docker-tidy/.drone.yml

---
kind: pipeline
name: lint

platform:
  os: linux
  arch: amd64

steps:
- name: flake8
  image: python:3.9
  commands:
  - git fetch -tq
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry install -q
  - poetry run flake8 ./dockertidy
  environment:
    PY_COLORS: 1

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  - refs/pull/**

---
kind: pipeline
name: test

platform:
  os: linux
  arch: amd64

steps:
- name: fetch
  image: python:3.9
  commands:
  - git fetch -tq

- name: python36-pytest
  image: python:3.6
  commands:
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry install -q
  - poetry run pytest dockertidy --cov=dockertidy --cov-append --no-cov-on-fail
  - poetry version
  - poetry run docker-tidy --help
  environment:
    PY_COLORS: 1
  depends_on:
  - clone

- name: python37-pytest
  image: python:3.7
  commands:
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry install -q
  - poetry run pytest dockertidy --cov=dockertidy --cov-append --no-cov-on-fail
  - poetry version
  - poetry run docker-tidy --help
  environment:
    PY_COLORS: 1
  depends_on:
  - clone

- name: python38-pytest
  image: python:3.8
  commands:
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry install -q
  - poetry run pytest dockertidy --cov=dockertidy --cov-append --no-cov-on-fail
  - poetry version
  - poetry run docker-tidy --help
  environment:
    PY_COLORS: 1
  depends_on:
  - clone

- name: python39-pytest
  image: python:3.9
  commands:
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry install -q
  - poetry run pytest dockertidy --cov=dockertidy --cov-append --no-cov-on-fail
  - poetry version
  - poetry run docker-tidy --help
  environment:
    PY_COLORS: 1
  depends_on:
  - clone

- name: codecov
  image: python:3.9
  commands:
  - pip install codecov -qq
  - codecov --required -X gcov
  environment:
    CODECOV_TOKEN:
      from_secret: codecov_token
    PY_COLORS: 1
  depends_on:
  - python36-pytest
  - python37-pytest
  - python38-pytest
  - python39-pytest

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  - refs/pull/**

depends_on:
- lint

---
kind: pipeline
name: security

platform:
  os: linux
  arch: amd64

steps:
- name: bandit
  image: python:3.9
  commands:
  - git fetch -tq
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry install -q
  - poetry run bandit -r ./dockertidy -x ./dockertidy/test
  environment:
    PY_COLORS: 1

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  - refs/pull/**

depends_on:
- test

---
kind: pipeline
name: build-package

platform:
  os: linux
  arch: amd64

steps:
- name: build
  image: python:3.9
  commands:
  - git fetch -tq
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry build

- name: checksum
  image: alpine
  commands:
  - cd dist/ && sha256sum * > ../sha256sum.txt

- name: publish-github
  image: plugins/github-release
  settings:
    api_key:
      from_secret: github_token
    files:
    - dist/*
    - sha256sum.txt
    note: CHANGELOG.md
    overwrite: true
    title: ${DRONE_TAG}
  when:
    ref:
    - refs/tags/**

- name: publish-pypi
  image: python:3.9
  commands:
  - git fetch -tq
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry publish --build
  environment:
    POETRY_HTTP_BASIC_PYPI_PASSWORD:
      from_secret: pypi_password
    POETRY_HTTP_BASIC_PYPI_USERNAME:
      from_secret: pypi_username
  when:
    ref:
    - refs/tags/**

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  - refs/pull/**

depends_on:
- security

---
kind: pipeline
name: build-container-amd64

platform:
  os: linux
  arch: amd64

steps:
- name: build
  image: python:3.9
  commands:
  - git fetch -tq
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry build

- name: dryrun
  image: plugins/docker:19
  settings:
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    dry_run: true
    password:
      from_secret: docker_password
    repo: thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: docker_username
  when:
    ref:
    - refs/pull/**
  depends_on:
  - build

- name: publish-dockerhub
  image: plugins/docker:19
  settings:
    auto_tag: true
    auto_tag_suffix: amd64
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    password:
      from_secret: docker_password
    repo: thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: docker_username
  when:
    ref:
    - refs/heads/master
    - refs/tags/**
  depends_on:
  - dryrun

- name: publish-quay
  image: plugins/docker:19
  settings:
    auto_tag: true
    auto_tag_suffix: amd64
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    password:
      from_secret: quay_password
    registry: quay.io
    repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: quay_username
  when:
    ref:
    - refs/heads/master
    - refs/tags/**
  depends_on:
  - dryrun

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  - refs/pull/**

depends_on:
- security

---
kind: pipeline
name: build-container-arm64

platform:
  os: linux
  arch: arm64

steps:
- name: build
  image: python:3.9
  commands:
  - git fetch -tq
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry build

- name: dryrun
  image: plugins/docker:19
  settings:
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    dry_run: true
    password:
      from_secret: docker_password
    repo: thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: docker_username
  when:
    ref:
    - refs/pull/**
  depends_on:
  - build

- name: publish-dockerhub
  image: plugins/docker:19
  settings:
    auto_tag: true
    auto_tag_suffix: arm64
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    password:
      from_secret: docker_password
    repo: thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: docker_username
  when:
    ref:
    - refs/heads/master
    - refs/tags/**
  depends_on:
  - dryrun

- name: publish-quay
  image: plugins/docker:19
  settings:
    auto_tag: true
    auto_tag_suffix: arm64
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    password:
      from_secret: quay_password
    registry: quay.io
    repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: quay_username
  when:
    ref:
    - refs/heads/master
    - refs/tags/**
  depends_on:
  - dryrun

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  - refs/pull/**

depends_on:
- security

---
kind: pipeline
name: build-container-arm

platform:
  os: linux
  arch: arm

steps:
- name: build
  image: python:3.9
  commands:
  - git fetch -tq
  - pip install poetry poetry-dynamic-versioning -qq
  - poetry build

- name: dryrun
  image: plugins/docker:19
  settings:
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    dry_run: true
    password:
      from_secret: docker_password
    repo: thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: docker_username
  when:
    ref:
    - refs/pull/**
  depends_on:
  - build

- name: publish-dockerhub
  image: plugins/docker:19
  settings:
    auto_tag: true
    auto_tag_suffix: arm
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    password:
      from_secret: docker_password
    repo: thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: docker_username
  when:
    ref:
    - refs/heads/master
    - refs/tags/**
  depends_on:
  - dryrun

- name: publish-quay
  image: plugins/docker:19
  settings:
    auto_tag: true
    auto_tag_suffix: arm
    config:
      from_secret: docker_config
    dockerfile: docker/Dockerfile
    password:
      from_secret: quay_password
    registry: quay.io
    repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
    username:
      from_secret: quay_username
  when:
    ref:
    - refs/heads/master
    - refs/tags/**
  depends_on:
  - dryrun

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  - refs/pull/**

depends_on:
- security

---
kind: pipeline
name: docs

platform:
  os: linux
  arch: amd64

concurrency:
  limit: 1

steps:
- name: assets
  image: thegeeklab/alpine-tools
  commands:
  - make doc

- name: markdownlint
  image: node:lts-alpine
  commands:
  - npm install -g markdownlint-cli
  - markdownlint 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md'
  environment:
    FORCE_COLOR: true
    NPM_CONFIG_LOGLEVEL: error

- name: spellcheck
  image: node:lts-alpine
  commands:
  - npm install -g spellchecker-cli
  - spellchecker --files 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md' -d .dictionary -p spell indefinite-article syntax-urls --no-suggestions
  environment:
    FORCE_COLOR: true
    NPM_CONFIG_LOGLEVEL: error

- name: testbuild
  image: klakegg/hugo:0.74.3-ext-alpine
  commands:
  - hugo-official -s docs/ -b http://localhost/

- name: link-validation
  image: thegeeklab/link-validator
  commands:
  - link-validator -ro
  environment:
    LINK_VALIDATOR_BASE_DIR: docs/public

- name: build
  image: klakegg/hugo:0.74.3-ext-alpine
  commands:
  - hugo-official -s docs/

- name: beautify
  image: node:lts-alpine
  commands:
  - npm install -g js-beautify
  - html-beautify -r -f 'docs/public/**/*.html'
  environment:
    FORCE_COLOR: true
    NPM_CONFIG_LOGLEVEL: error

- name: publish
  image: plugins/s3-sync
  settings:
    access_key:
      from_secret: s3_access_key
    bucket: geekdocs
    delete: true
    endpoint: https://sp.rknet.org
    path_style: true
    secret_key:
      from_secret: s3_secret_access_key
    source: docs/public/
    strip_prefix: docs/public/
    target: /${DRONE_REPO_NAME}
  when:
    ref:
    - refs/heads/master
    - refs/tags/**

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  - refs/pull/**

depends_on:
- build-package
- build-container-amd64
- build-container-arm64
- build-container-arm

---
kind: pipeline
name: notifications

platform:
  os: linux
  arch: amd64

steps:
- name: manifest-dockerhub
  image: plugins/manifest
  settings:
    auto_tag: true
    ignore_missing: true
    password:
      from_secret: docker_password
    spec: docker/manifest.tmpl
    username:
      from_secret: docker_username
  when:
    status:
    - success

- name: manifest-quay
  image: plugins/manifest
  settings:
    auto_tag: true
    ignore_missing: true
    password:
      from_secret: quay_password
    spec: docker/manifest-quay.tmpl
    username:
      from_secret: quay_username
  when:
    status:
    - success

- name: pushrm-dockerhub
  image: chko/docker-pushrm:1
  environment:
    DOCKER_PASS:
      from_secret: docker_password
    DOCKER_USER:
      from_secret: docker_username
    PUSHRM_FILE: README.md
    PUSHRM_SHORT: Keep docker hosts tidy
    PUSHRM_TARGET: thegeeklab/${DRONE_REPO_NAME}
  when:
    status:
    - success

- name: pushrm-quay
  image: chko/docker-pushrm:1
  environment:
    APIKEY__QUAY_IO:
      from_secret: quay_token
    PUSHRM_FILE: README.md
    PUSHRM_TARGET: quay.io/thegeeklab/${DRONE_REPO_NAME}
  when:
    status:
    - success

- name: matrix
  image: plugins/matrix
  settings:
    homeserver:
      from_secret: matrix_homeserver
    password:
      from_secret: matrix_password
    roomid:
      from_secret: matrix_roomid
    template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
    username:
      from_secret: matrix_username
  when:
    status:
    - success
    - failure

image_pull_secrets:
- docker_config

trigger:
  ref:
  - refs/heads/master
  - refs/tags/**
  status:
  - success
  - failure

depends_on:
- docs

---
kind: signature
hmac: efe34a2b218e5db05f9608c0ab25e90352a70bcaaf802a6419d192dda8ac0cdc

...