---
kind: pipeline
name: lint
platform:
arch: amd64
os: linux
steps:
- commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry config experimental.new-installer false
- poetry install
- poetry run yapf -dr ./ansiblelater
environment:
PY_COLORS: 1
image: python:3.9
name: yapf
- commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -E ansible-base
- poetry run flake8 ./ansiblelater
environment:
PY_COLORS: 1
image: python:3.9
name: flake8
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
depends_on:
- lint
kind: pipeline
name: test
platform:
arch: amd64
os: linux
steps:
- commands:
- git fetch -tq
image: python:3.9
name: fetch
- commands:
- pip install poetry poetry-dynamic-versioning -qq
- poetry config experimental.new-installer false
- poetry install -E ansible-base
- poetry run pytest
- poetry version
- poetry run ansible-later --help
depends_on:
- fetch
environment:
PY_COLORS: 1
image: python:3.6
name: python36-pytest
- commands:
- pip install poetry poetry-dynamic-versioning -qq
- poetry config experimental.new-installer false
- poetry install -E ansible-base
- poetry run pytest
- poetry version
- poetry run ansible-later --help
depends_on:
- fetch
environment:
PY_COLORS: 1
image: python:3.7
name: python37-pytest
- commands:
- pip install poetry poetry-dynamic-versioning -qq
- poetry config experimental.new-installer false
- poetry install -E ansible-base
- poetry run pytest
- poetry version
- poetry run ansible-later --help
depends_on:
- fetch
environment:
PY_COLORS: 1
image: python:3.8
name: python38-pytest
- commands:
- pip install poetry poetry-dynamic-versioning -qq
- poetry config experimental.new-installer false
- poetry install -E ansible-base
- poetry run pytest
- poetry version
- poetry run ansible-later --help
depends_on:
- fetch
environment:
PY_COLORS: 1
image: python:3.9
name: python39-pytest
- commands:
- pip install codecov -qq
- codecov --required -X gcov
depends_on:
- python36-pytest
- python37-pytest
- python38-pytest
- python39-pytest
environment:
CODECOV_TOKEN:
from_secret: codecov_token
PY_COLORS: 1
image: python:3.9
name: codecov
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
depends_on:
- test
kind: pipeline
name: security
platform:
arch: amd64
os: linux
steps:
- commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -E ansible-base
- poetry run bandit -r ./ansiblelater -x ./ansiblelater/test
environment:
PY_COLORS: 1
image: python:3.9
name: bandit
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
depends_on:
- security
kind: pipeline
name: build-package
platform:
arch: amd64
os: linux
steps:
- commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry build
image: python:3.9
name: build
- commands:
- cd dist/ && sha256sum * > ../sha256sum.txt
image: alpine
name: checksum
- commands:
- git fetch -tq
- git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased
unreleased}
image: thegeeklab/git-chglog
name: changelog-generate
- commands:
- prettier CHANGELOG.md
- prettier -w CHANGELOG.md
image: thegeeklab/alpine-tools
name: changelog-format
- image: plugins/github-release
name: publish-github
settings:
api_key:
from_secret: github_token
files:
- dist/*
- sha256sum.txt
note: CHANGELOG.md
overwrite: true
title: ${DRONE_TAG}
when:
ref:
- refs/tags/**
- commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry publish -n
environment:
POETRY_HTTP_BASIC_PYPI_PASSWORD:
from_secret: pypi_password
POETRY_HTTP_BASIC_PYPI_USERNAME:
from_secret: pypi_username
image: python:3.9
name: publish-pypi
when:
ref:
- refs/tags/**
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
depends_on:
- security
kind: pipeline
name: build-container-amd64
platform:
arch: amd64
os: linux
steps:
- commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry build
image: python:3.9
name: build
- depends_on:
- build
image: thegeeklab/drone-docker:19
name: dryrun
settings:
dockerfile: docker/Dockerfile.amd64
dry_run: true
password:
from_secret: docker_password
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/pull/**
- depends_on:
- dryrun
image: thegeeklab/drone-docker:19
name: publish-dockerhub
settings:
auto_tag: true
auto_tag_suffix: amd64
dockerfile: docker/Dockerfile.amd64
password:
from_secret: docker_password
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/heads/main
- refs/tags/**
- depends_on:
- dryrun
image: thegeeklab/drone-docker:19
name: publish-quay
settings:
auto_tag: true
auto_tag_suffix: amd64
dockerfile: docker/Dockerfile.amd64
password:
from_secret: quay_password
registry: quay.io
repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: quay_username
when:
ref:
- refs/heads/main
- refs/tags/**
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
depends_on:
- security
kind: pipeline
name: build-container-arm64
platform:
arch: arm64
os: linux
steps:
- commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry build
image: python:3.9
name: build
- depends_on:
- build
image: thegeeklab/drone-docker:19
name: dryrun
settings:
dockerfile: docker/Dockerfile.arm64
dry_run: true
password:
from_secret: docker_password
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/pull/**
- depends_on:
- dryrun
image: thegeeklab/drone-docker:19
name: publish-dockerhub
settings:
auto_tag: true
auto_tag_suffix: arm64
dockerfile: docker/Dockerfile.arm64
password:
from_secret: docker_password
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/heads/main
- refs/tags/**
- depends_on:
- dryrun
image: thegeeklab/drone-docker:19
name: publish-quay
settings:
auto_tag: true
auto_tag_suffix: arm64
dockerfile: docker/Dockerfile.arm64
password:
from_secret: quay_password
registry: quay.io
repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: quay_username
when:
ref:
- refs/heads/main
- refs/tags/**
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
depends_on:
- security
kind: pipeline
name: build-container-arm
platform:
arch: arm
os: linux
steps:
- commands:
- apk add -Uq --no-cache build-base openssl-dev libffi-dev musl-dev python3-dev
git cargo
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry build
environment:
CARGO_NET_GIT_FETCH_WITH_CLI: true
image: python:3.9-alpine
name: build
- depends_on:
- build
image: thegeeklab/drone-docker:19
name: dryrun
settings:
dockerfile: docker/Dockerfile.arm
dry_run: true
password:
from_secret: docker_password
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/pull/**
- depends_on:
- dryrun
image: thegeeklab/drone-docker:19
name: publish-dockerhub
settings:
auto_tag: true
auto_tag_suffix: arm
dockerfile: docker/Dockerfile.arm
password:
from_secret: docker_password
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/heads/main
- refs/tags/**
- depends_on:
- dryrun
image: thegeeklab/drone-docker:19
name: publish-quay
settings:
auto_tag: true
auto_tag_suffix: arm
dockerfile: docker/Dockerfile.arm
password:
from_secret: quay_password
registry: quay.io
repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: quay_username
when:
ref:
- refs/heads/main
- refs/tags/**
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
concurrency:
limit: 1
depends_on:
- build-package
- build-container-amd64
- build-container-arm64
- build-container-arm
kind: pipeline
name: docs
platform:
arch: amd64
os: linux
steps:
- commands:
- make doc
image: thegeeklab/alpine-tools
name: assets
- commands:
- markdownlint 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md'
image: thegeeklab/markdownlint-cli
name: markdownlint
- commands:
- npm install -g spellchecker-cli
- spellchecker --files 'docs/content/**/*.md' 'README.md' -d .dictionary -p spell
indefinite-article syntax-urls --no-suggestions
environment:
FORCE_COLOR: true
NPM_CONFIG_LOGLEVEL: error
image: node:lts-alpine
name: spellcheck
- commands:
- hugo -s docs/ -b http://localhost/
image: thegeeklab/hugo:0.83.1
name: testbuild
- commands:
- link-validator -ro
environment:
LINK_VALIDATOR_BASE_DIR: docs/public
image: thegeeklab/link-validator
name: link-validation
- commands:
- hugo -s docs/
image: thegeeklab/hugo:0.83.1
name: build
- commands:
- npm install -g js-beautify
- html-beautify -r -f 'docs/public/**/*.html'
environment:
FORCE_COLOR: true
NPM_CONFIG_LOGLEVEL: error
image: node:lts-alpine
name: beautify
- image: plugins/s3-sync
name: publish
settings:
access_key:
from_secret: s3_access_key
bucket: geekdocs
delete: true
endpoint: https://sp.rknet.org
path_style: true
secret_key:
from_secret: s3_secret_access_key
source: docs/public/
strip_prefix: docs/public/
target: /${DRONE_REPO_NAME}
when:
ref:
- refs/heads/main
- refs/tags/**
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
depends_on:
- docs
kind: pipeline
name: notifications
platform:
arch: amd64
os: linux
steps:
- image: plugins/manifest
name: manifest-dockerhub
settings:
auto_tag: true
ignore_missing: true
password:
from_secret: docker_password
spec: docker/manifest.tmpl
username:
from_secret: docker_username
when:
status:
- success
- image: plugins/manifest
name: manifest-quay
settings:
auto_tag: true
ignore_missing: true
password:
from_secret: quay_password
spec: docker/manifest-quay.tmpl
username:
from_secret: quay_username
when:
status:
- success
- environment:
DOCKER_PASS:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
PUSHRM_FILE: README.md
PUSHRM_SHORT: Another best practice scanner for Ansible roles and playbooks
PUSHRM_TARGET: thegeeklab/${DRONE_REPO_NAME}
image: chko/docker-pushrm:1
name: pushrm-dockerhub
pull: always
when:
status:
- success
- environment:
APIKEY__QUAY_IO:
from_secret: quay_token
PUSHRM_FILE: README.md
PUSHRM_TARGET: quay.io/thegeeklab/${DRONE_REPO_NAME}
image: chko/docker-pushrm:1
name: pushrm-quay
pull: always
when:
status:
- success
- image: plugins/matrix
name: matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
template: 'Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name
}}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message:
{{ build.message }}'
username:
from_secret: matrix_username
when:
status:
- success
- failure
trigger:
ref:
- refs/heads/main
- refs/tags/**
status:
- success
- failure
---
kind: signature
hmac: eb840b80a482cdb542fe7fcbe4f497de8b94a976e112ad5dcf78a62eaa15d2ed
...