ci: use kaniko, registry host from secret, remove hardcoded values

2026-04-17 00:38:21 +02:00 · 2026-04-17 00:38:21 +02:00 · b97cc789fa
commit b97cc789fa
parent 4435025421
1 changed files with 37 additions and 22 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -29,21 +29,28 @@ matrix:
    - cron
 steps:
-  - name: login-and-push
+  - name: build-and-push
-    image: registry.nxtgauge.com/docker:28-cli
+    image: woodpeckerci/plugin-kaniko:2.1.1
-    environment:
+    settings:
-      REGISTRY_HOSTPORT:
+      registry:
        from_secret: REGISTRY_HOSTPORT
-      REGISTRY_USERNAME:
+      repo: nxtgauge-rust-${SERVICE}
      dockerfile: Dockerfile.simple
      build_args:
        - SERVICE_NAME=${SERVICE}
      tags:
        - ${CI_COMMIT_SHA}
        - latest
        - high-performance-latest
      username:
        from_secret: REGISTRY_USERNAME
-      REGISTRY_PASSWORD:
+      password:
        from_secret: REGISTRY_PASSWORD
-      SERVICE_NAME:
+      insecure: true
-        from_secret: SERVICE_NAME
+      insecure_pull: true
-    commands:
+      skip_tls_verify: true
-      - echo "${REGISTRY_PASSWORD}" | docker login "${REGISTRY_HOSTPORT}" -u "${REGISTRY_USERNAME}" --password-stdin
+      platforms: linux/amd64
-      - docker build -t "${REGISTRY_HOSTPORT}/nxtgauge-rust-${SERVICE}" --build-arg SERVICE_NAME=${SERVICE} -f Dockerfile.simple .
+      cache: false
      - docker push "${REGISTRY_HOSTPORT}/nxtgauge-rust-${SERVICE}"
 ---
 when:
@ -51,16 +58,24 @@ when:
  event: push
 steps:
-  - name: login-and-push-migrate
+  - name: build-and-push-migrate
-    image: registry.nxtgauge.com/docker:28-cli
+    image: woodpeckerci/plugin-kaniko:2.1.1
-    environment:
+    settings:
-      REGISTRY_HOSTPORT:
+      registry:
        from_secret: REGISTRY_HOSTPORT
-      REGISTRY_USERNAME:
+      repo: nxtgauge-db-migrate
      dockerfile: Dockerfile.migrate
      context: .
      tags:
        - ${CI_COMMIT_SHA}
        - latest
        - high-performance-latest
      username:
        from_secret: REGISTRY_USERNAME
-      REGISTRY_PASSWORD:
+      password:
        from_secret: REGISTRY_PASSWORD
-    commands:
+      insecure: true
-      - echo "${REGISTRY_PASSWORD}" | docker login "${REGISTRY_HOSTPORT}" -u "${REGISTRY_USERNAME}" --password-stdin
+      insecure_pull: true
-      - docker build -t "${REGISTRY_HOSTPORT}/nxtgauge-db-migrate" -f Dockerfile.migrate .
+      skip_tls_verify: true
-      - docker push "${REGISTRY_HOSTPORT}/nxtgauge-db-migrate"
+      platforms: linux/amd64
      cache: false