--- kind: pipeline name: lint platform: os: linux arch: amd64 steps: - name: yapf image: python:3.11 commands: - git fetch -tq - pip install poetry poetry-dynamic-versioning -qq - poetry config experimental.new-installer false - poetry install - poetry run yapf -dr ./dockerautotag environment: PY_COLORS: 1 - name: flake8 image: python:3.11 commands: - git fetch -tq - pip install poetry poetry-dynamic-versioning -qq - poetry config experimental.new-installer false - poetry install - poetry run flake8 ./dockerautotag environment: PY_COLORS: 1 trigger: ref: - refs/heads/main - refs/tags/** - refs/pull/** --- kind: pipeline name: test platform: os: linux arch: amd64 steps: - name: fetch image: python:3.11 commands: - git fetch -tq - name: python37-pytest image: python:3.7 commands: - pip install poetry poetry-dynamic-versioning -qq - poetry config experimental.new-installer false - poetry install - poetry version - poetry run docker-autotag --help environment: PY_COLORS: 1 depends_on: - fetch - name: python38-pytest image: python:3.8 commands: - pip install poetry poetry-dynamic-versioning -qq - poetry config experimental.new-installer false - poetry install - poetry version - poetry run docker-autotag --help environment: PY_COLORS: 1 depends_on: - fetch - name: python39-pytest image: python:3.9 commands: - pip install poetry poetry-dynamic-versioning -qq - poetry config experimental.new-installer false - poetry install - poetry version - poetry run docker-autotag --help environment: PY_COLORS: 1 depends_on: - fetch - name: python310-pytest image: python:3.10 commands: - pip install poetry poetry-dynamic-versioning -qq - poetry config experimental.new-installer false - poetry install - poetry version - poetry run docker-autotag --help environment: PY_COLORS: 1 depends_on: - fetch - name: python311-pytest image: python:3.11 commands: - pip install poetry poetry-dynamic-versioning -qq - poetry config experimental.new-installer false - poetry install - poetry version - poetry run docker-autotag --help environment: PY_COLORS: 1 depends_on: - fetch trigger: ref: - refs/heads/main - refs/tags/** - refs/pull/** depends_on: - lint --- kind: pipeline name: security platform: os: linux arch: amd64 steps: - name: bandit image: python:3.11 commands: - git fetch -tq - pip install poetry poetry-dynamic-versioning -qq - poetry config experimental.new-installer false - poetry install - poetry run bandit -r ./dockerautotag -x ./dockerautotag/test environment: PY_COLORS: 1 trigger: ref: - refs/heads/main - refs/tags/** - refs/pull/** depends_on: - test --- kind: pipeline name: build-package platform: os: linux arch: amd64 steps: - name: build image: python:3.11 commands: - git fetch -tq - pip install poetry poetry-dynamic-versioning -qq - poetry build - name: checksum image: alpine commands: - cd dist/ && sha256sum * > ../sha256sum.txt - name: changelog-generate image: thegeeklab/git-chglog commands: - git fetch -tq - git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased unreleased} - name: changelog-format image: thegeeklab/alpine-tools commands: - prettier CHANGELOG.md - prettier -w CHANGELOG.md - name: publish-github image: plugins/github-release settings: api_key: from_secret: github_token files: - dist/* - sha256sum.txt note: CHANGELOG.md overwrite: true title: ${DRONE_TAG} when: ref: - refs/tags/** - name: publish-pypi image: python:3.11 commands: - git fetch -tq - pip install poetry poetry-dynamic-versioning -qq - poetry publish -n environment: POETRY_HTTP_BASIC_PYPI_PASSWORD: from_secret: pypi_password POETRY_HTTP_BASIC_PYPI_USERNAME: from_secret: pypi_username when: ref: - refs/tags/** trigger: ref: - refs/heads/main - refs/tags/** - refs/pull/** depends_on: - security --- kind: pipeline name: build-container platform: os: linux arch: amd64 steps: - name: build image: python:3.11 commands: - git fetch -tq - pip install poetry poetry-dynamic-versioning -qq - poetry build - name: dryrun image: thegeeklab/drone-docker-buildx:20 settings: dockerfile: Dockerfile.multiarch dry_run: true platforms: - linux/amd64 - linux/arm64 provenance: false repo: thegeeklab/${DRONE_REPO_NAME} when: ref: - refs/pull/** depends_on: - build - name: publish-dockerhub image: thegeeklab/drone-docker-buildx:20 settings: auto_tag: true dockerfile: Dockerfile.multiarch password: from_secret: docker_password platforms: - linux/amd64 - linux/arm64 provenance: false repo: thegeeklab/${DRONE_REPO_NAME} username: from_secret: docker_username when: ref: - refs/heads/main - refs/tags/** depends_on: - dryrun - name: publish-quay image: thegeeklab/drone-docker-buildx:20 settings: auto_tag: true dockerfile: Dockerfile.multiarch password: from_secret: quay_password platforms: - linux/amd64 - linux/arm64 provenance: false registry: quay.io repo: quay.io/thegeeklab/${DRONE_REPO_NAME} username: from_secret: quay_username when: ref: - refs/heads/main - refs/tags/** depends_on: - dryrun trigger: ref: - refs/heads/main - refs/tags/** - refs/pull/** depends_on: - security --- kind: pipeline name: notifications platform: os: linux arch: amd64 steps: - name: pushrm-dockerhub image: chko/docker-pushrm:1 environment: DOCKER_PASS: from_secret: docker_password DOCKER_USER: from_secret: docker_username PUSHRM_FILE: README.md PUSHRM_SHORT: Create docker tags from a given version string PUSHRM_TARGET: thegeeklab/${DRONE_REPO_NAME} when: status: - success - name: pushrm-quay image: chko/docker-pushrm:1 environment: APIKEY__QUAY_IO: from_secret: quay_token PUSHRM_FILE: README.md PUSHRM_TARGET: quay.io/thegeeklab/${DRONE_REPO_NAME} when: status: - success - name: matrix image: thegeeklab/drone-matrix settings: homeserver: from_secret: matrix_homeserver password: from_secret: matrix_password roomid: from_secret: matrix_roomid template: "Status: **{{ .Build.Status }}**
Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}
Message: {{ .Commit.Message.Title }}" username: from_secret: matrix_username when: status: - success - failure trigger: ref: - refs/heads/main - refs/tags/** status: - success - failure depends_on: - build-package - build-container --- kind: signature hmac: 9b678a3133e5b0df270a1229f167838404e14433bc7f8c8209b4fcdd6c84a1af ...