cuddle/.drone.yml
kjuulh c7fdd4fe17
Some checks failed
continuous-integration/drone/push Build is failing
feat: with updated permissions
Signed-off-by: kjuulh <contact@kjuulh.io>
2023-07-27 15:26:26 +02:00

61 lines
1.2 KiB
YAML

kind: pipeline
name: default
type: docker
steps:
- name: load_secret
image: debian:buster-slim
volumes:
- name: ssh
path: /root/.ssh/
environment:
SSH_KEY:
from_secret: gitea_id_ed25519
commands:
- mkdir -p $HOME/.ssh/
- echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519
- ls $HOME/.ssh/
- cat $HOME/.ssh/id_ed25519
- name: build
image: kasperhermansen/cuddle:latest
pull: always
volumes:
- name: ssh
path: /root/.ssh/
- name: dockersock
path: /var/run
commands:
- eval `ssh-agent`
- chmod -r 600 ~/.ssh
- ssh-add
- cuddle x build_cuddle_image
environment:
DOCKER_BUILDKIT: 1
DOCKER_USERNAME:
from_secret: docker_username
DOCKER_PASSWORD:
from_secret: docker_password
CUDDLE_SECRETS_PROVIDER: 1password
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
CUDDLE_SSH_AGENT: "true"
OP_SERVICE_ACCOUNT_TOKEN:
from_secret: op_service_account_token
depends_on:
- "load_secret"
services:
- name: docker
image: docker:dind
privileged: true
volumes:
- name: dockersock
path: /var/run
volumes:
- name: ssh
temp: {}
- name: dockersock
temp: {}