--- kind: pipeline type: docker name: test steps: - name: test image: golang:1.20 pull: always environment: TESTS_DB_DSN: postgres://postgres:dcbot@database:5432/dcbot?sslmode=disable commands: - make generate - go test -race -coverprofile=coverage.txt -covermode=atomic ./... services: - name: database image: postgres:14.8 environment: POSTGRES_DB: dcbot POSTGRES_PASSWORD: dcbot trigger: event: - push - pull_request branch: - master --- kind: pipeline type: docker name: check-go-mod steps: - name: go.mod image: golang:1.20 pull: always commands: - make generate - go mod tidy - git diff --exit-code go.mod trigger: event: - push - pull_request branch: - master --- kind: pipeline type: docker name: golangci-lint steps: - name: golangci-lint image: golangci/golangci-lint:v1.53 pull: always commands: - make generate - golangci-lint run trigger: event: - push - pull_request branch: - master --- kind: pipeline type: docker name: govulncheck platform: os: linux arch: amd64 steps: - name: govulncheck image: golang:1.20 pull: always commands: - make generate - go install golang.org/x/vuln/cmd/govulncheck@latest - govulncheck ./... - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true subject: "[govulncheck - {{ build.status }}] {{ repo.owner }}/{{ repo.name }} ({{ build.branch }} - {{ truncate build.commit 8 }})" when: status: - success - failure trigger: event: - cron cron: - govulncheck --- kind: pipeline type: docker name: linux-amd64 platform: os: linux arch: amd64 steps: - name: publish image: plugins/docker settings: username: from_secret: docker_username password: from_secret: docker_password registry: gitea.dwysokinski.me repo: gitea.dwysokinski.me/twhelp-packages/dcbot auto_tag: true auto_tag_suffix: linux-amd64 dockerfile: ./build/docker/dcbot/prod/Dockerfile build_args_from_env: [DRONE_TAG] - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true when: status: - failure trigger: event: - tag --- kind: pipeline type: docker name: manifest steps: - name: manifest image: plugins/manifest settings: auto_tag: "true" ignore_missing: "true" spec: ./build/docker/dcbot/prod/manifest.tmpl username: from_secret: docker_username password: from_secret: docker_password - name: manifest-latest image: plugins/manifest settings: tags: latest ignore_missing: "true" spec: ./build/docker/dcbot/prod/manifest.tmpl username: from_secret: docker_username password: from_secret: docker_password - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true when: status: - failure trigger: event: - tag depends_on: - linux-amd64 --- kind: pipeline type: docker name: deploy steps: - name: deploy-k8s image: alpine/k8s:1.26.5 environment: KUBECONFIG: from_secret: kubeconfig commands: - "mkdir ~/.kube && echo \"$KUBECONFIG\" > ~/.kube/twhelp" - "cd ./k8s/overlays/prod && kustomize edit set image dcbot=gitea.dwysokinski.me/twhelp-packages/dcbot:${DRONE_TAG##v} && cd ../../.." - "kubectl --kubeconfig ~/.kube/twhelp -n twhelp delete jobs.batch twhelp-dcbot-migrations-job || true" - kustomize build ./k8s/overlays/prod | kubectl --kubeconfig ~/.kube/twhelp apply -n twhelp -f - - name: notify image: drillster/drone-email settings: from.address: from_secret: email_from from.name: Drone host: from_secret: email_host username: from_secret: email_username password: from_secret: email_password recipients: - notifications@dwysokinski.me recipients_only: true subject: "[deploy - {{ build.status }}] {{ repo.owner }}/{{ repo.name }} ({{ build.branch }} - {{ truncate build.commit 8 }})" when: status: - success - failure trigger: event: - tag depends_on: - manifest --- kind: signature hmac: 01aba435a557696da0d10b806003eae40e0a12cc444ffbe2cd7b4aa28784146d ...