local PythonVersion(pyversion='3.6') = { name: 'python' + std.strReplace(pyversion, '.', '') + '-pytest', image: 'python:' + pyversion, environment: { PY_COLORS: 1, }, commands: [ 'pip install poetry poetry-dynamic-versioning -qq', 'poetry config experimental.new-installer false', 'poetry install', 'poetry run pytest dockertidy --cov=dockertidy --cov-append --no-cov-on-fail', 'poetry version', 'poetry run docker-tidy --help', ], depends_on: [ 'fetch', ], }; local PipelineLint = { kind: 'pipeline', name: 'lint', platform: { os: 'linux', arch: 'amd64', }, steps: [ { name: 'yapf', image: 'python:3.9', environment: { PY_COLORS: 1, }, commands: [ 'git fetch -tq', 'pip install poetry poetry-dynamic-versioning -qq', 'poetry config experimental.new-installer false', 'poetry install', 'poetry run yapf -dr ./dockertidy', ], }, { name: 'flake8', image: 'python:3.9', environment: { PY_COLORS: 1, }, commands: [ 'git fetch -tq', 'pip install poetry poetry-dynamic-versioning -qq', 'poetry config experimental.new-installer false', 'poetry install', 'poetry run flake8 ./dockertidy', ], }, ], trigger: { ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], }, }; local PipelineTest = { kind: 'pipeline', name: 'test', platform: { os: 'linux', arch: 'amd64', }, steps: [ { name: 'fetch', image: 'python:3.9', commands: [ 'git fetch -tq', ], }, PythonVersion(pyversion='3.6'), PythonVersion(pyversion='3.7'), PythonVersion(pyversion='3.8'), PythonVersion(pyversion='3.9'), { name: 'codecov', image: 'python:3.9', environment: { PY_COLORS: 1, CODECOV_TOKEN: { from_secret: 'codecov_token' }, }, commands: [ 'pip install codecov -qq', 'codecov --required -X gcov', ], depends_on: [ 'python36-pytest', 'python37-pytest', 'python38-pytest', 'python39-pytest', ], }, ], depends_on: [ 'lint', ], trigger: { ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], }, }; local PipelineSecurity = { kind: 'pipeline', name: 'security', platform: { os: 'linux', arch: 'amd64', }, steps: [ { name: 'bandit', image: 'python:3.9', environment: { PY_COLORS: 1, }, commands: [ 'git fetch -tq', 'pip install poetry poetry-dynamic-versioning -qq', 'poetry config experimental.new-installer false', 'poetry install', 'poetry run bandit -r ./dockertidy -x ./dockertidy/test', ], }, ], depends_on: [ 'test', ], trigger: { ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], }, }; local PipelineBuildPackage = { kind: 'pipeline', name: 'build-package', platform: { os: 'linux', arch: 'amd64', }, steps: [ { name: 'build', image: 'python:3.9', commands: [ 'git fetch -tq', 'pip install poetry poetry-dynamic-versioning -qq', 'poetry build', ], }, { name: 'checksum', image: 'alpine', commands: [ 'cd dist/ && sha256sum * > ../sha256sum.txt', ], }, { name: 'publish-github', image: 'plugins/github-release', settings: { overwrite: true, api_key: { from_secret: 'github_token' }, files: ['dist/*', 'sha256sum.txt'], title: '${DRONE_TAG}', note: 'CHANGELOG.md', }, when: { ref: ['refs/tags/**'], }, }, { name: 'publish-pypi', image: 'python:3.9', commands: [ 'git fetch -tq', 'pip install poetry poetry-dynamic-versioning -qq', 'poetry publish -n', ], environment: { POETRY_HTTP_BASIC_PYPI_USERNAME: { from_secret: 'pypi_username' }, POETRY_HTTP_BASIC_PYPI_PASSWORD: { from_secret: 'pypi_password' }, }, when: { ref: ['refs/tags/**'], }, }, ], depends_on: [ 'security', ], trigger: { ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], }, }; local PipelineBuildContainer(arch='amd64') = { local build = if arch == 'arm' then [{ name: 'build', image: 'python:3.9-alpine', commands: [ 'apk add -Uq --no-cache build-base libressl-dev libffi-dev musl-dev python3-dev git cargo', 'git fetch -tq', 'pip install poetry poetry-dynamic-versioning -qq', 'poetry build', ], }] else [{ name: 'build', image: 'python:3.9', commands: [ 'git fetch -tq', 'pip install poetry poetry-dynamic-versioning -qq', 'poetry build', ], }], kind: 'pipeline', name: 'build-container-' + arch, platform: { os: 'linux', arch: arch, }, steps: build + [ { name: 'dryrun', image: 'thegeeklab/drone-docker:19', settings: { dry_run: true, dockerfile: 'docker/Dockerfile.' + arch, repo: 'thegeeklab/${DRONE_REPO_NAME}', username: { from_secret: 'docker_username' }, password: { from_secret: 'docker_password' }, }, depends_on: ['build'], when: { ref: ['refs/pull/**'], }, }, { name: 'publish-dockerhub', image: 'thegeeklab/drone-docker:19', settings: { auto_tag: true, auto_tag_suffix: arch, dockerfile: 'docker/Dockerfile.' + arch, repo: 'thegeeklab/${DRONE_REPO_NAME}', username: { from_secret: 'docker_username' }, password: { from_secret: 'docker_password' }, }, when: { ref: ['refs/heads/main', 'refs/tags/**'], }, depends_on: ['dryrun'], }, { name: 'publish-quay', image: 'thegeeklab/drone-docker:19', settings: { auto_tag: true, auto_tag_suffix: arch, dockerfile: 'docker/Dockerfile.' + arch, registry: 'quay.io', repo: 'quay.io/thegeeklab/${DRONE_REPO_NAME}', username: { from_secret: 'quay_username' }, password: { from_secret: 'quay_password' }, }, when: { ref: ['refs/heads/main', 'refs/tags/**'], }, depends_on: ['dryrun'], }, ], depends_on: [ 'security', ], trigger: { ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], }, }; local PipelineDocs = { kind: 'pipeline', name: 'docs', platform: { os: 'linux', arch: 'amd64', }, concurrency: { limit: 1, }, steps: [ { name: 'assets', image: 'thegeeklab/alpine-tools', commands: [ 'make doc', ], }, { name: 'markdownlint', image: 'thegeeklab/markdownlint-cli', commands: [ "markdownlint 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md'", ], }, { name: 'spellcheck', image: 'node:lts-alpine', commands: [ 'npm install -g spellchecker-cli', "spellchecker --files 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md' -d .dictionary -p spell indefinite-article syntax-urls --no-suggestions", ], environment: { FORCE_COLOR: true, NPM_CONFIG_LOGLEVEL: 'error', }, }, { name: 'testbuild', image: 'klakegg/hugo:0.80.0-ext-alpine-ci', commands: [ 'hugo-official -s docs/ -b http://localhost/', ], }, { name: 'link-validation', image: 'thegeeklab/link-validator', commands: [ 'link-validator -ro', ], environment: { LINK_VALIDATOR_BASE_DIR: 'docs/public', }, }, { name: 'build', image: 'klakegg/hugo:0.80.0-ext-alpine-ci', commands: [ 'hugo-official -s docs/', ], }, { name: 'beautify', image: 'node:lts-alpine', commands: [ 'npm install -g js-beautify', "html-beautify -r -f 'docs/public/**/*.html'", ], environment: { FORCE_COLOR: true, NPM_CONFIG_LOGLEVEL: 'error', }, }, { name: 'publish', image: 'plugins/s3-sync', settings: { access_key: { from_secret: 's3_access_key' }, bucket: 'geekdocs', delete: true, endpoint: 'https://sp.rknet.org', path_style: true, secret_key: { from_secret: 's3_secret_access_key' }, source: 'docs/public/', strip_prefix: 'docs/public/', target: '/${DRONE_REPO_NAME}', }, when: { ref: ['refs/heads/main', 'refs/tags/**'], }, }, ], depends_on: [ 'build-package', 'build-container-amd64', 'build-container-arm64', 'build-container-arm', ], trigger: { ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], }, }; local PipelineNotifications = { kind: 'pipeline', name: 'notifications', platform: { os: 'linux', arch: 'amd64', }, steps: [ { image: 'plugins/manifest', name: 'manifest-dockerhub', settings: { ignore_missing: true, auto_tag: true, username: { from_secret: 'docker_username' }, password: { from_secret: 'docker_password' }, spec: 'docker/manifest.tmpl', }, when: { status: ['success'], }, }, { image: 'plugins/manifest', name: 'manifest-quay', settings: { ignore_missing: true, auto_tag: true, username: { from_secret: 'quay_username' }, password: { from_secret: 'quay_password' }, spec: 'docker/manifest-quay.tmpl', }, when: { status: ['success'], }, }, { name: 'pushrm-dockerhub', pull: 'always', image: 'chko/docker-pushrm:1', environment: { DOCKER_PASS: { from_secret: 'docker_password', }, DOCKER_USER: { from_secret: 'docker_username', }, PUSHRM_FILE: 'README.md', PUSHRM_SHORT: 'Keep docker hosts tidy', PUSHRM_TARGET: 'thegeeklab/${DRONE_REPO_NAME}', }, when: { status: ['success'], }, }, { name: 'pushrm-quay', pull: 'always', image: 'chko/docker-pushrm:1', environment: { APIKEY__QUAY_IO: { from_secret: 'quay_token', }, PUSHRM_FILE: 'README.md', PUSHRM_TARGET: 'quay.io/thegeeklab/${DRONE_REPO_NAME}', }, when: { status: ['success'], }, }, { name: 'matrix', image: 'plugins/matrix', settings: { homeserver: { from_secret: 'matrix_homeserver' }, roomid: { from_secret: 'matrix_roomid' }, template: 'Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}', username: { from_secret: 'matrix_username' }, password: { from_secret: 'matrix_password' }, }, when: { status: ['success', 'failure'], }, }, ], depends_on: [ 'docs', ], trigger: { ref: ['refs/heads/main', 'refs/tags/**'], status: ['success', 'failure'], }, }; [ PipelineLint, PipelineTest, PipelineSecurity, PipelineBuildPackage, PipelineBuildContainer(arch='amd64'), PipelineBuildContainer(arch='arm64'), PipelineBuildContainer(arch='arm'), PipelineDocs, PipelineNotifications, ]