeeklab/alpine-tools
commands:
- prettier CHANGELOG.md
- prettier -w CHANGELOG.md
depends_on:
- changelog-generate
- name: publish-dockerhub
image: thegeeklab/drone-docker-buildx:23
settings:
dockerfile: Dockerfile
password:
from_secret: docker_password
provenance: false
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/heads/main
- refs/tags/**
depends_on:
- changelog-format
- name: publish-quay
image: thegeeklab/drone-docker-buildx:23
settings:
dockerfile: Dockerfile
password:
from_secret: quay_password
provenance: false
registry: quay.io
repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: quay_username
when:
ref:
- refs/heads/main
- refs/tags/**
depends_on:
- changelog-format
- name: publish-gitea
image: plugins/gitea-release
settings:
api_key:
from_secret: gitea_token
base_url: https://gitea.rknet.org
note: CHANGELOG.md
overwrite: true
title: ${DRONE_TAG}
when:
ref:
- refs/tags/**
depends_on:
- publish-dockerhub
- publish-quay
trigger:
ref:
- refs/heads/main
- refs/pull/**
- refs/tags/**
depends_on:
- test
---
kind: pipeline
name: notifications
platform:
os: linux
arch: amd64
steps:
- name: pushrm-dockerhub
image: chko/docker-pushrm:1
environment:
DOCKER_PASS:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
PUSHRM_FILE: README.md
PUSHRM_SHORT: Custom image for Vaultwarden password manager
PUSHRM_TARGET: thegeeklab/${DRONE_REPO_NAME}
when:
status:
- success
- name: pushrm-quay
image: chko/docker-pushrm:1
environment:
APIKEY__QUAY_IO:
from_secret: quay_token
PUSHRM_FILE: README.md
PUSHRM_TARGET: quay.io/thegeeklab/${DRONE_REPO_NAME}
when:
status:
- success
- name: matrix
image: thegeeklab/drone-matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
template: "Status: **{{ .Build.Status }}**<br/> Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}<br/> Message: {{ .Commit.Message.Title }}"
username:
from_secret: matrix_username
when:
status:
- success
- failure
trigger:
ref:
- refs/heads/main
- refs/tags/**
status:
- success
- failure
depends_on:
- build-container
---
kind: signature
hmac: 4ba2b1c8e702a25d354563333c9c332383f4887a64f7d5af37c054c31149119b
...

47
.gitsv/config.yml Normal file
View File

@ -0,0 +1,47 @@
---
version: "1.1"
versioning:
update-major: []
update-minor: [feat]
update-patch: [fix, perf, refactor, chore, test, ci, docs]
tag:
pattern: "v%d.%d.%d"
release-notes:
sections:
- name: Features
commit-types: [feat]
section-type: commits
- name: Bug Fixes
commit-types: [fix]
section-type: commits
- name: Performance Improvements
commit-types: [perf]
section-type: commits
- name: Code Refactoring
commit-types: [refactor]
section-type: commits
- name: Others
commit-types: [chore]
section-type: commits
- name: Testing
commit-types: [test]
section-type: commits
- name: CI Pipeline
commit-types: [ci]
section-type: commits
- name: Documentation
commit-types: [docs]
section-type: commits
- name: BREAKING CHANGES
section-type: breaking-changes
commit-message:
footer:
issue:
key: issue
add-value-prefix: "#"
issue:
regex: "#?[0-9]+"

View File

@ -1,3 +1,2 @@
.drone.yml
*.tpl.md *.tpl.md
LICENSE LICENSE

View File

@ -0,0 +1,76 @@
---
when:
- event: [pull_request, tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
binary:
image: docker.io/clux/muslrust:stable
commands:
- apt-get -qq update && apt-get install -yqq --no-install-recommends libpq-dev
- make build
executable:
image: docker.io/alpine
commands:
- src/target/x86_64-unknown-linux-musl/release/vaultwarden --help
- src/target/x86_64-unknown-linux-musl/release/vaultwarden --version
security-build:
image: quay.io/thegeeklab/wp-docker-buildx:1
settings:
containerfile: Containerfile.multiarch
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
repo: thegeeklab/${CI_REPO_NAME}
security-scan:
image: ghcr.io/aquasecurity/trivy
commands:
- trivy -v
- trivy image --input oci/${CI_REPO_NAME}
environment:
TRIVY_EXIT_CODE: "1"
TRIVY_IGNORE_UNFIXED: "true"
TRIVY_NO_PROGRESS: "true"
TRIVY_SEVERITY: HIGH,CRITICAL
TRIVY_TIMEOUT: 1m
TRIVY_SKIP_FILES: /usr/local/bin/gomplate
publish-dockerhub:
group: container
image: quay.io/thegeeklab/wp-docker-buildx:1
settings:
auto_tag: true
containerfile: Containerfile
password:
from_secret: docker_password
provenance: false
repo: thegeeklab/${CI_REPO_NAME}
username:
from_secret: docker_username
when:
- event: [tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
publish-quay:
group: container
image: quay.io/thegeeklab/wp-docker-buildx:1
settings:
auto_tag: true
containerfile: Containerfile
password:
from_secret: quay_password
provenance: false
registry: quay.io
repo: quay.io/thegeeklab/${CI_REPO_NAME}
username:
from_secret: quay_username
when:
- event: [tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}

View File

@ -0,0 +1,27 @@
---
when:
- event: [pull_request, tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
changelog:
image: quay.io/thegeeklab/git-sv
commands:
- git fetch --depth=2147483647
- git sv current-version
- git sv release-notes -t ${CI_COMMIT_TAG:-next} -o CHANGELOG.md
- cat CHANGELOG.md
publish-gitea:
image: plugins/gitea-release
settings:
api_key:
from_secret: gitea_token
base_url: https://gitea.rknet.org
note: CHANGELOG.md
overwrite: true
title: ${CI_COMMIT_TAG}
when:
- event: [tag]

61
.woodpecker/docs.yml Normal file
View File

@ -0,0 +1,61 @@
---
when:
- event: [pull_request, tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
markdownlint:
image: quay.io/thegeeklab/markdownlint-cli
commands:
- markdownlint 'README.md'
spellcheck:
image: quay.io/thegeeklab/alpine-tools
commands:
- spellchecker --files '_docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls
environment:
FORCE_COLOR: "true"
NPM_CONFIG_LOGLEVEL: "error"
link-validation:
image: docker.io/lycheeverse/lychee
group: test
commands:
- lychee --no-progress --format detailed README.md
pushrm-dockerhub:
image: docker.io/chko/docker-pushrm:1
secrets:
- source: docker_password
target: DOCKER_PASS
- source: docker_username
target: DOCKER_USER
environment:
PUSHRM_FILE: README.md
PUSHRM_SHORT: Custom image for Vaultwarden password manager
PUSHRM_TARGET: thegeeklab/${CI_REPO_NAME}
when:
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
status: [success]
pushrm-quay:
image: docker.io/chko/docker-pushrm:1
secrets:
- source: quay_token
target: APIKEY__QUAY_IO
environment:
PUSHRM_FILE: README.md
PUSHRM_TARGET: quay.io/thegeeklab/${CI_REPO_NAME}
when:
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
status: [success]
depends_on:
- build-package
- build-container

26
.woodpecker/notify.yml Normal file
View File

@ -0,0 +1,26 @@
---
when:
- event: [tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
runs_on: [success, failure]
steps:
matrix:
image: quay.io/thegeeklab/wp-matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
username:
from_secret: matrix_username
when:
- status: [success, failure]
depends_on:
- docs

View File

@ -1,11 +1,11 @@
FROM thegeeklab/alpine:latest@sha256:1a959e83114602716d5c44ebb97da156425b1730868a11800d7ceb41752cf50e FROM quay.io/thegeeklab/alpine:latest@sha256:1a959e83114602716d5c44ebb97da156425b1730868a11800d7ceb41752cf50e
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>" LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>" LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.title="vaultwarden" LABEL org.opencontainers.image.title="vaultwarden"
LABEL org.opencontainers.image.url="https://gitea.rknet.org/docker/vaultwarden" LABEL org.opencontainers.image.url="https://gitea.rknet.org/container/vaultwarden"
LABEL org.opencontainers.image.source="https://gitea.rknet.org/docker/vaultwarden" LABEL org.opencontainers.image.source="https://gitea.rknet.org/container/vaultwarden"
LABEL org.opencontainers.image.documentation="https://gitea.rknet.org/docker/vaultwarden" LABEL org.opencontainers.image.documentation="https://gitea.rknet.org/container/vaultwarden"
ARG WEBVAULT_VERSION ARG WEBVAULT_VERSION

View File

@ -2,22 +2,20 @@
Custom image for Vaultwarden password manager Custom image for Vaultwarden password manager
[![Build Status](https://img.shields.io/drone/build/docker/vaultwarden?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/docker/vaultwarden) <!-- spellchecker-disable -->
[![Build Status](https://ci.rknet.org/api/badges/container/vaultwarden/status.svg)](https://ci.rknet.org/repos/container/vaultwarden)
[![Docker Hub](https://img.shields.io/badge/dockerhub-latest-blue.svg?logo=docker&logoColor=white)](https://hub.docker.com/r/thegeeklab/vaultwarden) [![Docker Hub](https://img.shields.io/badge/dockerhub-latest-blue.svg?logo=docker&logoColor=white)](https://hub.docker.com/r/thegeeklab/vaultwarden)
[![Quay.io](https://img.shields.io/badge/quay-latest-blue.svg?logo=docker&logoColor=white)](https://quay.io/repository/thegeeklab/vaultwarden) [![Quay.io](https://img.shields.io/badge/quay-latest-blue.svg?logo=docker&logoColor=white)](https://quay.io/repository/thegeeklab/vaultwarden)
[![Source: Gitea](https://img.shields.io/badge/source-gitea-blue.svg?logo=gitea&logoColor=white)](https://gitea.rknet.org/docker/vaultwarden) [![Source: Gitea](https://img.shields.io/badge/source-gitea-blue.svg?logo=gitea&logoColor=white)](https://gitea.rknet.org/container/vaultwarden)
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/docker/vaultwarden/src/branch/main/LICENSE) [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/container/vaultwarden/src/branch/main/LICENSE)
This is a rootless custom Docker image for [vaultwarden](https://github.com/dani-garcia/vaultwarden). Vaultwarden is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. <!-- spellchecker-enable -->
Custom rootless container image for [vaultwarden](https://github.com/dani-garcia/vaultwarden). Vaultwarden is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
> **WARNING**: This build supports SQLite and PostgreSQL database backend only. > **WARNING**: This build supports SQLite and PostgreSQL database backend only.
## Usage
### Docker Compose
Please take a look at the [example](https://gitea.rknet.org/docker/vaultwarden/src/branch/main/docker-compose.yml) compose file from the git repo.
## Configuration ## Configuration
```Shell ```Shell
@ -76,4 +74,4 @@ VAULTWARDEN_ROCKET_WORKERS=
## License ## License
This project is licensed under the MIT License - see the [LICENSE](https://gitea.rknet.org/docker/vaultwarden/src/branch/main/LICENSE) file for details. This project is licensed under the MIT License - see the [LICENSE](https://gitea.rknet.org/container/vaultwarden/src/branch/main/LICENSE) file for details.

View File

@ -1,28 +0,0 @@
---
version: "3"
services:
postgres:
container_name: postgres
image: postgres
environment:
POSTGRES_DB: vaultwarden
POSTGRES_PASSWORD: pass
POSTGRES_USER: user
vaultwarden:
container_name: vaultwarden
image: thegeeklab/vaultwarden
depends_on:
- postgres
ports:
- "80:8080"
volumes:
- data:/app/data
environment:
VAULTWARDEN_DATABASE_URL: postgresql://user:pass@vaultwarden_postgres:5432/vaultwarden
VAULTWARDEN_ADMIN_TOKEN: test
volumes:
data:
driver: local