mirror of
https://github.com/drone/drone-kaniko.git
synced 2026-06-04 10:14:54 +08:00
Abhijeet
1328 lines
58 KiB
YAML
1328 lines
58 KiB
YAML
pipeline:
|
|
identifier: dronekanikoharness
|
|
name: drone-kaniko-harness
|
|
projectIdentifier: Drone_Plugins
|
|
orgIdentifier: default
|
|
tags: {}
|
|
properties:
|
|
ci:
|
|
codebase:
|
|
connectorRef: GitHub_Drone_Org
|
|
repoName: drone-kaniko
|
|
build: <+input>
|
|
sparseCheckout: []
|
|
stages:
|
|
- parallel:
|
|
- stage:
|
|
name: linux-amd64
|
|
identifier: linuxamd64
|
|
description: ""
|
|
type: CI
|
|
spec:
|
|
cloneCodebase: true
|
|
caching:
|
|
enabled: false
|
|
paths: []
|
|
platform:
|
|
os: Linux
|
|
arch: Amd64
|
|
runtime:
|
|
type: Cloud
|
|
spec: {}
|
|
execution:
|
|
steps:
|
|
- step:
|
|
type: Run
|
|
name: Build Binary
|
|
identifier: Build
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: golang:1.25.7
|
|
shell: Sh
|
|
command: |-
|
|
go test ./...
|
|
sh scripts/build.sh
|
|
- parallel:
|
|
- step:
|
|
type: Plugin
|
|
name: BuildAndPushDockerTag
|
|
identifier: BuildAndPushDockerTag
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/docker
|
|
settings:
|
|
username: drone
|
|
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
|
|
repo: plugins/kaniko<+matrix.image>
|
|
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.amd64
|
|
auto_tag: "true"
|
|
auto_tag_suffix: linux-amd64
|
|
daemon_off: "false"
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
- "-acr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: ""
|
|
repo: acr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: acr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: acr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
- image: "-ecr"
|
|
repo: acr
|
|
- image: "-acr"
|
|
repo: docker
|
|
- image: "-acr"
|
|
repo: gcr
|
|
- image: "-acr"
|
|
repo: gar
|
|
- image: "-acr"
|
|
repo: ecr
|
|
nodeName: _<+matrix.repo>
|
|
- step:
|
|
type: Plugin
|
|
name: BuildAndPushDockerTag_Kaniko
|
|
identifier: BuildAndPushDockerTag_Kaniko
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/docker
|
|
settings:
|
|
username: drone
|
|
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
|
|
repo: plugins/kaniko<+matrix.image>
|
|
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.amd64.kaniko1.9.1
|
|
auto_tag: "true"
|
|
auto_tag_suffix: linux-amd64-kaniko1.9.1
|
|
daemon_off: "false"
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
nodeName: <+matrix.repo>
|
|
- parallel:
|
|
- step:
|
|
type: BuildAndPushDockerRegistry
|
|
name: BuildAndPushDockerBranch
|
|
identifier: BuildAndPushDockerBranch
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
repo: plugins/kaniko<+matrix.image>
|
|
tags:
|
|
- linux-amd64
|
|
caching: false
|
|
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.amd64
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
- "-acr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: ""
|
|
repo: acr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: acr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: acr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
- image: "-ecr"
|
|
repo: acr
|
|
- image: "-acr"
|
|
repo: docker
|
|
- image: "-acr"
|
|
repo: gcr
|
|
- image: "-acr"
|
|
repo: gar
|
|
- image: "-acr"
|
|
repo: ecr
|
|
nodeName: <+matrix.repo>
|
|
- step:
|
|
type: BuildAndPushDockerRegistry
|
|
name: BuildAndPushDockerBranch_Kaniko
|
|
identifier: BuildAndPushDockerBranch_Kaniko
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
repo: plugins/kaniko<+matrix.image>
|
|
tags:
|
|
- linux-amd64-kaniko1.9.1
|
|
caching: false
|
|
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.amd64.kaniko1.9.1
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
nodeName: _<+matrix.repo>
|
|
when:
|
|
pipelineStatus: Success
|
|
- stage:
|
|
name: linux-arm64
|
|
identifier: linuxarm64
|
|
description: ""
|
|
type: CI
|
|
spec:
|
|
cloneCodebase: true
|
|
caching:
|
|
enabled: false
|
|
paths: []
|
|
platform:
|
|
os: Linux
|
|
arch: Arm64
|
|
runtime:
|
|
type: Cloud
|
|
spec: {}
|
|
execution:
|
|
steps:
|
|
- step:
|
|
type: Run
|
|
name: Build Binary
|
|
identifier: Build_and_Test
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: golang:1.25.7
|
|
shell: Sh
|
|
command: |-
|
|
go test ./...
|
|
sh scripts/build.sh
|
|
- parallel:
|
|
- step:
|
|
type: Plugin
|
|
name: BuildAndPushDockerTag
|
|
identifier: BuildAndPushDockerTag
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/docker
|
|
settings:
|
|
username: drone
|
|
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
|
|
repo: plugins/kaniko<+matrix.image>
|
|
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.arm64
|
|
auto_tag: "true"
|
|
auto_tag_suffix: linux-arm64
|
|
daemon_off: "false"
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
- "-acr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: ""
|
|
repo: acr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: acr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: acr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
- image: "-ecr"
|
|
repo: acr
|
|
- image: "-acr"
|
|
repo: docker
|
|
- image: "-acr"
|
|
repo: gcr
|
|
- image: "-acr"
|
|
repo: gar
|
|
- image: "-acr"
|
|
repo: ecr
|
|
nodeName: _<+matrix.repo>
|
|
- step:
|
|
type: Plugin
|
|
name: BuildAndPushDockerTag_Kaniko
|
|
identifier: BuildAndPushDockerTag_Kaniko
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/docker
|
|
settings:
|
|
username: drone
|
|
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
|
|
repo: plugins/kaniko<+matrix.image>
|
|
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.arm64.kaniko1.9.1
|
|
auto_tag: "true"
|
|
auto_tag_suffix: linux-arm64-kaniko1.9.1
|
|
daemon_off: "false"
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
nodeName: _<+matrix.repo>
|
|
- parallel:
|
|
- step:
|
|
type: BuildAndPushDockerRegistry
|
|
name: BuildAndPushDockerBranch
|
|
identifier: BuildAndPushDockerBranch
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
repo: plugins/kaniko<+matrix.image>
|
|
tags:
|
|
- linux-arm64
|
|
caching: false
|
|
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.arm64
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
- "-acr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: ""
|
|
repo: acr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: acr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: acr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
- image: "-ecr"
|
|
repo: acr
|
|
- image: "-acr"
|
|
repo: docker
|
|
- image: "-acr"
|
|
repo: gcr
|
|
- image: "-acr"
|
|
repo: gar
|
|
- image: "-acr"
|
|
repo: ecr
|
|
nodeName: <+matrix.repo>
|
|
- step:
|
|
type: BuildAndPushDockerRegistry
|
|
name: BuildAndPushDockerBranch_Kaniko
|
|
identifier: BuildAndPushDockerBranch_Kaniko
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
repo: plugins/kaniko<+matrix.image>
|
|
tags:
|
|
- linux-arm64-kaniko1.9.1
|
|
caching: false
|
|
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.arm64.kaniko1.9.1
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
nodeName: _<+matrix.repo>
|
|
when:
|
|
pipelineStatus: Success
|
|
- stage:
|
|
name: rf-linux-amd64
|
|
identifier: rf_linuxamd64
|
|
description: RapidFort hardened kaniko images - amd64
|
|
type: CI
|
|
spec:
|
|
cloneCodebase: true
|
|
caching:
|
|
enabled: false
|
|
paths: []
|
|
platform:
|
|
os: Linux
|
|
arch: Amd64
|
|
runtime:
|
|
type: Cloud
|
|
spec: {}
|
|
execution:
|
|
steps:
|
|
- step:
|
|
type: GitClone
|
|
name: Clone RF Dockerfiles
|
|
identifier: clone_rf
|
|
spec:
|
|
connectorRef: RapidFortPlugins
|
|
build:
|
|
type: branch
|
|
spec:
|
|
branch: main
|
|
cloneDirectory: rf-plugins
|
|
- step:
|
|
type: Run
|
|
name: Build Binary
|
|
identifier: build_binary
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: golang:1.25.7
|
|
shell: Sh
|
|
command: |-
|
|
go test ./...
|
|
sh scripts/build.sh
|
|
- parallel:
|
|
- step:
|
|
type: Plugin
|
|
name: RF Build and Push on Tag
|
|
identifier: rf_docker_build_push_tag
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/docker
|
|
settings:
|
|
username: <+secrets.getValue("harnesssecureusername")>
|
|
password: <+secrets.getValue("dockerHarnessSecurePwd")>
|
|
repo: harnesssecure/kaniko<+matrix.image>
|
|
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.amd64.rf
|
|
auto_tag: "true"
|
|
auto_tag_suffix: linux-amd64
|
|
base_image_username: <+secrets.getValue("harness0HARUsername")>
|
|
base_image_password: <+secrets.getValue("harness0HARPAT")>
|
|
base_image_registry: harness0.harness.io/oci/docker_artifacts
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
- "-acr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: ""
|
|
repo: acr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: acr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: acr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
- image: "-ecr"
|
|
repo: acr
|
|
- image: "-acr"
|
|
repo: docker
|
|
- image: "-acr"
|
|
repo: gcr
|
|
- image: "-acr"
|
|
repo: gar
|
|
- image: "-acr"
|
|
repo: ecr
|
|
nodeName: rf_<+matrix.repo>
|
|
- step:
|
|
type: Plugin
|
|
name: RF Build and Push on Tag Kaniko191
|
|
identifier: rf_docker_build_push_tag_191
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/docker
|
|
settings:
|
|
username: <+secrets.getValue("harnesssecureusername")>
|
|
password: <+secrets.getValue("dockerHarnessSecurePwd")>
|
|
repo: harnesssecure/kaniko<+matrix.image>
|
|
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.amd64.kaniko1.9.1
|
|
auto_tag: "true"
|
|
auto_tag_suffix: linux-amd64-kaniko1.9.1
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
nodeName: rf_191_<+matrix.repo>
|
|
- parallel:
|
|
- step:
|
|
type: BuildAndPushDockerRegistry
|
|
name: RF Build and Push on Branch
|
|
identifier: rf_build_push_branch
|
|
spec:
|
|
connectorRef: harnesssecure
|
|
repo: harnesssecure/kaniko<+matrix.image>
|
|
tags:
|
|
- linux-amd64
|
|
caching: false
|
|
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.amd64.rf
|
|
envVariables:
|
|
PLUGIN_BASE_IMAGE_USERNAME: <+secrets.getValue("harness0HARUsername")>
|
|
PLUGIN_BASE_IMAGE_PASSWORD: <+secrets.getValue("harness0HARPAT")>
|
|
PLUGIN_BASE_IMAGE_REGISTRY: harness0.harness.io/oci/docker_artifacts
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
- "-acr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: ""
|
|
repo: acr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: acr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: acr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
- image: "-ecr"
|
|
repo: acr
|
|
- image: "-acr"
|
|
repo: docker
|
|
- image: "-acr"
|
|
repo: gcr
|
|
- image: "-acr"
|
|
repo: gar
|
|
- image: "-acr"
|
|
repo: ecr
|
|
nodeName: rf_<+matrix.repo>
|
|
- step:
|
|
type: BuildAndPushDockerRegistry
|
|
name: RF Build and Push on Branch Kaniko191
|
|
identifier: rf_build_push_branch_191
|
|
spec:
|
|
connectorRef: harnesssecure
|
|
repo: harnesssecure/kaniko<+matrix.image>
|
|
tags:
|
|
- linux-amd64-kaniko1.9.1
|
|
caching: false
|
|
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.amd64.kaniko1.9.1
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
nodeName: rf_191_<+matrix.repo>
|
|
variables:
|
|
- name: CI_ENABLE_BARE_METAL
|
|
type: String
|
|
description: ""
|
|
required: false
|
|
value: "false"
|
|
- stage:
|
|
name: rf-linux-arm64
|
|
identifier: rf_linuxarm64
|
|
description: RapidFort hardened kaniko images - arm64
|
|
type: CI
|
|
spec:
|
|
cloneCodebase: true
|
|
caching:
|
|
enabled: false
|
|
paths: []
|
|
platform:
|
|
os: Linux
|
|
arch: Arm64
|
|
runtime:
|
|
type: Cloud
|
|
spec: {}
|
|
execution:
|
|
steps:
|
|
- step:
|
|
type: GitClone
|
|
name: Clone RF Dockerfiles
|
|
identifier: clone_rf
|
|
spec:
|
|
connectorRef: RapidFortPlugins
|
|
build:
|
|
type: branch
|
|
spec:
|
|
branch: main
|
|
cloneDirectory: rf-plugins
|
|
- step:
|
|
type: Run
|
|
name: Build Binary
|
|
identifier: build_binary
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: golang:1.25.7
|
|
shell: Sh
|
|
command: |-
|
|
go test ./...
|
|
sh scripts/build.sh
|
|
- parallel:
|
|
- step:
|
|
type: Plugin
|
|
name: RF Build and Push on Tag
|
|
identifier: rf_docker_build_push_tag
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/docker
|
|
settings:
|
|
username: <+secrets.getValue("harnesssecureusername")>
|
|
password: <+secrets.getValue("dockerHarnessSecurePwd")>
|
|
repo: harnesssecure/kaniko<+matrix.image>
|
|
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.arm64.rf
|
|
auto_tag: "true"
|
|
auto_tag_suffix: linux-arm64
|
|
base_image_username: <+secrets.getValue("harness0HARUsername")>
|
|
base_image_password: <+secrets.getValue("harness0HARPAT")>
|
|
base_image_registry: harness0.harness.io/oci/docker_artifacts
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
- "-acr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: ""
|
|
repo: acr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: acr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: acr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
- image: "-ecr"
|
|
repo: acr
|
|
- image: "-acr"
|
|
repo: docker
|
|
- image: "-acr"
|
|
repo: gcr
|
|
- image: "-acr"
|
|
repo: gar
|
|
- image: "-acr"
|
|
repo: ecr
|
|
nodeName: rf_<+matrix.repo>
|
|
- step:
|
|
type: Plugin
|
|
name: RF Build and Push on Tag Kaniko191
|
|
identifier: rf_docker_build_push_tag_191
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/docker
|
|
settings:
|
|
username: <+secrets.getValue("harnesssecureusername")>
|
|
password: <+secrets.getValue("dockerHarnessSecurePwd")>
|
|
repo: harnesssecure/kaniko<+matrix.image>
|
|
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.arm64.kaniko1.9.1
|
|
auto_tag: "true"
|
|
auto_tag_suffix: linux-arm64-kaniko1.9.1
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
nodeName: rf_191_<+matrix.repo>
|
|
- parallel:
|
|
- step:
|
|
type: BuildAndPushDockerRegistry
|
|
name: RF Build and Push on Branch
|
|
identifier: rf_build_push_branch
|
|
spec:
|
|
connectorRef: harnesssecure
|
|
repo: harnesssecure/kaniko<+matrix.image>
|
|
tags:
|
|
- linux-arm64
|
|
caching: false
|
|
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.arm64.rf
|
|
envVariables:
|
|
PLUGIN_BASE_IMAGE_USERNAME: <+secrets.getValue("harness0HARUsername")>
|
|
PLUGIN_BASE_IMAGE_PASSWORD: <+secrets.getValue("harness0HARPAT")>
|
|
PLUGIN_BASE_IMAGE_REGISTRY: harness0.harness.io/oci/docker_artifacts
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
- "-acr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: ""
|
|
repo: acr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: acr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: acr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
- image: "-ecr"
|
|
repo: acr
|
|
- image: "-acr"
|
|
repo: docker
|
|
- image: "-acr"
|
|
repo: gcr
|
|
- image: "-acr"
|
|
repo: gar
|
|
- image: "-acr"
|
|
repo: ecr
|
|
nodeName: rf_<+matrix.repo>
|
|
- step:
|
|
type: BuildAndPushDockerRegistry
|
|
name: RF Build and Push on Branch Kaniko191
|
|
identifier: rf_build_push_branch_191
|
|
spec:
|
|
connectorRef: harnesssecure
|
|
repo: harnesssecure/kaniko<+matrix.image>
|
|
tags:
|
|
- linux-arm64-kaniko1.9.1
|
|
caching: false
|
|
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.arm64.kaniko1.9.1
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch"
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- ""
|
|
- "-gcr"
|
|
- "-gar"
|
|
- "-ecr"
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
exclude:
|
|
- image: ""
|
|
repo: gcr
|
|
- image: ""
|
|
repo: gar
|
|
- image: ""
|
|
repo: ecr
|
|
- image: "-gcr"
|
|
repo: docker
|
|
- image: "-gcr"
|
|
repo: gar
|
|
- image: "-gcr"
|
|
repo: ecr
|
|
- image: "-gar"
|
|
repo: docker
|
|
- image: "-gar"
|
|
repo: gcr
|
|
- image: "-gar"
|
|
repo: ecr
|
|
- image: "-ecr"
|
|
repo: docker
|
|
- image: "-ecr"
|
|
repo: gcr
|
|
- image: "-ecr"
|
|
repo: gar
|
|
nodeName: rf_191_<+matrix.repo>
|
|
variables:
|
|
- name: CI_ENABLE_BARE_METAL
|
|
type: String
|
|
description: ""
|
|
required: false
|
|
value: "false"
|
|
- stage:
|
|
name: Manifest and Release
|
|
identifier: Manifest
|
|
description: ""
|
|
type: CI
|
|
spec:
|
|
cloneCodebase: true
|
|
caching:
|
|
enabled: false
|
|
paths: []
|
|
platform:
|
|
os: Linux
|
|
arch: Amd64
|
|
runtime:
|
|
type: Cloud
|
|
spec: {}
|
|
execution:
|
|
steps:
|
|
- step:
|
|
type: GitClone
|
|
name: Clone RF Manifest Templates
|
|
identifier: clone_rf_manifest
|
|
spec:
|
|
connectorRef: RapidFortPlugins
|
|
build:
|
|
type: branch
|
|
spec:
|
|
branch: main
|
|
cloneDirectory: rf-plugins
|
|
contextType: Pipeline
|
|
- parallel:
|
|
- step:
|
|
type: Plugin
|
|
name: Manifest
|
|
identifier: Manifest
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/manifest
|
|
settings:
|
|
auto_tag: "true"
|
|
spec: docker/<+matrix.repo>/manifest.tmpl
|
|
username: drone
|
|
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
|
|
ignore_missing: "true"
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch" || <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
nodeName: manifest_<+matrix.repo>
|
|
- step:
|
|
type: Plugin
|
|
name: Manifest_kaniko191
|
|
identifier: Manifest_kaniko
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/manifest
|
|
settings:
|
|
auto_tag: "false"
|
|
spec: docker/<+matrix.repo>/manifest-kaniko1.9.1.tmpl
|
|
username: drone
|
|
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
|
|
ignore_missing: "true"
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "branch" || <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
nodeName: manifest_<+matrix.repo>
|
|
- step:
|
|
type: Plugin
|
|
name: RF Manifest
|
|
identifier: rf_manifest
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/manifest
|
|
settings:
|
|
username: <+secrets.getValue("harnesssecureusername")>
|
|
password: <+secrets.getValue("dockerHarnessSecurePwd")>
|
|
auto_tag: "true"
|
|
ignore_missing: "true"
|
|
spec: rf-plugins/drone-kaniko/docker/<+matrix.repo>/manifest.tmpl
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
- acr
|
|
nodeName: rf_manifest_<+matrix.repo>
|
|
- step:
|
|
type: Plugin
|
|
name: RF Manifest Kaniko191
|
|
identifier: rf_manifest_191
|
|
spec:
|
|
connectorRef: Plugins_Docker_Hub_Connector
|
|
image: plugins/manifest
|
|
settings:
|
|
username: <+secrets.getValue("harnesssecureusername")>
|
|
password: <+secrets.getValue("dockerHarnessSecurePwd")>
|
|
auto_tag: "false"
|
|
ignore_missing: "true"
|
|
spec: rf-plugins/drone-kaniko/docker/<+matrix.repo>/manifest-kaniko1.9.1.tmpl
|
|
when:
|
|
stageStatus: Success
|
|
condition: <+codebase.build.type> == "tag"
|
|
strategy:
|
|
matrix:
|
|
repo:
|
|
- docker
|
|
- gcr
|
|
- gar
|
|
- ecr
|
|
nodeName: rf_manifest_191_<+matrix.repo>
|
|
when:
|
|
pipelineStatus: Success
|
|
allowStageExecutions: true
|