--- kind: pipeline type: docker name: test steps: - name: test image: golang:1.20 pull: always environment: TESTS_DB_DSN: postgres://postgres:dcbot@database:5432/dcbot?sslmode=disable TESTS_REDIS_CONNECTION_STRING: redis://:@redis:6379/0 commands: - make generate - go test -race -coverprofile=coverage.txt -covermode=atomic ./... services: - name: database image: postgres:14.8 environment: POSTGRES_DB: dcbot POSTGRES_PASSWORD: dcbot - name: redis image: redis:7.0.12 trigger: event: - push - pull_request branch: - master --- kind: pipeline type: docker name: check-go-mod steps: - name: go.mod image: golang:1.20 pull: always commands: - make generate - go mod tidy - git diff --exit-code go.mod trigger: event: - push - pull_request branch: - master --- kind: pipeline type: docker name: migrations steps: - name: validate image: golang:1.20 pull: always commands: - make validate-migrations trigger: event: - push - pull_request branch: - master --- kind: pipeline type: docker name: translations steps: - name: validate image: golang:1.20 pull: always commands: - apt update && apt -y install jq - make validate-translations trigger: event: - push - pull_request branch: - master --- kind: pipeline type: docker name: golangci-lint steps: - name: golangci-lint image: golangci/golangci-lint:v1.53 pull: always commands: - make generate - golangci-lint run trigger: event: - push - pull_request branch: - master --- kind: pipeline type: docker name: govulncheck platform: os: linux arch: amd64 steps: - name: govulncheck image: golang:1.20 pull: always commands: - make generate - go install golang.org/x/vuln/cmd/govulncheck@latest - govulncheck ./... - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true subject: "[govulncheck - {{ build.status }}] {{ repo.owner }}/{{ repo.name }} ({{ build.branch }} - {{ truncate build.commit 8 }})" when: status: - success - failure trigger: event: - cron cron: - govulncheck --- kind: pipeline type: docker name: linux-amd64 platform: os: linux arch: amd64 steps: - name: publish image: plugins/docker settings: username: from_secret: docker_username password: from_secret: docker_password registry: gitea.dwysokinski.me repo: gitea.dwysokinski.me/twhelp-packages/dcbot auto_tag: true auto_tag_suffix: linux-amd64 dockerfile: ./build/docker/dcbot/prod/Dockerfile build_args_from_env: [DRONE_TAG] - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true when: status: - failure trigger: event: - tag --- kind: pipeline type: docker name: manifest steps: - name: manifest image: plugins/manifest settings: auto_tag: "true" ignore_missing: "true" spec: ./build/docker/dcbot/prod/manifest.tmpl username: from_secret: docker_username password: from_secret: docker_password - name: manifest-latest image: plugins/manifest settings: tags: latest ignore_missing: "true" spec: ./build/docker/dcbot/prod/manifest.tmpl username: from_secret: docker_username password: from_secret: docker_password - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true when: status: - failure trigger: event: - tag depends_on: - linux-amd64 --- kind: pipeline type: docker name: migrations-linux-amd64 platform: os: linux arch: amd64 steps: - name: publish image: plugins/docker settings: username: from_secret: docker_username password: from_secret: docker_password registry: gitea.dwysokinski.me repo: gitea.dwysokinski.me/twhelp-packages/dcbot-migrations auto_tag: true auto_tag_suffix: linux-amd64 dockerfile: ./build/docker/dcbot-migrations/Dockerfile - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true when: status: - failure trigger: event: - tag --- kind: pipeline type: docker name: migrations-manifest steps: - name: manifest image: plugins/manifest settings: auto_tag: "true" ignore_missing: "true" spec: ./build/docker/dcbot-migrations/manifest.tmpl username: from_secret: docker_username password: from_secret: docker_password - name: manifest-latest image: plugins/manifest settings: tags: latest ignore_missing: "true" spec: ./build/docker/dcbot-migrations/manifest.tmpl username: from_secret: docker_username password: from_secret: docker_password - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true when: status: - failure trigger: event: - tag depends_on: - migrations-linux-amd64 --- kind: pipeline type: docker name: deploy steps: - name: deploy-k8s image: alpine/k8s:1.26.5 environment: KUBECONFIG: from_secret: kubeconfig commands: - "mkdir ~/.kube && echo \"$KUBECONFIG\" > ~/.kube/twhelp" - "cd ./k8s/overlays/prod && kustomize edit set image dcbot=gitea.dwysokinski.me/twhelp-packages/dcbot:${DRONE_TAG##v} dcbot-migrations=gitea.dwysokinski.me/twhelp-packages/dcbot-migrations:${DRONE_TAG##v} && cd ../../.." - "kubectl --kubeconfig ~/.kube/twhelp -n twhelp delete jobs.batch twhelp-dcbot-migrations-job || true" - kustomize build ./k8s/overlays/prod | kubectl --kubeconfig ~/.kube/twhelp apply -n twhelp -f - - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true subject: "[deploy - {{ build.status }}] {{ repo.owner }}/{{ repo.name }} ({{ build.branch }} - {{ truncate build.commit 8 }})" when: status: - success - failure trigger: event: - tag depends_on: - manifest - migrations-manifest --- kind: signature hmac: ed0db55292798e0b63ba43ae50c749730c9a72423f6387b670e3fd7f68d2f5ad ...