kind: pipeline name: default type: docker steps: - name: load_secret image: debian:buster-slim volumes: - name: ssh path: /root/.ssh/ environment: SSH_KEY: from_secret: gitea_id_ed25519 commands: - mkdir -p $HOME/.ssh/ - echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519 - ls $HOME/.ssh/ - cat $HOME/.ssh/id_ed25519 - name: build image: kasperhermansen/cuddle:latest pull: always volumes: - name: ssh path: /root/.ssh/ - name: dockersock path: /var/run commands: - eval `ssh-agent` - chmod -R 600 ~/.ssh - ssh-add - cuddle x build_cuddle_image environment: DOCKER_BUILDKIT: 1 DOCKER_USERNAME: from_secret: docker_username DOCKER_PASSWORD: from_secret: docker_password CUDDLE_SECRETS_PROVIDER: 1password CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci" CUDDLE_SSH_AGENT: "true" OP_SERVICE_ACCOUNT_TOKEN: from_secret: op_service_account_token GIT_SSH_COMMAND: "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" depends_on: - "load_secret" services: - name: docker image: docker:dind privileged: true volumes: - name: dockersock path: /var/run volumes: - name: ssh temp: {} - name: dockersock temp: {}