when: - event: [ push, tag, cron, manual ] evaluate: 'LATEST_TAG == ""' variables: - &image_name 'quay.krd.sh/krd/rngpotd' - &ext_image_name 'docker.io/rockdrilla/rngpotd' - &buildah_image 'quay.krd.sh/quay_io/containers/buildah:v1.37.3' - &skopeo_image 'quay.krd.sh/quay_io/containers/skopeo:v1.16.1' - &go_image 'quay.krd.sh/golang:1.23.2-bookworm' - &base_image 'quay.krd.sh/gcr_io/distroless/static-debian12:nonroot' ## value list depends on base image ## ref: https://github.com/GoogleContainerTools/distroless#debian-12 - &target_platforms 'linux/amd64,linux/arm,linux/arm64,linux/ppc64le,linux/s390x' ## NB: ${variable} expressions are subject to pre-processing. ## ref: https://woodpecker-ci.org/docs/usage/environment steps: - name: verify-registry-credentials image: *skopeo_image environment: GOMAXPROCS: "4" MALLOC_ARENA_MAX: "4" secrets: [ REGISTRY_AUTH ] commands: - .ci/registry-login.sh quay.krd.sh docker.io - name: build-all image: *go_image environment: GOPROXY: "${GOPROXY},direct" GOSUMDB: "${GOSUMDB}" GOPRIVATE: "${GOPRIVATE}" GOMAXPROCS: "4" MALLOC_ARENA_MAX: "4" ## TARGET_PLATFORMS: *target_platforms ## these secrets are server-wide commands: - .ci/build-all.sh - name: image-all image: *buildah_image privileged: true environment: GOMAXPROCS: "4" MALLOC_ARENA_MAX: "4" ## BUILDAH_FORMAT: "docker" TARGET_PLATFORMS: *target_platforms BASE_IMAGE: *base_image IMAGE_NAME: *image_name commands: - .ci/image-all.sh - name: image-sync image: *skopeo_image environment: GOMAXPROCS: "4" MALLOC_ARENA_MAX: "4" ## IMAGE_NAME: *image_name EXT_IMAGE_NAME: *ext_image_name commands: - .ci/sync-all.sh ## personal tweaks :) labels: network: dmz