kind: pipeline
type: kubernetes
name: default

steps:
- name: check for Hardcoded Credentials
  image: plugins/gitleaks

- name: woke check
  image: getwoke/woke
  commands:
  - woke

- name: build
  image: node
  commands:
  - npm install typescript
  - npx tsc

- name: build docker file and publish
  image: plugins/docker
  settings:
    repo: git.cluster.stumblestore.de/llamprecht/knilch-web
    #auto_tag: true
    tags: ${DRONE_BRANCH}-${DRONE_COMMIT} 
    registry: git.cluster.stumblestore.de
    username: llamprecht
    password:
      from_secret: docker_password

- name: update latest containerimage
  image: plugins/docker
  settings:
    repo: git.cluster.stumblestore.de/llamprecht/knilch-web
    #auto_tag: true
    tags: latest
    registry: git.cluster.stumblestore.de
    username: llamprecht
    password:
      from_secret: docker_password
  when:
    branch:
    - main

- name: deploy-deployment
  image: danielgormly/drone-plugin-kube
  settings:
    template: kube/deployment.yaml
    namespace: knilch-web
    server: 
      from_secret: KUBE_SERVER
    token:
      from_secret: KUBE_TOKEN
    ca:
      from_secret: KUBE_CA
  when:
    branch:
    - main

- name: deploy-service
  image: danielgormly/drone-plugin-kube
  settings:
    template: kube/service.yaml
    namespace: knilch-web
    server: 
      from_secret: KUBE_SERVER
    token:
      from_secret: KUBE_TOKEN
    ca:
      from_secret: KUBE_CA
  when:
    branch:
    - main