---
kind: pipeline
name: lint
platform:
os: linux
arch: amd64
steps:
- name: yapf
image: python:3.9
commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -q
- poetry run yapf -dr ./certbot_dns_corenetworks
environment:
PY_COLORS: 1
- name: flake8
image: python:3.9
commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -q
- poetry run flake8 ./certbot_dns_corenetworks
environment:
PY_COLORS: 1
image_pull_secrets:
- docker_config
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
kind: pipeline
name: test
platform:
os: linux
arch: amd64
steps:
- name: fetch
image: python:3.9
commands:
- git fetch -tq
- name: python36
image: python:3.6
commands:
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -q
- poetry run pytest
- poetry version
environment:
PY_COLORS: 1
depends_on:
- fetch
- name: python37
image: python:3.7
commands:
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -q
- poetry run pytest
- poetry version
environment:
PY_COLORS: 1
depends_on:
- fetch
- name: python38
image: python:3.8
commands:
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -q
- poetry run pytest
- poetry version
environment:
PY_COLORS: 1
depends_on:
- fetch
- name: python39
image: python:3.9
commands:
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -q
- poetry run pytest
- poetry version
environment:
PY_COLORS: 1
depends_on:
- fetch
- name: codecov
image: python:3.9
commands:
- pip install codecov -qq
- codecov --required -X gcov
environment:
CODECOV_TOKEN:
from_secret: codecov_token
PY_COLORS: 1
depends_on:
- python36
- python37
- python38
- python39
image_pull_secrets:
- docker_config
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- lint
---
kind: pipeline
name: security
platform:
os: linux
arch: amd64
steps:
- name: bandit
image: python:3.9
commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry install -q
- poetry run bandit -r ./certbot_dns_corenetworks -x ./certbot_dns_corenetworks/test
environment:
PY_COLORS: 1
image_pull_secrets:
- docker_config
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- test
---
kind: pipeline
name: build-package
platform:
os: linux
arch: amd64
steps:
- name: build
image: python:3.9
commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry build
- name: checksum
image: alpine
commands:
- cd dist/ && sha256sum * > ../sha256sum.txt
- name: publish-github
image: plugins/github-release
settings:
api_key:
from_secret: github_token
files:
- dist/*
- sha256sum.txt
note: CHANGELOG.md
overwrite: true
title: ${DRONE_TAG}
when:
ref:
- refs/tags/**
- name: publish-pypi
image: python:3.9
commands:
- git fetch -tq
- pip install poetry poetry-dynamic-versioning -qq
- poetry publish -n
environment:
POETRY_HTTP_BASIC_PYPI_PASSWORD:
from_secret: pypi_password
POETRY_HTTP_BASIC_PYPI_USERNAME:
from_secret: pypi_username
when:
ref:
- refs/tags/**
image_pull_secrets:
- docker_config
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- security
---
kind: pipeline
name: notifications
platform:
os: linux
arch: amd64
steps:
- name: matrix
image: plugins/matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}"
username:
from_secret: matrix_username
when:
status:
- success
- failure
image_pull_secrets:
- docker_config
trigger:
ref:
- refs/heads/main
- refs/tags/**
status:
- success
- failure
depends_on:
- build-package
---
kind: signature
hmac: ad1db2d5b56fbb3a9573f53f3a79f17c0d6775347b44572182bf60d89b577717
...